1 to 25 of 68 Incident Response Jobs in the City of London

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident response processes, including forensic readiness and regular tabletop exercises. Compliance: Drive readiness for external certifications (ISO 27001, SOC2) and ensure ongoing … regulatory compliance (GDPR, export control, etc.). Collaboration: Partner with IT Ops Lead to embed controls into infra, IAM, and developer platforms; work with ITSM Lead to ensure security incident handling and knowledge base integration. Awareness & Culture: Develop training, awareness, and a culture of security-first thinking across Humanoid. We’re Looking For Proven experience in cyber security leadership … frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating in a dynamic, high-growth environment with a More ❯

NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident response processes, including forensic readiness and regular tabletop exercises. Compliance: Drive readiness for external certifications (ISO 27001, SOC2) and ensure ongoing … regulatory compliance (GDPR, export control, etc.). Collaboration: Partner with IT Ops Lead to embed controls into infra, IAM, and developer platforms; work with ITSM Lead to ensure security incident handling and knowledge base integration. Awareness & Culture: Develop training, awareness, and a culture of security-first thinking across Humanoid. We’re Looking For Proven experience in cyber security leadership … frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating in a dynamic, high-growth environment with a More ❯

assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud environments. Establish and maintain a Product Security Incident Response Team (PSIRT) process to handle reported vulnerabilities, disclosures, and security incidents related to Ipsotek products. Ensure timely triage, investigation, and resolution of product-related security issues. Security … Operations (SecOps) Oversee incident response, monitoring, and reporting processes. Manage security tooling and automation for detection and prevention. Continuously improve threat detection and response capabilities. Cross-Functional Collaboration Work with development teams to embed secure coding practices and DevSecOps principles. Support project operations and presales with security input for bids, proposals, and delivery. Provide security guidance during More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

detecting, analyzing, and mitigating malware threats to safeguard organisational systems and data. By conducting advanced static and dynamic malware analysis, the role provides critical insights into emerging threats, supports incident response activities, and enhances detection capabilities through tool and signature development. Together with colleagues spanning almost all time zones, you will help to make our clients safer and … support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer. Key Accountabilities: Malware Analysis and Response: Conduct in-depth static and dynamic analysis of new and emerging malware threats, identifying potential risks and novel attack vectors. Provide detailed analysis of malware samples as part of … Digital Forensics and Incident Response (DFIR) investigations. Respond to Requests for Information (RFIs) related to malware and binary analysis from internal and external teams. Stay up-to-date with ongoing malware campaigns and techniques, providing insight into emerging or high-impact threats. Documentation and Reporting: Document and report on the behaviour, techniques, tactics, and procedures (TTPs) used by More ❯

detecting, analyzing, and mitigating malware threats to safeguard organisational systems and data. By conducting advanced static and dynamic malware analysis, the role provides critical insights into emerging threats, supports incident response activities, and enhances detection capabilities through tool and signature development. Together with colleagues spanning almost all time zones, you will help to make our clients safer and … support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer. Key Accountabilities: Malware Analysis and Response: Conduct in-depth static and dynamic analysis of new and emerging malware threats, identifying potential risks and novel attack vectors. Provide detailed analysis of malware samples as part of … Digital Forensics and Incident Response (DFIR) investigations. Respond to Requests for Information (RFIs) related to malware and binary analysis from internal and external teams. Stay up-to-date with ongoing malware campaigns and techniques, providing insight into emerging or high-impact threats. Documentation and Reporting: Document and report on the behaviour, techniques, tactics, and procedures (TTPs) used by More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

As part of the Security Operations team, the analyst will work closely with cross-functional teams to identify, investigate, and mitigate cybersecurity threats, ensuring a robust and secure environment. Incident Detection & Response: Analyze security events to determine if they represent legitimate threats, and initiate an appropriate incident response to contain and mitigate any detected issues. Threat … timely patching of identified vulnerabilities. Security Enhancements: Collaborate with IT and other business units to implement security improvements, including automation, configuration changes, and policy enforcement. Documentation & Reporting: Create detailed incident reports, document findings, and provide recommendations to enhance the organization’s cybersecurity posture. Stay Informed: Keep up with the latest cybersecurity trends, vulnerabilities, and best practices, and recommend proactive More ❯

As part of the Security Operations team, the analyst will work closely with cross-functional teams to identify, investigate, and mitigate cybersecurity threats, ensuring a robust and secure environment. Incident Detection & Response: Analyze security events to determine if they represent legitimate threats, and initiate an appropriate incident response to contain and mitigate any detected issues. Threat … timely patching of identified vulnerabilities. Security Enhancements: Collaborate with IT and other business units to implement security improvements, including automation, configuration changes, and policy enforcement. Documentation & Reporting: Create detailed incident reports, document findings, and provide recommendations to enhance the organization’s cybersecurity posture. Stay Informed: Keep up with the latest cybersecurity trends, vulnerabilities, and best practices, and recommend proactive More ❯

on experience designing and implementing security frameworks for enterprise-critical infrastructure (e.g., network security, data protection, vulnerability management, access control). Leading disaster recovery planning, business continuity strategies, and incident response. Familiarity with compliance standards such as NIST, ISO 27001, PCI-DSS, and GDPR in the context of data centers, critical IT infrastructure, and application resilience for business survivability. More ❯

our company's security strategy, ensuring robust protection for both our assets and those of our clients. This division oversees all aspects of information security, from policy development to incident response. Our Global Security Services and Automation team excels in gathering diverse security requirements from clients and delivering top-tier security infrastructure, tools, and operations at scale. The Security … and recommendations Developing and presenting scalable security solutions and services that meet client needs Collaborating with internal teams to ensure client security requirements are integrated into service delivery Leading incident response efforts and conducting post-incident analysis to prevent future occurrences Organizing tabletop exercises with both clients and our teams Required profile: Ability to engage confidently with More ❯

sits within the compliance function and plays a critical part in supporting external audits, particularly SOC 1 Type II and SOC 2. It combines hands-on security monitoring and incident response with ensuring IT and security controls meet audit and client assurance requirements. As a key member of the Global Information Technology team, you will collaborate closely with More ❯

sits within the compliance function and plays a critical part in supporting external audits, particularly SOC 1 Type II and SOC 2. It combines hands-on security monitoring and incident response with ensuring IT and security controls meet audit and client assurance requirements. As a key member of the Global Information Technology team, you will collaborate closely with More ❯

regulatory obligations. Leadership of a Multi-discipline Team – Manage and mentor a team of technical security engineers and operational-resilience specialists, fostering collaboration across technology, risk, and business functions. Incident & Crisis Management – Oversee incident response, run crisis simulations, and strengthen supplier-risk management so critical services remain available even during severe disruptions. Regulatory & Stakeholder Engagement – Engage directly More ❯

regulatory obligations. Leadership of a Multi-discipline Team – Manage and mentor a team of technical security engineers and operational-resilience specialists, fostering collaboration across technology, risk, and business functions. Incident & Crisis Management – Oversee incident response, run crisis simulations, and strengthen supplier-risk management so critical services remain available even during severe disruptions. Regulatory & Stakeholder Engagement – Engage directly More ❯

meet ISO27001 & the Cyber Essentials+ certification. Administrative requirements of PAM tool. (CyberArk) Experience Experience administrating PAM solutions, such as CyberArk - MANDATORY Working understanding of security operations, threat detection, and incident response. Experience using SIEM and security tooling for triage and log analysis. Experience tracking and managing vulnerabilities using industry frameworks. Familiarity with enterprise systems including Microsoft 365 and Azure More ❯

Data Security team, to support analysis and reporting work for data loss and insider threat events in Virgin Money. Your role will involve working closely with our Data Security, Incident Response and Business teams to manage events and progress remediation and represents a great opportunity to work with industry-leading tools and security partners, utilising your analytical, technical … be responsive to these challenges. The DLP Analyst will support the Bank's security controls for Data Loss Prevention, carrying out assessments of DLP and Insider Threat events, including incident management, escalation and resolution, acting as a liaison with key stakeholders, and be responsible for reporting on current status and trends. What you'll be doing Analysis of DLP More ❯

trends and best practices. Qualifications: •Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication skills with the ability to explain More ❯

for managing and supporting our enterprise messaging infrastructure built on Solace PubSub+, ensuring high availability, optimal performance, and reliability across production and non-production environments. This includes working on incident response, capacity planning, WAN optimization, and system observability using tools like Prometheus and Grafana . Key Responsibilities: Administer and maintain Solace PubSub+ appliances and software brokers across environments More ❯

and evolve Terraform modules for automated, consistent, and version-controlled deployments. Security & Access Management: Administer Conditional Access Policies, manage application registrations, and enforce secure identity and access practices. Monitoring & Incident Response: Configure and manage tools like Azure Monitor and Log Analytics to proactively detect and resolve issues. Compliance & Documentation: Maintain accurate technical documentation and ensure adherence to security More ❯

for managing and supporting our enterprise messaging infrastructure built on Solace PubSub+, ensuring high availability, optimal performance, and reliability across production and non-production environments. This includes working on incident response, capacity planning, WAN optimization, and system observability using tools like Prometheus and Grafana . Key Responsibilities: Administer and maintain Solace PubSub+ appliances and software brokers across environments More ❯