1 to 25 of 39 Incident Response Jobs in Central London

Cyber Security Consultant (Cyber Incident Response Manager) - Inside IR35 - Remote with occasional travel to London or Gloucester - 3 Months initial contract with potential to extend. We're supporting a major, ZERO CARBON energy organisation at the forefront of building a secure and resilient energy future in the appointment … Cyber Incident Response Manager. This is a high-impact role focused on evolving and optimising an already established cyber incident management capability. You'll take ownership of the strategy, maturity, and continuous improvement of the organisation's incident response and crisis management function-ensuring ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

security and privacy risk across the firm’s technology environment. Working with third party service providers, it ensures the effective operation of threat detection, incident response, data protection controls, and operational workflows supporting UK GDPR compliance. This is a hands‐on technical role requiring strong analytical skills, attention … security event identification via the third-party security operations service. Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations. Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. Contribute to threat hunting activities using KQL queries and intelligence-led techniques. Maintain ...

strong security posture across mission-critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities of the Security Operations Shift Lead Lead investigations into escalated … security incidents, assessing attack vectors, scope, and business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium- and high-severity incident response activities, producing detailed ...

Governance, Risk, and Compliance (GRC). Working closely with our CTO, you will play a pivotal role in protecting our infrastructure, leading incident responses, and embedding security best practices across our entire product suite. The Role As our Senior Security Analyst, you will own the evolution of our security …/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response for internal and client-facing systems. SIEM/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate ...

Security and Splunk SOAR. You will play a critical role in ensuring these platforms are stable, scalable, and effectively supporting detection engineering, automation, and incident response functions across the SOC. Key Responsibilities Configure, maintain, and optimise SIEM and SOAR platforms, specifically Splunk ES and Splunk SOAR Design … integrations between SIEM/SOAR and wider security tooling (EDR, vulnerability management, IAM, etc.) Develop, enhance, and maintain SOAR playbooks to automate investigation and response workflows Support onboarding of log sources into SIEM, ensuring accurate parsing and normalisation Optimise search performance, data pipelines, and platform efficiency Troubleshoot issues across ...

Cyber Security team, including managing the budget for people, tools and capital projects. You’ll oversee business‐as‐usual security activity, from incident response and vulnerability management through to security engineering improvements and protecting the Council’s supply chain. You’ll also be a visible advocate for good … Borough Emergency Control Centre activation, taking part in the emergency rota, and coordinating responses with the Executive Team, the Security Operations Centre and cyber incident response partners. Qualifications You bring a strong, practical understanding of cyber security and how it supports real business outcomes. You’ve worked with ...

Major Incident Manager (SaaS/Cloud) London/Staines | Hybrid | £62,000 | 12-month PAYE contract If you’ve handled P1 incidents, major outages, or high-pressure bridge calls , this is the kind of role where that experience actually counts. You’ll be leading critical incident response … onsite in Staines (easy commute from central London) Strong work-life balance (no expectation beyond core hours) What you’ll be doing Lead major incident (P1) response end-to-end Run incident bridges and coordinate technical teams Act as the central point of control during outages Communicate ...

mitigation activities Oversee security architecture to ensure alignment with wider technology strategy Drive continuous improvement through security assessments, testing, and reporting Ensure effective incident detection, response, and recovery capabilities Lead vulnerability management and remediation across all technology environments Oversee third‐party security testing, including penetration testing and phishing … delivering cyber security strategies Strong understanding of security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud and hybrid security environments Ability to communicate complex technical ...

experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls (Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft ...

evolving threat landscape. Key Responsibilities Operate and optimise security and vulnerability management platforms, including liaison with external SOC providers (SIX Group). Lead incident response, ensuring documentation and reporting aligns with DORA timelines; participate in on-call rotation. Proactively assess and mitigate emerging risks, including AI-driven threats. ...

that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with an MSP SOC to maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives … titles for this role include Threat Detection Engineer, SOC Engineer, Cyber Security Engineer, Detection Engineer, Security Operations Engineer, Blue Team Engineer, SIEM Engineer, Incident Response Engineer, Threat Hunter, Security Analyst, and Detection & Response Engineer. Ready to build next-generation threat detection and protect life-changing data? Apply ...

that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with an MSP SOC to maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives … Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer, Detection & Response Engineer, SIEM Engineer, Security Detection Engineer,T hreat Hunting Engineer, Security Automation Engineer, SOC Engineer, Incident Response Engineer, Cloud Security Engineer, Network Security ...

modern engineering and traditional ITSM/ITIL practices Establish SLIs, SLOs, and Error Budgets Shape observability strategies using metrics, logs, and traces Design incident response models and post-incident learning loops Reduce toil through automation and engineering excellence Deliver SRE capability assessments and roadmaps … Looking For Extensive experience in SRE, cloud operations, or DevOps Proven consulting or advisory background Experience with AWS, Azure, or GCP Strong observability and incident management expertise Ability to obtain UK SC clearance Modis International Ltd acts as an employment agency for permanent recruitment and an employment business ...

technical knowledge transfer sessions and support capability uplift across the wider team. Participate in occasional out-of-hours support activities for priority changes or incident response. Technical Skills & Experience - Network & Security Technologies - The ideal candidate will demonstrate experience across as many of the following technologies as possible: Enterprise-grade ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 6+ years ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years ...

Support application and infrastructure deployments Work with CI/CD pipelines to ensure smooth and consistent releases Monitor systems using dashboards and alerts Support incident response and help troubleshoot issues Requirements: Basic understanding of cloud platforms (AWS, Azure, or GCP) Familiarity with Linux systems and networking basics Familiarity ...

with infrastructure, development, and support teams to ensure messaging reliability, scalability, and performance across mission critical systems. You'll play a key role in incident response, monitoring, capacity planning, WAN optimisation, and automation while helping maintain a highly available messaging platform supporting real-time trading and financial applications. ...

maintenance of our CrowdStrike Falcon platform. SIEM Mastery: Collaborate with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models. Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows … improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. Your Profile We are seeking a candidate who brings at least 5+ years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role. ...

with Azure infrastructure and services. Cyber Security Apply security best practices across infrastructure and systems. Support vulnerability management, patching, and system hardening. Assist in incident response and remediation activities. Ensure compliance with IT security policies and standards. General IT Provide 2nd/3rd line support ...

Responsibilities: Lead and deliver cyber resilience transformation programmes, owning end‐to‐end engagement delivery (scope, quality, timeline, budget) and ensuring outcomes measurably improve preparedness, response, and recovery. Design, run, and continuously enhance cyber crisis simulations and tabletop exercises for executives and operational teams—ensuring scenarios reflect the current threat … intelligence and emerging attacker tactics into practical resilience improvements—linking likely threats to business impact, critical dependencies, and control or capability gaps. Integrate cyber response and recovery into wider enterprise resilience plans, including business continuity, IT disaster recovery, operational resilience, third‐party resilience, and enterprise risk management—ensuring cyber ...

observability through effective monitoring and operational controls Collaborate with cross-functional teams spanning platform engineering, infrastructure, and application delivery Support daily operational activities, including incident response, troubleshooting, and routine maintenance Produce and maintain comprehensive operational documentation, including runbooks and support procedures Skills & Experience Essential Demonstrable hands-on experience ...