1 to 25 of 37 Incident Response Jobs in Central London

Incident Response Analyst – London (Hybrid) – Excellent Permanent Package – Financial Services We are looking for a skilled Incident Response Analyst to join our Security Operations team. This role focuses on responding to cyber security incidents while supporting proactive threat intelligence efforts. You will play a key part … posture through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools ...

Cyber Incident Response Manager is needed for a high-impact contract where cyber security isnt just talked about its actively evolving. Youll step into a critical role helping a financially regulated environment strengthen how it detects, responds to, and manages cyber threats. This is a hands-on leadership … frameworks, and operational governance A role where operational improvements you deliver will have immediate impact What youll be getting stuck into as a Cyber Incident Response Manager Leading day-to-day security operations while helping shape the SOC roadmap Overseeing cyber incident response, detection monitoring, triage ...

interface between customer stakeholders and a global Security Operations Centre, ensuring the smooth delivery of 24/7 security monitoring and incident response services. This is a senior leadership role responsible for overseeing SOC operations, coordinating offshore analysts, improving detection and response capabilities, and ensuring strong governance … daily SOC operations supporting a global 24×7 security monitoring capability Guide SOC analysts (L1–L3) and threat hunters to ensure efficient investigation and response Monitor operational performance and ensure adherence to SLAs and response timelines Drive continuous improvement across SOC processes, procedures, and workflows Incident Response ...

modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into the Head … SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation - and will play ...

build integrated, automated security workflows that support modern security operations. Key Responsibilities Define and own the ServiceNow SecOps architecture across modules including Security Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence, and Configuration Compliance . Design and deliver integrations between ServiceNow and cybersecurity tools such as SIEM … SOAR, EDR platforms, threat intelligence feeds, and CMDB. Collaborate with cybersecurity, IT operations, and engineering teams to design secure workflows for incident response, vulnerability management, and risk mitigation . Lead platform strategy and define the roadmap for ServiceNow SecOps capabilities across the organisation. Ensure solutions are scalable, secure ...

built for you.We’re hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening … Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments (including AD hardening tools ) Essential Experience (Must Haves) Candidates must have: Security Engineering & Hardening IAM, PIM/PAM , identity lifecycle ...

Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience … leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks ...

primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across the Security Operations … stakeholders and the offshore SOC to ensure efficient handling of alerts, incidents, and operational requests. Oversee daily SOC operations, ensuring security monitoring, investigations, and response activities are delivered in line with agreed SLAs. Lead incident management for high-severity security events, coordinating across IT, infrastructure, and business teams. ...

client environments and act as a trusted security advisor. What you’ll be doing: Designing and implementing security solutions (firewalls, endpoint, cloud security) Leading incident response and remediation activities Conducting vulnerability assessments & penetration testing Implementing security monitoring, reporting & best practices Advising clients on Cyber Essentials, CE+, GDPR … similar environment Firewall experience (Palo Alto, Fortinet) EDR/endpoint protection (Microsoft Defender, Sophos, Bitdefender) Network & cloud security knowledge (Azure, AWS, VPNs, VLANs, DNS) Incident response & vulnerability management experience Cyber Essentials/CE+ knowledge or certification Confident communicator, comfortable in client-facing scenarios What’s on offer: Hybrid ...

automation tools, backend services, and interactive features that improve visibility into system health, trade flows, latency, and performance - helping reduce operational risk and accelerate incident response in fast‐paced trading environments. Key Responsibilities Develop Python automation tools and wrappers for upstream applications Build test harnesses to reduce manual … Global Markets teams on cross‐asset initiatives Support real‐time monitoring of trade flows, latency, and system health Implement automation that improves response times and platform stability Skills & Experience Required Solid Python development, automation & tooling experience Strong Linux (debugging, scripting) React or Python UI tooling (Click library) MongoDB ...

trust. The Opportunity Acting as an experienced privacy advisor (working under the supervision of qualified privacy counsel), you’ll support global privacy operations across incident response, regulatory engagement, product development, and privacy‐by‐design initiatives. Key to this role is a background in tech, agile, consumer facing roles … have experience in GDPR compliance and regulatory inquiries. What You’ll Be Doing Incident Response Manage low–medium risk personal data breaches and support investigations into more complex cases Coordinate cross‐functional tasks, gather facts, draft assessments and regulatory materials Maintain breach logs, investigative records, and track follow ...

versioning, contracts, and backward compatibility. Advance operational excellence by defining SLOs, improving observability and alerting, hardening on-call procedures and runbooks, and leading incident response and post-mortems. Solve complex distributed system challenges (such as throughput, latency, consistency, and data modeling) with pragmatic decision-making and balanced tradeoffs. … design, and event-driven systems, as well as experience with containerization and orchestration (Docker, Kubernetes). Strong operational mindset: expert in observability, monitoring, incident response, performance engineering, and adherence to security best practices. Familiarity with CI/CD pipelines, automated testing strategies (unit, integration, e2e), and modern DevOps ...

security. The Role Support penetration testing and offensive security activities, including red teaming, breach and attack simulation (BAS), and bug bounty engagements. Assist with incident response and participate in the on-call rota for major incidents. Contribute to red/blue team exercises, threat hunting, SIEM rule tuning ...

Automate detection, triage, and remediation of infrastructure and application vulnerabilities. Developer Enablement: Provide reusable templates and tooling to help teams deploy quickly and securely. Incident Response: Contribute to operational and security incident handling to minimize downtime and risk. What You Bring: Strong experience designing, managing, and securing ...

Kubernetes security Experience operating within compliance-driven environments (ISO 27001, SOC 2, NIST) Experience building policy-as-code or automated guardrails Exposure to incident response and threat detection engineering Responsibilities for DevSecOps Engineer: Take ownership of improving cloud security posture, including AWS Security Hub uplift, IAM optimisation … code controls Support vulnerability triage, prioritisation, and structured remediation tracking Collaborate closely with engineering teams to resolve findings pragmatically Enhance logging, alerting, and incident readiness across the platform What this offers: Working for an industry-leading AI software company at the forefront of innovation A genuinely hands-on DevSecOps ...

automation tools. Monitoring, Observability & Reliability: • Implement comprehensive monitoring, logging, and alerting systems (Prometheus, Grafana, CloudWatch, Datadog, Sentry) to ensure system reliability and rapid incident response. • Establish SLOs/SLIs and implement observability best practices to maintain high availability and performance. • Lead incident response, root cause analysis ...

improving the environment(s) essentially working to strengthen the IT security position and your BAU work will focus on Disaster Recovery and Security Incident Response during major incidents. Core responsibilities will include: Design, management and enhancement of Security Solutions within VMWare vSphere and related SAN infrastructure environments Operational … SimpliVity, Cisco HyperFlex or Nutanix **DESIRABLE** Understanding of infrastructure security protocols PIM/PAM, PKI etc Experience and understanding of Cyber Security monitoring and response (infrastructure) Excellent communication skills able to engage with process driven depts such as InfoSec Strong opportunity to work across a number of fields within ...

best practices are implemented and the organisation adheres to data privacy and regulatory requirements Utilising Infrastructure as Code to carry out repeat deployments Providing incident response to major security events Building CI/CD pipelines, enabling secure deployments of cloud-native infrastructure Writing automation scripts to improve infrastructure ...

best practices are implemented and the organisation adheres to data privacy and regulatory requirements Utilising Infrastructure as Code to carry out repeat deployments Providing incident response to major security events Acting as a technical escalation point during security incidents Providing technical input into the security architecture ...

junior team members across SOC analysis and vulnerability management Providing expert oversight of cyber risk, vulnerability (including vulnerabilities in code), and security analytics Supporting incident response, including zero-day scenarios, alerting, and SOC robustness Working closely with engineering and technology teams to embed secure-by-design practices Producing ...

familiar with both Windows and Linux environment administration You're capable of producing high quality technical documentation suitable for use in design assurance, incident response and support You're collaborative and pragmatic with great communication skills Experience with any of the following would also be of benefit: Okta ...

SQL. Experience with Agile ways of working. Experience with a Microsoft Azure based environment. Experience in the financial Services sector. High level support with incident response and troubleshooting. Eagerness to learn and improve interpersonal skills. Junior C# Developer Key Responsibilities: Triaging and resolving technical queries. Build and maintain ...

technical authority for cyber security operations , owning the end-to-end security lifecycle across enterprise infrastructure. Key responsibilities include: Security monitoring, threat hunting and incident response SIEM, MDR oversight and vulnerability management Firewall, VPN, IDS/IPS and Zero Trust technologies Pen testing coordination and CVSS-led remediation ...

into as a Cyber Security Operations Lead Leading day-to-day operations and shaping the SOC roadmap in line with the wider strategy Overseeing incident response, threat detection, triage and mitigation activity Managing production incidents across change and problem forums Holding the MSSP to account on service levels … Solid understanding of the Microsoft security stack Experience across DLP, EDR/XDR, CASB, email security, SWG and ZTNA/SASE capabilities Confidence managing incident processes, service improvement initiatives and third-party security providers Working hours Full-time, 2 days per week in the office (London-based), remainder remote ...

Platform team on AWS-based deployments and CI/CD processes. Performance & Reliability: Optimise background processing and database performance to maintain system stability. Incident Response: Support investigation and resolution of production issues. Cross-Functional Collaboration: Partner with Frontend and Mobile engineers to deliver robust, scalable APIs. Continuous Improvement … long-term maintainability. Operational Accountability: Act as the technical owner of production systems that directly impact live rail operations, ensuring high availability and rapid incident resolution. Requirements Must Haves 4+ years of professional experience with Ruby on Rails. Strong understanding of object-oriented programming and Rails architecture Extensive experience ...