22 of 22 Incident Response Jobs in the City of London

posture through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools … perform root cause analysis. Collaborate with IT and security teams to remediate vulnerabilities. Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge

technical environments. Stay current with emerging threats, regulatory changes, and industry best practices in risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications/Skills Required Demonstrated

Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise … Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain

including Data Protection Impact Assessments. Manage compliance and supplier security controls. Oversee penetration testing and manage vulnerability fixes. Develop and test the company's incident response plan. Support the secure implementation of new AI-driven tools. Lead, coach, and support a small technical team. Requirements 2+ years

mature security function responsible for global operational security across IT infrastructure and business applications – including privileged access management, threat protection, threat detection and incident management. Working closely with the IT Security Manager, you will help ensure security services are delivered effectively and that core controls remain fully operational … with technologies such as SIEM, PAM, Endpoint Protection, EDR, IPS/IDS, MFA, Encryption and Next Gen Firewalls Experience supporting cyber security event triage, incident response and recovery Strong knowledge of operational security management and tooling This role offers the chance to work in a highly regulated, security

Analyzer) to reduce exposure and prevent repeat issues. Produce clear remediation guidance, runbooks, and reporting dashboards for both technical and non-technical stakeholders. Support incident response and post-remediation validation where high-risk findings are exploited or trending. kills & Experience AWS/Cloud Security Deep, hands

complex cybersecurity concepts into clear, actionable guidance. Assess client cyber risks and recommend practical mitigation strategies. Draft policies and procedures to enhance resilience and incident response. Evaluate vulnerabilities in systems, networks, and supply chains. Manage projects and coordinate team efforts to deliver high-quality outcomes. Prepare detailed client reports

Manage and optimise Microsoft Defender across Endpoint, Identity, Cloud Apps, Office 365, and Cloud Security Posture Management. Monitor alerts and conduct threat investigations. Support incident response with containment and remediation. Conduct proactive threat hunting. Platform administration and governance Configure policy baselines and protection profiles. Maintain governance and compliance … Security teams. Provide security insights to projects. Produce reporting for stakeholders. Identify automation and workflow enhancements. Essential Skills Strong experience with Microsoft Defender platforms. Incident investigation skills across endpoint, identity, and cloud. Understanding of Microsoft 365, Azure, and Zero Trust. Skilled in ASR rules, AV baselines, and KQL analytics.

expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Develop and enforce security policies, standards, and best practices. Lead incident response and root cause analysis for security-related issues. Mentor and train teams on DevSecOps principles and tools. Contract: 6 Months Rolling Rate

part of an on-call rota, ready to respond if we have a severe, platform-impacting security tooling failure or need second-line security incident response assistance Desirable You have an interest in offensive security, potentially including participation in CTFs and past experience as a red team operator

Deliver timely, high-quality threat briefings and risk assessments to operational stakeholders. Drive continuous improvement of threat intelligence processes, tooling, and automation. Participate in incident response investigations, providing threat context and attribution support. Maintain awareness of global regulatory and compliance requirements related to threat intelligence and offensive security

suits a dependable, punctual AV professional with strong technical understanding and a passion for delivering excellent user experiences in high-profile environments. Key Responsibilities Incident Response & User Support Act as the first line of response for all AV incidents and requests. Troubleshoot and resolve AV and video

architecture, implementation, hardening, and continuous improvement of Linux operating systems, platform services, and supporting infrastructure to ensure performance, scalability, and operational excellence. Drive incident and problem management: Take ownership of high-severity incident response, advanced troubleshooting, root-cause analysis, and long-term remediation. Establish engineering best practice

targets. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Required Skills/Experience: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid

clear path toward partnership or leadership, this is that moment.What You'll Do Lead and manage a caseload of complex data-breach and cyber-incident matters, including live ransomware events and regulatory investigations. Act as a trusted adviser during active crises — providing clear, strategic legal guidance under pressure. Supervise … junior lawyers while helping shape the direction of the team. Work alongside leading experts in digital forensics and threat intelligence to deliver fully integrated incident response. Contribute to new products, knowledge, and thought leadership in a rapidly evolving field. Support business development and client-relationship initiatives that will accelerate

system reliability, security, and uptime across multi-cloud setups. Develop internal tools and scripts in Python, Go, or Node.js. Collaborate on architecture, deployments, and incident response. Requirements 5+ years in DevOps or infrastructure engineering. Strong with Docker, Kubernetes, Terraform, AWS/GCP. Scripting in Python/Go/Node.js

Business Resilience, Business Continuity, and Third-Party Risk frameworks. Oversee critical third-party relationships, especially in technology and enterprise services. Deliver scenario testing, incident response, and regulatory reporting that informs senior leadership. Collaborate with internal teams, clients, and market stakeholders to ensure preparedness and compliance. We’re looking

security testing experience Knowledge of Metasploit, Burp Suite, and vulnerability scanning tools Experience with Windows, Linux and Mac operating systems Interest in threat hunting, incident response, and security monitoring CRT/OSCP/Cyber Scheme training or aspirations to achieve them Eligibility for UK Security Clearance

security testing experience Knowledge of Metasploit, Burp Suite, and vulnerability scanning tools Experience with Windows, Linux and Mac operating systems Interest in threat hunting, incident response, and security monitoring CRT/OSCP/Cyber Scheme training or aspirations to achieve them Eligibility for UK Security Clearance

helping drive a full transition to cloud identity.Maintain and optimise Group Policies and Azure Virtual Desktop (AVD) environments.Troubleshoot complex infrastructure issues and lead structured incident response.Support post-acquisition IT integrations, ensuring secure and scalable outcomes.Monitor system health, produce performance reports, and proactively optimise infrastructure.Maintain up-to-date technical documentation

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations click apply for full job details

London. Responsibilities: Maintain, support, and optimise core TFP applications. Develop custom tools and features to enhance system functionality. Monitor performance, troubleshoot issues, and lead incident resolution. Manage SLAs, service performance metrics, and continuous improvement initiatives. Provide responsive technical support to business users. Drive automation and proactive issue detection through … share knowledge across IT. Skills & Experience: Experience in Application Operations within a Microsoft Azure environment essential. Strong knowledge of Azure services, monitoring, and incident response. Strong working background within a Microsoft tech stack including C# .net. Background in automation and performance optimisation. Excellent communication, problem-solving, and cross-team