1 to 25 of 27 Incident Response Jobs in the City of London

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incident response playbooks, reviewing existing policy sets, documenting key BAU and incident response processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incident response playbooks Policy reviews Incident response If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯

an exceptional SOC Manager/Cyber Security Operations Manager to lead our Cyber Security Operations Centre; responsible for managing the day-to-day operations of the SOC team, overseeing incident detection and response, ensuring vulnerability scanning and remediation efforts across the organization. Role Overview: Job Title: SOC Manager/Cyber Security Operations Manager Location: Leeds/England/… field (Master’s preferred). Minimum 5 years of experience in cybersecurity operations, with at least 2 years in a leadership or management role. Strong knowledge of SOC operations, incident response, and vulnerability management best practices. Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel), vulnerability scanners (e.g., Nessus, Qualys), and other security platforms. Relevant certifications such … Skills: Experience in regulated industries (e.g., finance, healthcare, critical infrastructure). Knowledge of compliance frameworks such as ISO 27001, NIST, GDPR, or CIS Familiarity with scripting or automation for incident response or scanning processes. Please feel free to contact myself - Daisy Nguyen at Gibbs Consulting/Atrium UK for a confidential chat to know more details about the More ❯

systems, Manage relationships and work closely with third-party cyber security service providers. Manage and optimize security tools, including endpoint protection, Microsoft Intune, Entra, Azure, and external detection and response tools. Conduct vulnerability assessments and coordinate patch management cycles. Collaborate with infrastructure and support teams to ensure secure configurations of networks, endpoints, applications, and services. Collaborate with non-technical … end-users on implementing best practices and organize training sessions. Lead or support investigations into security breaches and provide detailed incident reports. Develop and enforce security policies, procedures, and best practices. Provide cybersecurity awareness training and guidance to end users and internal teams. Participate in audits and ensure guidelines from industry standards (ISO 27001, NIST, SOC 2) are followed … internally and best practices regularly reviewed. Proactively assess recovery capabilities, with the aim of minimizing business impact in case of incidents. Plan and rehearse incident response procedures with wider IT and support team. Advise senior management on operational risks. Mentor and lead junior members of the team. Occasional on-call support for critical incidents. Requirements Proven experience in More ❯

deep expertise in Cyber Security Operations Centre (SOC) practices. This role is ideal for someone with a strong ability to analyse and enhance SOC effectiveness, from threat detection to incident response, and provide clear and appropriate advice and guidance. Key Responsibilities of the SecOps Consultant Collaborate with clients to improve SOC operations, particularly around threat detection, and IR. … configuration, and integration based on operational needs. Monitor emerging threats and trends, advising stakeholders on potential impacts and mitigation strategies. Deploy, configure, and manage security tools to optimize detection, response, and reporting functions. Skills & Knowledge Solid understanding of SOC best practices, incident response, and regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Hands-on experience with security More ❯

SecOps) - Leeds/Remote - 12 Months Initial - Inside IR35 We are seeking a skilled SOAR Engineer/Analyst responsible for designing, developing, implementing, and maintaining automation playbooks to improve incident response efficiency within the Security Operations Centre utilizing Google SecOps Role Overview: Job Title: SOAR Engineer/Analyst (Google SecOps) Location: Leeds/Remote Contract Type: Contract Duration …/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python, PowerShell, or Bash. Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE ATT&CK. Strong problem-solving, critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g. More ❯

physical infrastructure of the GNOC, including space, power, cooling, and network connectivity. Security Implementation: Ensuring the security of the GNOC infrastructure and data, including access controls, intrusion detection, and incident response. Automation & Orchestration: Implementing automation and orchestration solutions to streamline operations, improve efficiency, and reduce manual effort. Performance Optimization: Monitoring and optimizing the performance of the GNOC infrastructure and … network services. Incident Management: Developing and implementing incident management processes for the GNOC, ensuring timely and effective resolution of network issues. Documentation & Standards: Creating and maintaining documentation for the GNOC architecture, procedures, and standards. Collaboration: Working closely with other IT teams, including security, systems, and applications, to ensure seamless integration and support. Skills and Expertise: Expertise in Network … Technologies including a deep understanding of networking concepts, protocols, and technologies, including routing, switching, firewalls, VPNs, and WAN technologies. Incident Management: Experience with incident management frameworks (e.g., ITIL) and incident response processes. Communication & Collaboration: Excellent communication and interpersonal skills to collaborate effectively with various teams and stakeholders. More ❯

Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). … SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS More ❯

ISO 27001, and Cyber Essentials audits - including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM - including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes environments, ensuring scalable and secure architecture - Work closely … CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor’s degree in Cybersecurity, Computer Science … roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption More ❯

with the cybersecurity team to integrate DLP measures with broader security initiatives. Your responsibilities: Monitor DLP Systems – Oversee and manage DLP alerts to prevent unauthorized data access and leakage. Incident Analysis – Investigate DLP security incidents, provide reports, and recommend corrective actions. Policy Implementation & Maintenance – Assist in deploying and updating DLP policies, configurations, and security controls. User Support & Training – Provide … security measures and infrastructure. Your Profile Essential skills/knowledge/experience: DLP Technologies Expertise – Hands-on experience with Microsoft Purview DLP, Symantec DLP, Forcepoint DLP, or similar solutions. Incident Response & Troubleshooting – Ability to investigate security alerts, analyze logs, and resolve issues efficiently. Regulatory Compliance Knowledge – Understanding of GDPR, ISO 27001, and other industry standards related to data … Due to the high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion. Join us and do more of what matters. Apply online now. More ❯

top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was More ❯

outsourced MDR partner Manage and evolve the Security Operations Centre (SOC), guiding a small team of security professionals Coordinate timely responses to security incidents, ensuring proper documentation and post-incident analysis Collaborate with internal teams to ensure policies, protocols and operations align with business objectives and emerging threats Drive continual improvement in monitoring, incident response, and preventative … Security Service Edge (SSE), and SASE Proven ability to bridge the gap between technical and non-technical stakeholders when communicating security issues A passion for continuous improvement and post-incident analysis to drive security maturity What's on offer: Remote-first working (London office visit only max once per week) 35-hour working week for strong work-life balance More ❯

required operating model to support the solution post-delivery. • Identify and document all user journeys associated with the management of customer access.• Ensure all user journeys, monitoring, alerting, and incident response workflows are tested and operational prior to go live of the new SOC service.• Establish governance processes, services level agreements, and reporting expectations for the CIAM service. More ❯

support team to drive continuous improvement in service delivery quality. Provide professional insights into AC/DC charging technologies , including fault diagnosis and issue analysis. Lead maintenance process optimization, incident response mechanisms, and standardization of service workflows. Act as a coordination and technical interface in major service issues, ensuring efficient problem resolution for customers. Service Operations Support Support … the development and optimization of preventive maintenance, troubleshooting, and spare parts management processes. Monitor and promote the execution of Service Level Agreements (SLAs) to improve response times and customer satisfaction. Work with customer success, sales teams, and third-party service providers to ensure consistent service delivery. Responsible for the selection, onboarding, and management of service partners , ensuring their competence … requirements and coordinate resources to ensure efficient closure of technical and service issues. Remote Monitoring & Fault Management Collaboration Coordinate with remote monitoring teams to enhance proactive alerting and issue response mechanisms. Support the application and advancement of remote diagnostics and predictive maintenance capabilities. Qualifications & Requirements Education & Experience Bachelor's degree or above in Electrical Engineering, Mechanical Engineering, or a More ❯

clients. Collaborate with development, networks, ops and product teams on strategic IT initiatives. Assist with planning, management and resource allocation of inter-departmental projects alongside the PM team. Oversee incident management, root cause analysis, and rapid resolution of system outages or performance degradation. Ensure compliance of procedures such as change management, patch management and security and audit processes. Assist … in the maintenance of these procedures. Support regular security audits and penetration tests, addressing findings and oversee any remediation work. Improve system monitoring, alerting, documentation, operating procedures and incident response processes. Manage, mentor, plan and coordinate the activities of both teams. Required Skills/Experience Ideally 7+ years Linux system administration experience with at least 3 years in … and rollback strategies. Proficiency in managing bare-metal servers, virtualization platforms such as VMware, containerised systems as well as familiarity with hybrid cloud environments and DevOPS practices. Familiarity with incident/problem management and change control workflows a plus. Previous experience with low latency systems or financial experience desirable. Excellent verbal and written communication skills, with the ability to More ❯

clients. Collaborate with development, networks, ops and product teams on strategic IT initiatives. Assist with planning, management and resource allocation of inter-departmental projects alongside the PM team. Oversee incident management, root cause analysis, and rapid resolution of system outages or performance degradation. Ensure compliance of procedures such as change management, patch management and security and audit processes. Assist … in the maintenance of these procedures. Support regular security audits and penetration tests, addressing findings and oversee any remediation work. Improve system monitoring, alerting, documentation, operating procedures and incident response processes. Manage, mentor, plan and coordinate the activities of both teams. Required Skills/Experience Ideally 7+ years Linux system administration experience with at least 3 years in … and rollback strategies. Proficiency in managing bare-metal servers, virtualization platforms such as VMware, containerised systems as well as familiarity with hybrid cloud environments and DevOPS practices. Familiarity with incident/problem management and change control workflows a plus. Previous experience with low latency systems or financial experience desirable. Excellent verbal and written communication skills, with the ability to More ❯

capability development and maturity across the organisation. Essential Skills & Experience 5 10 years of hands-on experience in cyber security operations. A deep functional understanding of cyber threat detection, incident response, SOC operations, risk management, etc. Demonstrated involvement in procurement and commercial activities from within the cyber function such as defining technical requirements, evaluating suppliers, or working with More ❯

data protection agreements (DPAs), technology procurement agreements, and service level agreements (SLAs). Advise on legal risks and compliance issues relating to cybersecurity, artificial intelligence, and data protection, including incident response and breach notification. Partner with internal stakeholders to support product development and digital transformation projects. Monitor regulatory changes impacting the tech industry, particularly in cybersecurity, privacy, AI More ❯

in line with our Mid-Market technology roadmap. The Role Technology & Systems Management Oversee the ongoing maintenance and development of Mid-Market business applications and platforms. Lead fault resolution, incident response, and ensure timely ticket management. Ensure compliance with security policies and lead on risk remediation activities. Manage cloud development, architecture, and system integrations. Coordinate licensing, certificates, and More ❯

reviews to align platforms with AWS best practices. Collaborate across development teams to deliver reusable, automated migration tooling and infrastructure as code. Guide engineering teams through optimization, troubleshooting, and incident response. Promote adoption of DevOps methodologies and automated deployment pipelines. Create and maintain comprehensive documentation to support scalability and reuse. Skills & Experience Ideal candidates will bring experience in many More ❯

infrastructure deployments. Optimize and manage security configurations including IAM policies, network access controls, and encryption protocols . Proactively monitor and respond to security incidents using AWS-native detection and response services. Conduct periodic security assessments, audits, and reviews to align with best practices and regulatory standards. Collaborate with internal stakeholders, including engineering and operations teams, to integrate security into … cloud-native development workflows. Produce detailed documentation and reports related to threat detection, incident response, and mitigation efforts. Provide mentorship, technical leadership, and establish best practices for cloud security implementation. Work closely with external partners or clients to understand their security needs and design tailored cloud protection strategies. More ❯

spares are available for uninterrupted operation Oversee and coordinate subcontractor activities, ensuring compliance with site rules and contractual obligations Maintain comprehensive maintenance records using CAFM or equivalent systems Support incident response and fault management on site during shifts Foster strong working relationships with internal teams, clients, and contractors Maintain a professional image and deliver excellent customer service both … role within a critical or business-continuity environment Strong knowledge of health and safety legislation and safe systems of work Emergency First Aid at Work qualification Proven fault and incident management skills in real time Good verbal communication, numeracy, and literacy skills Ability to work effectively both independently and as part of a team Flexible approach to working hours More ❯

spares are available for uninterrupted operation Oversee and coordinate subcontractor activities, ensuring compliance with site rules and contractual obligations Maintain comprehensive maintenance records using CAFM or equivalent systems Support incident response and fault management on site during shifts Foster strong working relationships with internal teams, clients, and contractors Maintain a professional image and deliver excellent customer service both … role within a critical or business-continuity environment Strong knowledge of health and safety legislation and safe systems of work Emergency First Aid at Work qualification Proven fault and incident management skills in real time Good verbal communication, numeracy, and literacy skills Ability to work effectively both independently and as part of a team Flexible approach to working hours More ❯

Compliance Partner with the Technology Partnership team to uphold security standards and comply with internal policies and regulations. Implement encryption, data masking, secure transmission, and robust access controls. Support incident response and integrate threat detection into data workflows. Contribute to developing and maintaining data governance frameworks. Stakeholder Engagement & Communication Work alongside the Technology Operations Manager to deliver on More ❯

stack. System generalists and product generalists profiles. These engineers would be part of an existing team; duties include providing a 1st line diagnostic and resolution of problems with clear incident response. Role Overview: Job Title: C#/Unity Application Development/Debugging Engineer Location: London/Hybrid 3 days onsite per week Contract Type: Contract Duration: 6 months initially More ❯