1 to 25 of 29 Incident Response Jobs in Central London

systems, Manage relationships and work closely with third-party cyber security service providers. Manage and optimize security tools, including endpoint protection, Microsoft Intune, Entra, Azure, and external detection and response tools. Conduct vulnerability assessments and coordinate patch management cycles. Collaborate with infrastructure and support teams to ensure secure configurations of networks, endpoints, applications, and services. Collaborate with non-technical … end-users on implementing best practices and organize training sessions. Lead or support investigations into security breaches and provide detailed incident reports. Develop and enforce security policies, procedures, and best practices. Provide cybersecurity awareness training and guidance to end users and internal teams. Participate in audits and ensure guidelines from industry standards (ISO 27001, NIST, SOC 2) are followed … internally and best practices regularly reviewed. Proactively assess recovery capabilities, with the aim of minimizing business impact in case of incidents. Plan and rehearse incident response procedures with wider IT and support team. Advise senior management on operational risks. Mentor and lead junior members of the team. Occasional on-call support for critical incidents. Requirements Proven experience in More ❯

key role in deploying Microsoft security solutions and supporting client audits, assessments, and vulnerability remediation efforts. Responsibilities include: Delivering Microsoft security technologies including Defender XDR, Sentinel, and Endpoint Detection & Response Supporting Cyber Essentials and Cyber Essentials Plus audits and assessments Acting as an escalation point for cyber incidents, security alerts, and engineering tasks Conducting vulnerability remediation and assessments (infrastructure … tools (e.g., Mimecast, Egress) Understanding of Azure Firewall and Defender for Cloud/Cloud Apps Experience conducting offensive security/web application assessments Strong understanding of threat detection and incident response Certifications (any of the following highly desirable): SC-200: Microsoft Certified - Security Operations Analyst Associate SC-300: Microsoft Certified - Identity and Access Administrator Associate AZ-500: Microsoft More ❯

ISO 27001, and Cyber Essentials audits - including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM - including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes environments, ensuring scalable and secure architecture - Work closely … CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor’s degree in Cybersecurity, Computer Science … roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption More ❯

deep expertise in Cyber Security Operations Centre (SOC) practices. This role is ideal for someone with a strong ability to analyse and enhance SOC effectiveness, from threat detection to incident response, and provide clear and appropriate advice and guidance. Key Responsibilities of the SecOps Consultant Collaborate with clients to improve SOC operations, particularly around threat detection, and IR. … configuration, and integration based on operational needs. Monitor emerging threats and trends, advising stakeholders on potential impacts and mitigation strategies. Deploy, configure, and manage security tools to optimize detection, response, and reporting functions. Skills & Knowledge Solid understanding of SOC best practices, incident response, and regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Hands-on experience with security More ❯

and Cyber Security divisions will have a significant impact on the resources of other teams in cyber. The GRC team especially need to assure the remediation activity conducted in response to findings. Technical/job functional knowledge Awareness and working knowledge of control frameworks based on industry standard methodologies such as NIST, COBIT, and ISO27001. Awareness of key regulatory … LSEG operating centres – UK, Europe, US & Asia Cyber security qualification e.g. CISMP/Apprenticeship (desirable) Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security. IT and … Security Analyst jobs in City Of London, England, United Kingdom . London, England, United Kingdom 1 day ago Gerrards Cross, England, United Kingdom 1 week ago Cyber Security Analyst, Incident Response London, England, United Kingdom 1 week ago London, England, United Kingdom 2 days ago Security Analyst, Security Operations and Incident Response London, England, United Kingdom More ❯

with the cybersecurity team to integrate DLP measures with broader security initiatives. Your responsibilities: Monitor DLP Systems – Oversee and manage DLP alerts to prevent unauthorized data access and leakage. Incident Analysis – Investigate DLP security incidents, provide reports, and recommend corrective actions. Policy Implementation & Maintenance – Assist in deploying and updating DLP policies, configurations, and security controls. User Support & Training – Provide … security measures and infrastructure. Your Profile Essential skills/knowledge/experience: DLP Technologies Expertise – Hands-on experience with Microsoft Purview DLP, Symantec DLP, Forcepoint DLP, or similar solutions. Incident Response & Troubleshooting – Ability to investigate security alerts, analyze logs, and resolve issues efficiently. Regulatory Compliance Knowledge – Understanding of GDPR, ISO 27001, and other industry standards related to data … Due to the high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion. Join us and do more of what matters. Apply online now. More ❯

top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was More ❯

SecOps) - Leeds/Remote - 12 Months Initial - Inside IR35 We are seeking a skilled SOAR Engineer/Analyst responsible for designing, developing, implementing, and maintaining automation playbooks to improve incident response efficiency within the Security Operations Centre utilizing Google SecOps Role Overview: Job Title: SOAR Engineer/Analyst (Google SecOps) Location: Leeds/Remote Contract Type: Contract Duration …/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python, PowerShell, or Bash. Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE ATT&CK. Strong problem-solving, critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g. More ❯

robust security across their infrastructure. Key responsibilities include managing WAF/DDoS, security gateways, SIEM/SOAR/EDR, firewalls, MFA/SSO, MDM/MAM, vulnerability scans, and incident response. Key Responsibilities: Manage WAF/DDoS, web/email security gateways, SIEM/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans More ❯

evolve security controls, policies, and standards Ensure compliance with GDPR, CIS18, PCI DSS, and ISO27001 Lead on third-party audits and provide documentation and evidence Support cybersecurity programmes and incident response planning Provide GRC advisory to senior leadership and cross-functional teams Promote a culture of risk awareness through training and communication Monitor changes in regulation and adapt More ❯

Strong understanding of regulatory frameworks (FCPA, GDPR, SOX, UK Bribery Act, etc.); Experience with digital forensics, e discovery tools, and data analytics in investigations; Familiarity with cybersecurity risks and incident response processes; Strong analytical and problem solving skills, with attention to detail; Excellent communication and report writing abilities; High level of integrity, discretion, and ability to handle confidential More ❯

Senior SOC & Incident Response Engineer DGH Recruitment are currently recruiting on behalf of a leading client in the Professional Services industry who require a Senior SOC & Incident Response Engineer to join the firm in London. This candidate will develop and integrate an Incident Response (IR)/SOC security infrastructure to monitor the Firm's … on prem and cloud environments. Responsibilities: * Drive and improve continuous monitoring and incident response, serving as a senior resource in our SOC and Incident Response processes. * Configure and integrate platforms, tools, service providers, and solutions into our IR/SOC systems, make recommendations as needed. * Ensure integration of input from the Firm's deployed suite of … SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA, DNS Security, and cloud security posture management. * Ensure the Firms Incident Response and security monitoring systems adhere to security best practices and baselines to ensure a secure configuration of platforms and resources. Required Skills: * 8+ years of hands-on More ❯

and external audits and maintaining information security policies and associated document set. - Support on the confidentiality, integrity and availability aspects of the Firm's and client data. - Sustain the Incident Response plans including exercising and training. - Provide information security risk assessments to ensure compliance with the Firm's policies with critical and high risk third parties. - Review and More ❯

required operating model to support the solution post-delivery. • Identify and document all user journeys associated with the management of customer access.• Ensure all user journeys, monitoring, alerting, and incident response workflows are tested and operational prior to go live of the new SOC service.• Establish governance processes, services level agreements, and reporting expectations for the CIAM service. More ❯

Onboard and configure critical log sources (e.g. AD, firewalls, cloud, servers). Build and enhance threat detection use cases and monitoring controls. Monitor systems for suspicious activity and support incident response efforts. Lead proactive threat hunting and refine detection playbooks. Provide security advisory and support tool evaluations and POCs. If you are interested in the Security Engineer role More ❯

capability development and maturity across the organisation. Essential Skills & Experience 5 10 years of hands-on experience in cyber security operations. A deep functional understanding of cyber threat detection, incident response, SOC operations, risk management, etc. Demonstrated involvement in procurement and commercial activities from within the cyber function such as defining technical requirements, evaluating suppliers, or working with More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

support team to drive continuous improvement in service delivery quality. Provide professional insights into AC/DC charging technologies , including fault diagnosis and issue analysis. Lead maintenance process optimization, incident response mechanisms, and standardization of service workflows. Act as a coordination and technical interface in major service issues, ensuring efficient problem resolution for customers. Service Operations Support Support … the development and optimization of preventive maintenance, troubleshooting, and spare parts management processes. Monitor and promote the execution of Service Level Agreements (SLAs) to improve response times and customer satisfaction. Work with customer success, sales teams, and third-party service providers to ensure consistent service delivery. Responsible for the selection, onboarding, and management of service partners , ensuring their competence … requirements and coordinate resources to ensure efficient closure of technical and service issues. Remote Monitoring & Fault Management Collaboration Coordinate with remote monitoring teams to enhance proactive alerting and issue response mechanisms. Support the application and advancement of remote diagnostics and predictive maintenance capabilities. Qualifications & Requirements Education & Experience Bachelor's degree or above in Electrical Engineering, Mechanical Engineering, or a More ❯

code reviews, sprint planning, and technical discussions. Identify performance bottlenecks and optimize application performance. Contribute to documentation and knowledge sharing within the team. Support production systems and participate in incident response as needed. Required Skills & Experience: 3–5 years of professional Java development experience. Solid understanding of core Java (Java 8+), object-oriented principles, and design patterns. Experience More ❯

physical infrastructure of the GNOC, including space, power, cooling, and network connectivity. Security Implementation: Ensuring the security of the GNOC infrastructure and data, including access controls, intrusion detection, and incident response. Automation & Orchestration: Implementing automation and orchestration solutions to streamline operations, improve efficiency, and reduce manual effort. Performance Optimization: Monitoring and optimizing the performance of the GNOC infrastructure and … network services. Incident Management: Developing and implementing incident management processes for the GNOC, ensuring timely and effective resolution of network issues. Documentation & Standards: Creating and maintaining documentation for the GNOC architecture, procedures, and standards. Collaboration: Working closely with other IT teams, including security, systems, and applications, to ensure seamless integration and support. Skills and Expertise: Expertise in Network … Technologies including a deep understanding of networking concepts, protocols, and technologies, including routing, switching, firewalls, VPNs, and WAN technologies. Incident Management: Experience with incident management frameworks (e.g., ITIL) and incident response processes. Communication & Collaboration: Excellent communication and interpersonal skills to collaborate effectively with various teams and stakeholders. More ❯

Senior ServiceNow Developer (SecOps/IRM) 6 months Remote Inside IR35 - Umbrella only Responsibilities: Development and Customization: Configure, customize, and maintain ServiceNow SecOps and IRM modules. Incident Management: Develop and manage incident response processes, ensuring timely resolution of security incidents. Integration: Integrate ServiceNow SecOps with common SIEM tools (e.g., Splunk, Qualys) and external systems via REST APIs. … Process Automation: Implement automation workflows to streamline security operations, such as incident triage and response. Collaboration: Work with team members, customers, and external vendors to identify, prioritize, and respond to threats against the enterprise. Documentation & Compliance: Maintain comprehensive documentation of configurations, processes, and compliance-related reporting. Training & Support: Provide training and support to end-users and stakeholders on ServiceNow More ❯

infrastructure deployments. Optimize and manage security configurations including IAM policies, network access controls, and encryption protocols . Proactively monitor and respond to security incidents using AWS-native detection and response services. Conduct periodic security assessments, audits, and reviews to align with best practices and regulatory standards. Collaborate with internal stakeholders, including engineering and operations teams, to integrate security into … cloud-native development workflows. Produce detailed documentation and reports related to threat detection, incident response, and mitigation efforts. Provide mentorship, technical leadership, and establish best practices for cloud security implementation. Work closely with external partners or clients to understand their security needs and design tailored cloud protection strategies. More ❯

clients. Collaborate with development, networks, ops and product teams on strategic IT initiatives. Assist with planning, management and resource allocation of inter-departmental projects alongside the PM team. Oversee incident management, root cause analysis, and rapid resolution of system outages or performance degradation. Ensure compliance of procedures such as change management, patch management and security and audit processes. Assist … in the maintenance of these procedures. Support regular security audits and penetration tests, addressing findings and oversee any remediation work. Improve system monitoring, alerting, documentation, operating procedures and incident response processes. Manage, mentor, plan and coordinate the activities of both teams. Required Skills/Experience Ideally 7+ years Linux system administration experience with at least 3 years in … and rollback strategies. Proficiency in managing bare-metal servers, virtualization platforms such as VMware, containerised systems as well as familiarity with hybrid cloud environments and DevOPS practices. Familiarity with incident/problem management and change control workflows a plus. Previous experience with low latency systems or financial experience desirable. Excellent verbal and written communication skills, with the ability to More ❯

clients. Collaborate with development, networks, ops and product teams on strategic IT initiatives. Assist with planning, management and resource allocation of inter-departmental projects alongside the PM team. Oversee incident management, root cause analysis, and rapid resolution of system outages or performance degradation. Ensure compliance of procedures such as change management, patch management and security and audit processes. Assist … in the maintenance of these procedures. Support regular security audits and penetration tests, addressing findings and oversee any remediation work. Improve system monitoring, alerting, documentation, operating procedures and incident response processes. Manage, mentor, plan and coordinate the activities of both teams. Required Skills/Experience Ideally 7+ years Linux system administration experience with at least 3 years in … and rollback strategies. Proficiency in managing bare-metal servers, virtualization platforms such as VMware, containerised systems as well as familiarity with hybrid cloud environments and DevOPS practices. Familiarity with incident/problem management and change control workflows a plus. Previous experience with low latency systems or financial experience desirable. Excellent verbal and written communication skills, with the ability to More ❯

in line with our Mid-Market technology roadmap. The Role Technology & Systems Management Oversee the ongoing maintenance and development of Mid-Market business applications and platforms. Lead fault resolution, incident response, and ensure timely ticket management. Ensure compliance with security policies and lead on risk remediation activities. Manage cloud development, architecture, and system integrations. Coordinate licensing, certificates, and More ❯