1 to 25 of 37 Incident Response Jobs in Central London

Senior Incident Response Manager (SOC) London/WFH to £120k Do you have expertise in the field of Incident Response, Cyber Security Operations or Digital Forensics? You could be progressing your career in a senior, hands-on leadership role at the Investment Management … global bank. As a Senior Incident Response Manager you will continuously develop a high performance technical response team and lead the Incident Response efforts, overseeing the end-to-end incident response lifecycle, from detection and containment to eradication, recovery and post incident ...

build, manage and mature our cybersecurity posture. This is a key role that is accountable for our 24X7x365 global security operations center, improving our incident detection, incident response and incident management capabilities, and ensuring we have the appropriate people, processes and technologies to detect, prevent … continuously strengthening Apex Group’s cyber defence capabilities across all regions and entities. This role provides strategic direction and operational oversight for threat detection, incident response, security monitoring, and cyber resilience, ensuring Apex can proactively predict, prevent, detect, respond to, recover and Govern from cyber threats\risks ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

user environments. The role You will work closely with security, infrastructure, and architecture teams to design and improve secure technology environments, support incident response, and help drive a security-by-design approach across the wider estate. This role will suit someone with strong experience across Microsoft Sentinel & M365 … user environments Hands-on work with Microsoft Sentinel, M365 Defender , Defender for Cloud, Entra ID, and Conditional Access Supporting the SOC with incident response, vulnerability remediation and escalation Automating repeatable security tasks and improving operational efficiency Supporting compliance requirements, including PCI-DSS Acting as a senior point ...

trusted voice in ensuring controls are practical, risk‐aligned and built to meet regulatory expectations. If you’re passionate about threat detection, incident response and building modern security capabilities, this role puts you at the heart of a growing cyber function with the scope to make a real … impact. What You’ll Be Doing Enhancing and operating core security capabilities including SIEM, MDR, security monitoring, and threat detection tooling Supporting Security Incident Response (SIR) activities, including triage, investigation, containment, and recovery Contributing to DFIR workflows and helping mature incident playbooks and response processes Working ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

strong security posture across mission‐critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities Lead investigations into escalated security incidents, assessing attack vectors, scope … business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium‐ and high‐severity incident response activities, producing detailed investigation documentation. Tune and optimise detection content ...

strong security posture across mission-critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities of the Security Operations Shift Lead Lead investigations into escalated … security incidents, assessing attack vectors, scope, and business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium- and high-severity incident response activities, producing detailed ...

built for you.We’re hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening … Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments (including AD hardening tools ) Essential Experience (Must Haves) Candidates must have: Security Engineering & Hardening IAM, PIM/PAM , identity lifecycle ...

Disaster Recovery (DR) frameworks Technology resilience planning across infrastructure, cloud, networks, applications, and data Organisation-wide Business Continuity Plan ownership and governance Major incident and crisis response coordination DR and continuity testing — scenario, tabletop, live and technology-led Cyber-resilience integration with security and incident response … Operational Resilience, Business Continuity, Disaster Recovery or Technology Risk Strong awareness of IT architecture, cloud services, infrastructure, and tech-led recovery processes Confidence leading incident response and crisis coordination Experience with resilience exercises, DR walkthroughs, failover testing, and scenario simulations Ability to work cross-functionally with Technology, Cyber ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber ...

transit ◦ Implement logging, monitoring, alerting and security event visibility ◦ Design systems with attack, failure and misuse scenarios in mind ◦ Support cloud-level incident response and post-incident reviews ◦ Help ensure the platform meets expectations for a trading and regulated environment Reliability, DR & Resilience ◦ Design, implement and test … trading or other security-sensitive environments ◦ Experience with containerised and event-driven systems ◦ Experience inheriting, hardening or cleaning up existing cloud environments ◦ Familiarity with incident response and DR testing in cloud platforms Working Style ◦ Proactive and self-directed ◦ Detail-oriented and disciplined ◦ Strong communicator who values documentation ...

tools across NOC and SOC environments Gather and analyse information from a wide range of security and infrastructure tools Handle operational tickets, escalations, and incident support across 1st and 2nd line activity Develop and improve NOC and SOC procedures and support operational best practice Work closely with Security Analysts … wider teams on threat mitigation and incident response Support and train monitoring engineers within live operations environments Key Requirements Previous experience in a Network Security Engineer , Security Operations , Technical Assurance , or similar role Strong background in networking , with a solid understanding of secure network design and operations Hands ...

experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls (Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 6+ years ...

analysis and event investigation Work with data to identify unusual or suspicious behaviour Assist with the development and tuning of detection rules Support incident response and troubleshooting activities Collaborate with teams across security, infrastructure, and engineering Continuously learn and develop technical and security knowledge Required Skills & Experience ...

Partner with Infrastructure and DevOps teams to embed security into platforms, automation, and operational processes Drive improvements in monitoring, detection, vulnerability management, and threat response Skills & Experience Proven experience in a Senior or Lead Security Engineering role, ideally within financial services, trading, or other high-availability environments Strong hands … knowledge across: Network security (firewalls, segmentation, VPNs, secure connectivity) Cloud security, particularly Microsoft Azure Cyber security controls, threat detection, and incident response Experience advising on or leading security tooling selection and roadmap decisions Ability to operate at both technical and strategic levels, influencing stakeholders and shaping security direction ...

teams and articulating technical issues to non-technical stakeholders. · Strong analytical, organisational, and communication skills. · ITIL Foundation (at a minimum); experience with ITIL principles, incident/problem/change management, and reporting frameworks. · Resilient under pressure and adept at prioritisation. · Familiarity with ITSM tooling. · Eligibility for or existing … experience · Operational delivery in cybersecurity sub-sector · Confidence in uncomfortable and unexpected verbal and in-person communications with clients. · Experience working with security monitoring, incident response, SOC, SIEM/XDR solutions. · Experience using PowerBI What You’ll Bring · A client-first mindset with a commitment to operational excellence. ...

maintenance of our CrowdStrike Falcon platform. SIEM Mastery: Collaborate with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models. Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows … improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. Your Profile We are seeking a candidate who brings at least 5+ years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role. ...

subject matter expert on cybersecurity practices and emerging threats. Key Engagement Delivery Responsibilities: Develop and execute strategies to enhance the customer’s prevention, detection, response, and recovery measures. Lead and mentor a team of cybersecurity professionals, fostering a culture of continuous improvement and innovation. Conduct assessments and vulnerability analyses … identify and address potential threats and weaknesses. Collaborate with stakeholders to design and implement incident response and business continuity plans. Evaluate customer’s emerging threats and cybersecurity trends to adapt strategies and technologies. Validate that recommendations and deliverables meet compliance and regulatory expectations and industry standards and prepare ...

high-quality onboarding, knowledge-sharing practices and continuous improvement of engineering processes Establish and maintain engineering reporting frameworks, including DORA metrics, technical debt visibility, incident trends and key operational insights, enabling data-driven decision making across engineering. Manage engineering budgets, commercial relationships and vendor performance measures Support … metrics, including delivery predictability, throughput, product quality and platform stability, ensuring SLAs and KPIs are consistently met and reported Drive operational reliability, resilience testing, incident response and platform performance optimisation Ensure regulatory obligations (FCA, DORA, Consumer Duty, data privacy) are fully supported by engineering and operational controls Background ...

CircleCI) 🔄 Operate and optimise Kubernetes environments (EKS primarily, GKE exposure a bonus) ☸️ Build and manage Infrastructure as Code using Terraform 🏗️ Champion reliability engineering: observability 👀, incident response 🚨, performance & cost optimisation 💡, and security best practices 🔐 Drive automation across environments and collaborate with cross-functional teams 🤝 ✅ What You’ll Bring Strong ...

4. Platform Engineering & Operations Build and operate a cloud platform engineering model that abstracts complexity from application teams Own day-to-day operational reliability , incident response, and root cause remediation for cloud platforms 5. Team Build & Technical Leadership Build, scale, and lead a dedicated Capital Markets Cloud Engineering ...

place, this is a completely greenfield SOC buildout, where you will work alongside the Head of SecOps to shape their SOC monitoring, detection and response function. Key Responsibilities: Act as a lead and technical escalation point on the most complex incidents and investigations. Proactively look for opportunities to automate … capabilities. Utilise various internal and external Threat Intelligence feeds to execute proactive threat hunting campaigns. Mentor and train junior team members through complex incident response investigations. Key Requirements: Significant experience working in a SOC environment (5+ Years), responding to and containing the most high-profile, escalated incidents. Comprehensive ...