1 to 25 of 27 Incident Response Jobs in Central London

modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into the Head … SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation - and will play ...

built for you.We’re hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening … Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments (including AD hardening tools ) Essential Experience (Must Haves) Candidates must have: Security Engineering & Hardening IAM, PIM/PAM , identity lifecycle ...

Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience … leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks ...

client environments and act as a trusted security advisor. What you’ll be doing: Designing and implementing security solutions (firewalls, endpoint, cloud security) Leading incident response and remediation activities Conducting vulnerability assessments & penetration testing Implementing security monitoring, reporting & best practices Advising clients on Cyber Essentials, CE+, GDPR … similar environment Firewall experience (Palo Alto, Fortinet) EDR/endpoint protection (Microsoft Defender, Sophos, Bitdefender) Network & cloud security knowledge (Azure, AWS, VPNs, VLANs, DNS) Incident response & vulnerability management experience Cyber Essentials/CE+ knowledge or certification Confident communicator, comfortable in client-facing scenarios What’s on offer: Hybrid ...

environments Review and shape technical designs to ensure security patterns and principles are applied correctly Support and enhance core cyber processes including vulnerability management, incident response, monitoring, IAM, endpoint security and network protection Work closely with technology teams to embed security into change and project initiatives Assess risk … Strong knowledge of security architecture principles and secure design patterns Experience with Azure, Microsoft Defender, M365 security tooling and firewalls Understanding of vulnerability management, incident response, endpoint protection and identity & access management Familiarity with frameworks such as NIST, ISO27001, OWASP, MITRE, CIS Benchmarks Experience operating within a regulated ...

pipeline health, compute utilisation, and deployment status. Collaborate with data engineering to ensure upstream data quality and pipeline reliability for ML feature inputs. Develop incident response procedures and runbooks for ML system failures. Infrastructure & Cost Optimisation Manage and optimise AWS compute resources (Batch, EC2, or similar) used … control workflows. Familiarity with SQL and data warehousing platforms (Snowflake preferred). Experience implementing monitoring, logging, and alerting for production systems. Strong debugging and incident response skills for complex distributed systems. Preferred Qualifications Experience deploying models to edge or embedded devices. Background in healthcare, medical devices, or clinical ...

practices across a live Azure-based platform and a new strategic platform being brought into service. The role is focused on reliability, observability, incident management, resilience, and automation . You’ll help define how services are measured and operated, introducing practical improvements around SLIs, SLOs, error budgets, monitoring … environments Azure cloud environments in enterprise-scale businesses SLO/SLI/error budget design and implementation Observability tooling (Prometheus, Grafana, OpenTelemetry or similar) Incident leadership across Sev1/Sev2 environments Disaster recovery, resilience testing, RTO/RPO Terraform infrastructure as code CI/CD pipelines and engineering enablement ...

Automate detection, triage, and remediation of infrastructure and application vulnerabilities. Developer Enablement: Provide reusable templates and tooling to help teams deploy quickly and securely. Incident Response: Contribute to operational and security incident handling to minimize downtime and risk. What You Bring: Strong experience designing, managing, and securing ...

countermeasures aligned with specific risks. SOC Collaboration: Working with an outsourced Security Operations Centre (SOC) to maintain effective threat detection and response. Tooling & Incident Response: Administering technical security tooling (such as Defender for Cloud, Defender for Endpoint, and Nessus) and conducting security incident investigations. Automation: Automating manual ...

automation tools. Monitoring, Observability & Reliability: • Implement comprehensive monitoring, logging, and alerting systems (Prometheus, Grafana, CloudWatch, Datadog, Sentry) to ensure system reliability and rapid incident response. • Establish SLOs/SLIs and implement observability best practices to maintain high availability and performance. • Lead incident response, root cause analysis ...

improving the environment(s) essentially working to strengthen the IT security position and your BAU work will focus on Disaster Recovery and Security Incident Response during major incidents. Core responsibilities will include: Design, management and enhancement of Security Solutions within VMWare vSphere and related SAN infrastructure environments Operational … SimpliVity, Cisco HyperFlex or Nutanix **DESIRABLE** Understanding of infrastructure security protocols PIM/PAM, PKI etc Experience and understanding of Cyber Security monitoring and response (infrastructure) Excellent communication skills able to engage with process driven depts such as InfoSec Strong opportunity to work across a number of fields within ...

best practices are implemented and the organisation adheres to data privacy and regulatory requirements Utilising Infrastructure as Code to carry out repeat deployments Providing incident response to major security events Acting as a technical escalation point during security incidents Providing technical input into the security architecture ...

junior team members across SOC analysis and vulnerability management Providing expert oversight of cyber risk, vulnerability (including vulnerabilities in code), and security analytics Supporting incident response, including zero-day scenarios, alerting, and SOC robustness Working closely with engineering and technology teams to embed secure-by-design practices Producing ...

familiar with both Windows and Linux environment administration You're capable of producing high quality technical documentation suitable for use in design assurance, incident response and support You're collaborative and pragmatic with great communication skills Experience with any of the following would also be of benefit: Okta ...

resiliency engineering, observability, and proactive SLO/SLI/SLA management. Key Responsibilities: Design, build, and maintain automation for infrastructure provisioning, platform operations, and incident response using IaC and CI/CD. Lead resiliency and disaster recovery planning, including regular DR drills, failure testing, and recovery validation across ...

Platform team on AWS-based deployments and CI/CD processes. Performance & Reliability: Optimise background processing and database performance to maintain system stability. Incident Response: Support investigation and resolution of production issues. Cross-Functional Collaboration: Partner with Frontend and Mobile engineers to deliver robust, scalable APIs. Continuous Improvement … long-term maintainability. Operational Accountability: Act as the technical owner of production systems that directly impact live rail operations, ensuring high availability and rapid incident resolution. Requirements Must Haves 4+ years of professional experience with Ruby on Rails. Strong understanding of object-oriented programming and Rails architecture Extensive experience ...

place, this is a completely greenfield SOC buildout, where you will work alongside the Head of SecOps to shape their SOC monitoring, detection and response function. Key Responsibilities: Act as a lead and technical escalation point on the most complex incidents and investigations. Proactively look for opportunities to automate … capabilities. Utilise various internal and external Threat Intelligence feeds to execute proactive threat hunting campaigns. Mentor and train junior team members through complex incident response investigations. Key Requirements: Significant experience working in a SOC environment (5+ Years), responding to and containing the most high-profile, escalated incidents. Comprehensive ...

such as ISO 27005 and NIST . Review third-party and cloud service provider integrations to ensure appropriate technical and contractual security controls. Support incident response planning and vulnerability management. Define ITHC scope, coordinate penetration testing activities, and prepare pre-assessment documentation. ...

partitioning, caching, compute configuration) with mentorship from more senior colleagues. Contribute to monitoring, alerting and observability setup for pipelines, applications and integrations. Participate in incident response and root cause analysis for platform and application issues. Assist in applying non-functional requirements (SLA/SLOs, resilience, backup and recovery … Performance issues or optimisation tasks, Permissions and basic security models, Schema/ontology changes and their impact on downstream use cases, Integration problems and incident recovery in collaboration with senior staff. Some client-facing experience (e.g. workshops, demos, requirement sessions or design walkthroughs). Any experience helping to train ...

collectors, SDKs and exporters • Design and improve telemetry pipelines and observability backends • Work with engineering teams to implement instrumentation standards and “Golden Paths” • Improve incident response and operational visibility through better telemetry coverage • Build tooling and libraries that improve developer productivity and platform observability Tech Environment • Python • Kubernetes ...

dependencies. Enable integration across distributed teams and services. Establish Reliability & Safety Standards Define guardrail policies, fallback chains, and safety constraints for agent systems. Own incident response processes and post-mortem frameworks. Drive production-readiness standards and operational excellence. Build Observability Infrastructure Architect tracing, logging, and monitoring systems ...

with a focus on reliable, scalable, and secure IT environments. Role Overview The role focuses on coordinating hardware deployments, managing data centre changes, supporting incident response, and ensuring operational standards are maintained. The Team Lead will supervise technicians, manage third-party vendors, and ensure installations, monitoring, asset management … perform daily data centre health checks, and carry out walkthroughs to verify alerts for power, cooling, and rack equipment, reporting any issues and raising incident tickets where necessary. Maintain accurate records including cabling inventory, capacity reporting, and hardware spare inventory such as memory, SFPs, and network cards. Manage ...

will also be responsible for ensuring frontend delivery is calm, predictable, and high-quality. When something breaks in production, you own the response and the systemic fix. When delivery drifts, you correct it. When standards need raising, you define and implement them. Your mandate is simple: make frontend … make conscious, well-informed trade-offs Production Reliability Be accountable for frontend stability, crash rates, and performance Improve observability, monitoring, and debugging practices Lead incident response for frontend issues and drive systemic fixes Build processes that prevent recurring production regressions Technical Direction Own architecture across React Native (mobile ...

supporting professional development within the team. Collaborate with architects and solution designers to align technical delivery with long-term product and technology roadmaps. Lead incident management activities, coordinating major incident responses and ensuring effective communication with stakeholders. Support a 24/7 production environment, including participation ...

services Define resilience patterns across services (failover, circuit breaking, back-pressure, etc.) Lead large-scale refactoring or reliability improvement initiatives Establish best practices in incident response, observability, and SLO management Drive adoption of modern cloud-native and GitOps practices Mentor senior engineers and influence engineering culture at scale ...