1 to 25 of 41 Incident Response Jobs in Central London

Senior Incident Response Manager (SOC) London/WFH to £120k Do you have expertise in the field of Incident Response, Cyber Security Operations or Digital Forensics? You could be progressing your career in a senior, hands-on leadership role at the Investment Management … global bank. As a Senior Incident Response Manager you will continuously develop a high performance technical response team and lead the Incident Response efforts, overseeing the end-to-end incident response lifecycle, from detection and containment to eradication, recovery and post incident ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

operationally effective. The role owns information security operations and modern workplace services, spanning identity and access management, endpoint security, data protection, threat detection, incident response and compliance monitoring. Operating across a complex, global technology estate, the Head of Cyber Security and Modern Workplace Operations ensures alignment with recognised … management using platforms such as Intune and Defender. Ensure consistent application of security standards across all user devices and environments. Threat detection, monitoring and incident response Oversee continuous monitoring, threat detection and security event management. Lead incident response readiness, coordination and post-incident analysis. Work ...

Senior Incident Response Manager (SOC) London/WFH to £120k Do you have expertise in the field of Incident Response, Cyber Security Operations or Digital Forensics? You could be progressing your career in a senior, hands-on leadership role at the Investment Management … global bank. As a Senior Incident Response Manager you will continuously develop a high performance technical response team click apply for full job details ...

user environments. The role You will work closely with security, infrastructure, and architecture teams to design and improve secure technology environments, support incident response, and help drive a security-by-design approach across the wider estate. This role will suit someone with strong experience across Microsoft Sentinel & M365 … user environments Hands-on work with Microsoft Sentinel, M365 Defender , Defender for Cloud, Entra ID, and Conditional Access Supporting the SOC with incident response, vulnerability remediation and escalation Automating repeatable security tasks and improving operational efficiency Supporting compliance requirements, including PCI-DSS Acting as a senior point ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

strong security posture across mission‐critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities Lead investigations into escalated security incidents, assessing attack vectors, scope … business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium‐ and high‐severity incident response activities, producing detailed investigation documentation. Tune and optimise detection content ...

strong security posture across mission-critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities of the Security Operations Shift Lead Lead investigations into escalated … security incidents, assessing attack vectors, scope, and business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium- and high-severity incident response activities, producing detailed ...

intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration of autonomous response actions. You will be responsible for incident response activities, including triaging security alerts, investigating incidents, coordinating escalation and remediation, and conducting root … works closely with the Security Operations Centre (SOC) partner, supporting the assessment and investigation of alerts and contributing to the development and refinement of incident response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting ...

built for you.We’re hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening … Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments (including AD hardening tools ) Essential Experience (Must Haves) Candidates must have: Security Engineering & Hardening IAM, PIM/PAM , identity lifecycle ...

Disaster Recovery (DR) frameworks Technology resilience planning across infrastructure, cloud, networks, applications, and data Organisation-wide Business Continuity Plan ownership and governance Major incident and crisis response coordination DR and continuity testing — scenario, tabletop, live and technology-led Cyber-resilience integration with security and incident response … Operational Resilience, Business Continuity, Disaster Recovery or Technology Risk Strong awareness of IT architecture, cloud services, infrastructure, and tech-led recovery processes Confidence leading incident response and crisis coordination Experience with resilience exercises, DR walkthroughs, failover testing, and scenario simulations Ability to work cross-functionally with Technology, Cyber ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber ...

transit ◦ Implement logging, monitoring, alerting and security event visibility ◦ Design systems with attack, failure and misuse scenarios in mind ◦ Support cloud-level incident response and post-incident reviews ◦ Help ensure the platform meets expectations for a trading and regulated environment Reliability, DR & Resilience ◦ Design, implement and test … trading or other security-sensitive environments ◦ Experience with containerised and event-driven systems ◦ Experience inheriting, hardening or cleaning up existing cloud environments ◦ Familiarity with incident response and DR testing in cloud platforms Working Style ◦ Proactive and self-directed ◦ Detail-oriented and disciplined ◦ Strong communicator who values documentation ...

Governance, Risk, and Compliance (GRC). Working closely with our CTO, you will play a pivotal role in protecting our infrastructure, leading incident responses, and embedding security best practices across our entire product suite. The Role As our Senior Security Analyst, you will own the evolution of our security …/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response for internal and client-facing systems. SIEM/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate ...

tools across NOC and SOC environments Gather and analyse information from a wide range of security and infrastructure tools Handle operational tickets, escalations, and incident support across 1st and 2nd line activity Develop and improve NOC and SOC procedures and support operational best practice Work closely with Security Analysts … wider teams on threat mitigation and incident response Support and train monitoring engineers within live operations environments Key Requirements Previous experience in a Network Security Engineer , Security Operations , Technical Assurance , or similar role Strong background in networking , with a solid understanding of secure network design and operations Hands ...

Cyber Security team, including managing the budget for people, tools and capital projects. You’ll oversee business‐as‐usual security activity, from incident response and vulnerability management through to security engineering improvements and protecting the Council’s supply chain. You’ll also be a visible advocate for good … Borough Emergency Control Centre activation, taking part in the emergency rota, and coordinating responses with the Executive Team, the Security Operations Centre and cyber incident response partners. Qualifications You bring a strong, practical understanding of cyber security and how it supports real business outcomes. You’ve worked with ...

mitigation activities Oversee security architecture to ensure alignment with wider technology strategy Drive continuous improvement through security assessments, testing, and reporting Ensure effective incident detection, response, and recovery capabilities Lead vulnerability management and remediation across all technology environments Oversee third‐party security testing, including penetration testing and phishing … delivering cyber security strategies Strong understanding of security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud and hybrid security environments Ability to communicate complex technical ...

experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls (Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft ...

landing zones. Lead the development of CI/CD pipelines and automated infrastructure delivery. Promote strong observability, monitoring and alerting practices. Take part in incident response, root cause analysis and platform stability improvements. Balance build-and-run responsibilities with a focus on long-term platform health. ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 6+ years ...

teams and articulating technical issues to non-technical stakeholders. · Strong analytical, organisational, and communication skills. · ITIL Foundation (at a minimum); experience with ITIL principles, incident/problem/change management, and reporting frameworks. · Resilient under pressure and adept at prioritisation. · Familiarity with ITSM tooling. · Eligibility for or existing … experience · Operational delivery in cybersecurity sub-sector · Confidence in uncomfortable and unexpected verbal and in-person communications with clients. · Experience working with security monitoring, incident response, SOC, SIEM/XDR solutions. · Experience using PowerBI What You’ll Bring · A client-first mindset with a commitment to operational excellence. ...

maintenance of our CrowdStrike Falcon platform. SIEM Mastery: Collaborate with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models. Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows … improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. Your Profile We are seeking a candidate who brings at least 5+ years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role. ...

subject matter expert on cybersecurity practices and emerging threats. Key Engagement Delivery Responsibilities: Develop and execute strategies to enhance the customer’s prevention, detection, response, and recovery measures. Lead and mentor a team of cybersecurity professionals, fostering a culture of continuous improvement and innovation. Conduct assessments and vulnerability analyses … identify and address potential threats and weaknesses. Collaborate with stakeholders to design and implement incident response and business continuity plans. Evaluate customer’s emerging threats and cybersecurity trends to adapt strategies and technologies. Validate that recommendations and deliverables meet compliance and regulatory expectations and industry standards and prepare ...

familiar with both Windows and Linux environment administration You're capable of producing high quality technical documentation suitable for use in design assurance, incident response and support You're collaborative and pragmatic with great communication skills Experience with any of the following would also be of benefit: Okta ...