1 to 25 of 30 Incident Response Jobs in Central London

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

driving continuous improvement across a large, complex environment. The Role As an IT Security Analyst, you will support all aspects of security operations, incident response, vulnerability management, governance activities, and the development of secure processes across the organisation. You’ll monitor and investigate alerts, analyse threats, lead security … defending large-scale environments from emerging threats. Key Responsibilities Investigate and analyse security events, correlating data and identifying root causes. Perform deep-dive incident analysis using logs, threat intel and IoCs. Conduct proactive and reactive threat hunting. Execute vulnerability assessments and support remediation activities. Carry out risk analysis, identifying ...

posture through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools … perform root cause analysis. Collaborate with IT and security teams to remediate vulnerabilities. Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge ...

client is seeking a SOC Analyst to join a security operations team in London. The role is focused on real-time monitoring, investigation, and incident response across a modern enterprise security environment. Key Responsibilities Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint … Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce clear incident documentation, reports, and recommendations for continuous improvement. Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows. Required ...

built for you.We’re hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening … Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments (including AD hardening tools ) Essential Experience (Must Haves) Candidates must have: Security Engineering & Hardening IAM, PIM/PAM , identity lifecycle ...

CloudFormation. Embed security checks into GitHub CI/CD pipelines for continuous compliance. Develop automated remediation workflows for security findings. Monitoring & Incident Response: Implement monitoring and alerting for security events using AWS native tools and SIEM integrations. Support incident response and root cause analysis for security ...

protect the firm's data and Technology infrastructure. * VPN Administration - Administer and maintain Virtual Private Networks (VPN) to ensure secure remote access for employees. * Incident Response - Investigate and resolve potential security issues, participate in incident response initiatives, and respond to security-related alerts promptly. * Vulnerability Management ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working Active Security Clearance is Needed A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management ...

technical environments. Stay current with emerging threats, regulatory changes, and industry best practices in risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications/Skills Required Demonstrated ...

. Proficient in Azure Monitor, Log Analytics, Application Insights, cost management and optimisation, resource tagging strategies, and maintaining platform availability through proactive monitoring and incident response. Infrastructure as Code (Terraform) - Strong working knowledge of Terraform for provisioning and managing Azure infrastructure including writing and maintaining Terraform modules for Azure … high availability architectures using Availability Zones, Azure Load Balancer, Azure Application Gateway, VM Scale Sets, and conducting DR tests to ensure business continuity. Collaboration & Incident Response - Strong team player with experience working across DevOps, infrastructure, security, and development teams. Skilled in incident management and managing status dashboards ...

generate actionable reports. Develop and deliver regular vulnerability reporting, metrics, and dashboards for management and technical teams via Tenable and Defender. Collaborate with incident response teams using CrowdStrike and Microsoft Defender to correlate vulnerability data with threat intelligence and active security incidents. Maintain up-to-date knowledge ...

e.g., Palo Alto, Fortinet, Cisco). Design and manage enterprise backup and recovery solutions (e.g., Veeam, Commvault, Rubrik). Deploy and operate Endpoint Detection & Response (EDR) solutions (e.g., CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne). Deploy and operate Cloud Detection & Response (CDR) platforms (e.g., Palo Alto Prisma … . Develop and implement Business Continuity and Disaster Recovery (BC/DR) plans. Contribute to the delivery of Managed IT Services, including monitoring, patching, incident response, and ongoing environment optimisation. Emerging Technologies Evaluate automation, workflow tools, and AI-driven operational platforms. Identify opportunities for analytics, modern data tooling ...

role As Cyber Defence Lead, you’ll be accountable for defining how security operations work in practice — from detection and investigation through to response, recovery, and continuous improvement. You’ll set standards, introduce structure, and ensure the capability is measurable, repeatable, and ready to stand up to regulatory scrutiny. … responsibilities Define and evolve the cyber defence operating model , covering detection, investigation, response, and escalation Build and mature operational playbooks, workflows, and runbooks to improve consistency and speed of response Shape the use of SIEM, SOAR, EDR, and threat intelligence to improve signal quality and reduce manual effort ...

enterprise messaging infrastructure built on Solace PubSub+, ensuring high availability, optimal performance, and reliability across production and non-production environments. This includes working on incident response, capacity planning, WAN optimization, and system observability using tools like Prometheus and Grafana . Key Responsibilities: Administer and maintain Solace PubSub+ appliances ...

secure identities and access through Microsoft Entra ID. Core responsibilities will include threat management, proactive hunting for vulnerabilities, data protection, security posture management, and incident response. All of these will be based on collaborating with other teams to maintain and improve the organization's overall security posture. Key responsibilities … secure user experience. Act as a subject matter expert for the core components of the Defender XDR suite. Manage endpoint protection, detection, and response across our device fleet. Protect against email-based threats, including phishing, malicious attachments, and compromised links. Monitor on-premises Active Directory signals to identify ...

comprehensive post-release validation, ensuring software functions correctly following deployments. Participate in release management processes and uphold best practices following Agile methodologies. Be the Incident coordinator for operational incidents on the core engineering production platform. This includes all technical internal communications, ensuring processes are followed and all post-incident … efficiently in ambiguous environments. Excellent documentation and knowledge-sharing skills, coupled with a passion for continuous improvement in documentation strategies and tooling. Experience with incident response protocols and comfort navigating high-pressure situations. Proficiency with development workflows and tools (JIRA, Confluence, GitHub, Scrum methodologies). Strong written ...

integrate reliability and performance into the software lifecycle. Managing and evolving CI/CD pipelines to ensure smooth deployments and rollbacks. Contributing to incident response , post-mortems, and reliability improvements. Championing SRE principles such as error budgets, SLIs/SLOs, and automation-first thinking. What We’re Looking ...

engage with their finances, and operates in a highly regulated environment. This is a hands-on role with broad responsibility across monitoring, detection, response and remediation of cyber risks. You’ll work closely with engineering, cloud, risk and compliance teams, as well as an externally managed SOC, to continuously … vulnerabilities to resolution and reduce operational risks using commercial (CrowdStrike) and open source technologies (Trivy) Manage security tooling and automation to improve detection and response Maintain a security risk register and track issues through to resolution Support security certifications, audits and external assessments Maintain and enhance security policies, documentation ...

Manage and optimise Microsoft Defender across Endpoint, Identity, Cloud Apps, Office 365, and Cloud Security Posture Management. Monitor alerts and conduct threat investigations. Support incident response with containment and remediation. Conduct proactive threat hunting. Platform administration and governance Configure policy baselines and protection profiles. Maintain governance and compliance … Security teams. Provide security insights to projects. Produce reporting for stakeholders. Identify automation and workflow enhancements. Essential Skills Strong experience with Microsoft Defender platforms. Incident investigation skills across endpoint, identity, and cloud. Understanding of Microsoft 365, Azure, and Zero Trust. Skilled in ASR rules, AV baselines, and KQL analytics. ...

cybersecurity solutions tailored to client requirements. Deliver consultative workshops, including posture assessments and gap analyses. Provide guidance during cyber incidents and contribute to incident response planning. Prepare detailed technical documentation to support security improvements. Deliver technical enablement sessions to empower internal teams and stakeholders. Act as a trusted ...

friction and accelerate development velocity. Monitor system reliability, performance, and security across environments. Implement robust observability tools including logs, metrics, traces, and alerts. Lead incident response, root-cause analysis, and long-term remediation. Ensure security best practices are embedded across infrastructure and pipelines. Collaborate closely with the wider ...

data pipelines. Excellent communication and stakeholder engagement skills across technical and non-technical audiences. Experience designing resilient pipelines with monitoring, logging, error handling, and incident response considerations. Desirable Familiarity with AI Foundry, Copilot, or similar AI-assisted engineering tools. Experience implementing data governance, cataloguing, lineage, and security best ...

environment, and who is confident working with BC/OR technology, data, and tooling. Key Responsibilities Lead business continuity and operational resilience planning and response across the firm, ensuring critical services, processes, and dependencies are identified and protected. Own the firm's BC/OR technology stack, including: Overseeing … reviews, risk assessments, and business impact analyses (BIAs) to ensure frameworks remain aligned to the firm's strategy, risk profile, and regulatory expectations. Oversee incident management, business continuity, and technology recovery planning, using specialist third-party tools to coordinate response, capture actions, and monitor recovery. Deliver and monitor ...

observability and performance monitoring using Dynatrace. You will have: Demonstrable experience delivering cloud migration, optimisation, or transformation projects Experience with Terraform or Ansible Drive incident response and root cause analysis using Dynatrace data Must have active SC Clearance - this is non-negotiable Hays Specialist Recruitment Limited acts ...

Provide independent governance oversight (separate from IT Ops) About You Strong experience with ISO 27001 (Annex 8), CE+, and risk management Background in audits, incident response, and governance documentation Confident working with Compliance, IT, and external partners Able to own initiatives and work independently Pragmatic, collaborative, and business ...