1 to 25 of 29 Incident Response Jobs in Central London

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

user environments. The role You will work closely with security, infrastructure, and architecture teams to design and improve secure technology environments, support incident response, and help drive a security-by-design approach across the wider estate. This role will suit someone with strong experience across Microsoft Sentinel & M365 … user environments Hands-on work with Microsoft Sentinel, M365 Defender , Defender for Cloud, Entra ID, and Conditional Access Supporting the SOC with incident response, vulnerability remediation and escalation Automating repeatable security tasks and improving operational efficiency Supporting compliance requirements, including PCI-DSS Acting as a senior point ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

strong security posture across mission-critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities of the Security Operations Shift Lead Lead investigations into escalated … security incidents, assessing attack vectors, scope, and business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium- and high-severity incident response activities, producing detailed ...

built for you.We’re hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening … Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments (including AD hardening tools ) Essential Experience (Must Haves) Candidates must have: Security Engineering & Hardening IAM, PIM/PAM , identity lifecycle ...

Disaster Recovery (DR) frameworks Technology resilience planning across infrastructure, cloud, networks, applications, and data Organisation-wide Business Continuity Plan ownership and governance Major incident and crisis response coordination DR and continuity testing — scenario, tabletop, live and technology-led Cyber-resilience integration with security and incident response … Operational Resilience, Business Continuity, Disaster Recovery or Technology Risk Strong awareness of IT architecture, cloud services, infrastructure, and tech-led recovery processes Confidence leading incident response and crisis coordination Experience with resilience exercises, DR walkthroughs, failover testing, and scenario simulations Ability to work cross-functionally with Technology, Cyber ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber ...

transit ◦ Implement logging, monitoring, alerting and security event visibility ◦ Design systems with attack, failure and misuse scenarios in mind ◦ Support cloud-level incident response and post-incident reviews ◦ Help ensure the platform meets expectations for a trading and regulated environment Reliability, DR & Resilience ◦ Design, implement and test … trading or other security-sensitive environments ◦ Experience with containerised and event-driven systems ◦ Experience inheriting, hardening or cleaning up existing cloud environments ◦ Familiarity with incident response and DR testing in cloud platforms Working Style ◦ Proactive and self-directed ◦ Detail-oriented and disciplined ◦ Strong communicator who values documentation ...

Governance, Risk, and Compliance (GRC). Working closely with our CTO, you will play a pivotal role in protecting our infrastructure, leading incident responses, and embedding security best practices across our entire product suite. The Role As our Senior Security Analyst, you will own the evolution of our security …/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response for internal and client-facing systems. SIEM/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate ...

Cyber Security team, including managing the budget for people, tools and capital projects. You’ll oversee business‐as‐usual security activity, from incident response and vulnerability management through to security engineering improvements and protecting the Council’s supply chain. You’ll also be a visible advocate for good … Borough Emergency Control Centre activation, taking part in the emergency rota, and coordinating responses with the Executive Team, the Security Operations Centre and cyber incident response partners. Qualifications You bring a strong, practical understanding of cyber security and how it supports real business outcomes. You’ve worked with ...

QA. Strengthen code review standards and engineering consistency. Within 12 months, you will: Confidently contribute to UK and Global teams based on priority. Lead incident response efforts when front-end issues affect production. Influence front-end architectural decisions. Raise the overall quality bar across our Vue/Nuxt … ensure implementation aligns with inclusive design principles. Technical Leadership: Conduct code reviews, guide architectural decisions, and raise engineering standards across the front-end codebase. Incident Response: Lead investigations and resolution efforts during critical production incidents, ensuring fast and structured recovery. Collaboration: Work closely with Product, Design ...

analytics, turning network data into actionable insight that improves stability and reduces recovery time. Alongside this, you'll provide senior technical leadership, supporting incident response, engineering standards, and long-term resilience initiatives. What you'll need to succeed Deep expertise in network observability and telemetry, including large-scale … Deep understanding of low-latency, highly available network architectures, ideally within financial services or trading environments. Comfortable acting as a senior technical lead, supporting incident response, resilience initiatives, governance, and mentoring other engineers. What you'll get in return An exciting opportunity to join an international organisation ...

mitigation activities Oversee security architecture to ensure alignment with wider technology strategy Drive continuous improvement through security assessments, testing, and reporting Ensure effective incident detection, response, and recovery capabilities Lead vulnerability management and remediation across all technology environments Oversee third‐party security testing, including penetration testing and phishing … delivering cyber security strategies Strong understanding of security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud and hybrid security environments Ability to communicate complex technical ...

experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls (Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft ...

evolving threat landscape. Key Responsibilities Operate and optimise security and vulnerability management platforms, including liaison with external SOC providers (SIX Group). Lead incident response, ensuring documentation and reporting aligns with DORA timelines; participate in on-call rotation. Proactively assess and mitigate emerging risks, including AI-driven threats. ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 6+ years ...

maintenance of our CrowdStrike Falcon platform. SIEM Mastery: Collaborate with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models. Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows … improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. Your Profile We are seeking a candidate who brings at least 5+ years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role. ...

subject matter expert on cybersecurity practices and emerging threats. Key Engagement Delivery Responsibilities: Develop and execute strategies to enhance the customer’s prevention, detection, response, and recovery measures. Lead and mentor a team of cybersecurity professionals, fostering a culture of continuous improvement and innovation. Conduct assessments and vulnerability analyses … identify and address potential threats and weaknesses. Collaborate with stakeholders to design and implement incident response and business continuity plans. Evaluate customer’s emerging threats and cybersecurity trends to adapt strategies and technologies. Validate that recommendations and deliverables meet compliance and regulatory expectations and industry standards and prepare ...

familiar with both Windows and Linux environment administration You're capable of producing high quality technical documentation suitable for use in design assurance, incident response and support You're collaborative and pragmatic with great communication skills Experience with any of the following would also be of benefit: Okta ...

Responsibilities: Lead and deliver cyber resilience transformation programmes, owning end‐to‐end engagement delivery (scope, quality, timeline, budget) and ensuring outcomes measurably improve preparedness, response, and recovery. Design, run, and continuously enhance cyber crisis simulations and tabletop exercises for executives and operational teams—ensuring scenarios reflect the current threat … intelligence and emerging attacker tactics into practical resilience improvements—linking likely threats to business impact, critical dependencies, and control or capability gaps. Integrate cyber response and recovery into wider enterprise resilience plans, including business continuity, IT disaster recovery, operational resilience, third‐party resilience, and enterprise risk management—ensuring cyber ...

CircleCI) 🔄 Operate and optimise Kubernetes environments (EKS primarily, GKE exposure a bonus) ☸️ Build and manage Infrastructure as Code using Terraform 🏗️ Champion reliability engineering: observability 👀, incident response 🚨, performance & cost optimisation 💡, and security best practices 🔐 Drive automation across environments and collaborate with cross-functional teams 🤝 ✅ What You’ll Bring Strong ...

practice implementation • Conduct detailed analysis and tuning to minimise false positives and enhance detection accuracy • Partner with SOC and Cyber Operations teams to support incident response, investigation, and remediation • Drive DLP governance, reporting, metrics, and continuous improvement initiatives • Produce and maintain technical documentation, including runbooks and architectural designs ...

place, this is a completely greenfield SOC buildout, where you will work alongside the Head of SecOps to shape their SOC monitoring, detection and response function. Key Responsibilities: Act as a lead and technical escalation point on the most complex incidents and investigations. Proactively look for opportunities to automate … capabilities. Utilise various internal and external Threat Intelligence feeds to execute proactive threat hunting campaigns. Mentor and train junior team members through complex incident response investigations. Key Requirements: Significant experience working in a SOC environment (5+ Years), responding to and containing the most high-profile, escalated incidents. Comprehensive ...

view on how to keep the production environment both highly and stable and available for daily trading activity. Primary responsibilities will be split across incident management & root cause analysis, working with development teams to resolve issues, whilst facing off to Front Office users to handle queries, provide progress reports … Monitoring and Observability tooling Python and Shell Scripting skills for automation purposes Capability to work across end-to-end Production Support covering initial incident response, root cause, gap analysis, bug fixing through to full recovery and resolution Understanding of the trade life cycle from pre-to-post trade ...