1 to 25 of 965 Incident Response Jobs in England

Citi's Cloud Incident Response (Cloud IR) team seeks a Senior Vice President of Microsoft 365 (M365) and Azure Incident Response to lead and oversee the organization's incident response operations within the M365 environment. You will work closely with stakeholders to ensure effective … security incident response with an aim to safeguard the integrity of Citi's Microsoft 365 services. Your role is critical in ensuring a proactive and coordinated approach in responding to cloud security incidents and managing security risks within the M365 suite. You will align incident response … the evolution of cloud security practices, and guide the organization through critical security challenges within the M365 ecosystem. Responsibilities: Own and lead Citi's response to security incidents in our M365 and Azure platforms Build and sustain a high-performing security operations team skilled in managing M365 incidents Collaborate More ❯

contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Center according to Experian's Incident Response Plan. As an individual contributor, this team member will join a new, growing team of specialized, advanced responders to support escalations of … complex and prioritized matters from Experian's existing 24x7 security monitoring and response functions, responsible for responding to and analyzing security incidents involving threats targeting Experian information assets. You will work with end-users, technical support teams, and management to ensure remediation and recovery from these threats. You will … report to the Senior Manager, Global Incident Response. You'll have the opportunity to: Conduct advanced incident response activities to investigate and contain complex or larger-scale cybersecurity matters. Orchestrate workstreams across teams (Forensics and Cyber Threat Hunting) and explain the CFC's overall understanding of the More ❯

that investigates and analyses high priority cybersecurity incidents with precision. You will respond to and contain security threats effectively, following a robust Cyber Security Incident Response Plan (CIRP). Collaborating with both internal and external stakeholders, you will ensure seamless communication and effective outcomes. You will document incident … and extent of compromise. Analyze malware samples, network traffic, and system logs to identify indicators of compromise (IOCs) and attack patterns. Lead and coordinate incident response efforts, including containment, eradication, and recovery activities. Collaborate with cross-functional teams to mitigate security incidents and minimize business impact. Assist partners … in/and conduct digital forensic investigations to gather evidence and support incident response efforts. Preserve and analyze forensic artifacts from compromised systems to identify attacker tactics, techniques, and procedures (TTPs). Analyze threat intelligence feeds and reports to identify emerging threats and vulnerabilities. Correlate threat intelligence with More ❯

be your perfect next move. In this role, you'll be at the heart of our growing cybersecurity team, driving innovation in threat detection, incident response, and cloud security. You'll lead key automation efforts, refine and streamline our response capabilities, and work closely with teams across … that make a real impact. Key Responsibilities Automation and Engineering: Lead the design, implementation, and optimisation of automation processes for security monitoring, alerting, and incident response. This includes developing and maintaining playbooks, workflows, and integrations with SOC tools (SIEM, EDR, SOAR). Incident Response & Threat Analysis: Coordinate … assist in the investigation of security incidents, focusing on both cloud and on-premises environments. Perform root cause analysis and forensic investigations to determine incident scope, impact, and mitigation strategies. Cloud Security Expertise: Leverage your expertise in AWS and Azure to enhance cloud security operations, including threat detection, vulnerability More ❯

be your perfect next move. In this role, you'll be at the heart of our growing cybersecurity team, driving innovation in threat detection, incident response, and cloud security. You'll lead key automation efforts, refine and streamline our response capabilities, and work closely with teams across … that make a real impact. Key Responsibilities: Automation and Engineering: Lead the design, implementation, and optimisation of automation processes for security monitoring, alerting, and incident response. This includes developing and maintaining playbooks, workflows, and integrations with SOC tools (SIEM, EDR, SOAR). Incident Response & Threat Analysis: Coordinate … assist in the investigation of security incidents, focusing on both cloud and on-premises environments. Perform root cause analysis and forensic investigations to determine incident scope, impact, and mitigation strategies. Cloud Security Expertise: Leverage your expertise in AWS and Azure to enhance cloud security operations, including threat detection, vulnerability More ❯

this could be your ideal next role. In this position, you'll be central to our expanding cybersecurity team, leading innovation in threat detection, incident response, and cloud security. You will spearhead automation initiatives, improve our response capabilities, and collaborate across teams to develop secure, scalable solutions … that make a significant impact. Key Responsibilities: Automation and Engineering: Design, implement, and optimize automation processes for security monitoring, alerting, and incident response. Develop and maintain playbooks, workflows, and integrations with SOC tools (SIEM, EDR, SOAR). Incident Response & Threat Analysis: Investigate security incidents across cloud and … on-premises environments. Conduct root cause analysis and forensic investigations to assess incident scope, impact, and mitigation strategies. Cloud Security Expertise: Use your knowledge in AWS and Azure to improve cloud security operations, including threat detection, vulnerability management, and incident response. Work with cloud security services (e.g., AWS More ❯

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

A leading Commerce firm is looking for an Incident Response Lead to join their Cyber Defence team. This crucial role will support the team in enhancing its detection capabilities and modernising the incident response (IR) process across the organisation. The Incident Response Lead will … be responsible for managing the entire IR lifecycle, from initial triage through to remediation. Key Responsibilities: Manage end-to-end incident response (IR) processes, ensuring swift and effective resolution of security incidents. Develop and maintain incident response playbooks and runbooks. Analyse incident reports and provide … actionable insights. Engage with and manage stakeholders throughout the incident lifecycle. Lead the threat-hunting process, using frameworks like MITRE ATT&CK to proactively identify potential threats. Ideal Candidate: Extensive experience in all aspects of Incident Response, with hands-on involvement in P1 and P2 incidents (mainly More ❯

firm, including the central operations of finance, information technology, marketing, risk, legal, operations and human resources. What You'll Do As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying … analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service … Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. * Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. * Conduct proactive threat hunting to detect and neutralize emerging More ❯

Cyber Incident Response Coordinator Location: Brussels, Belgium - Hybrid (30% on-site presence required) Contract Duration 6 months - June – December 2025 (with possible extension) Outside IR35 €500 - €525 Euros a day About the role We are seeking an experienced and proactive cybersecurity professional with experience in Cyber Incident Response. Exciting opportunity to join a dynamic international environment supporting enterprise-wide cyber incident management and response coordination. This role offers a unique opportunity to contribute to critical cybersecurity functions within a multinational CSIRT. Key Responsibilities: Support enterprise-wide cybersecurity incident response efforts, ensuring effective … coordination and communication across all stakeholders. Track, monitor, and follow up on cyber incident response tasks, decisions, and lines of effort in collaboration with the Cyber Incident Task Force. Assist in the development, refinement, and implementation of policies, frameworks, and procedures related to cyber incident management. More ❯

Social network you want to login/join with: Digital Forensics and Incident Response: Consultant, London col-narrow-left Client: Control Risks Location: London, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: 7203b1840168 Job Views: 3 Posted: 08.05.2025 Expiry Date: 22.06.2025 … Discovery and Data Insights team in London. In this role you will provide technical expertise and consultative solutions in the field of Digital Forensics, Incident Response, Cyber Security and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement. You … for our regional and international Discovery & Data Insights teams (DFIR/Legal Technologies/Data Analytics) as well as working closely with our Cyber Response and Crisis Management divisions as well as our Investigations teams. As the Consultant you will also support the business development effort for the department More ❯

IT Service Providers and business stakeholders across the company to implement and optimise cyber security operations capabilities. Responsibilities Accountable for managing the Cyber Security Response team and the quality of third party services and deliverables, reviewing performance, and driving continuous improvement. Take the lead management responsibility for all cyber … security event monitoring and incident response services received from all partner organisations with particular focus on the company’s Manage Security Service relationship (MSS). Proactively manage the search for cyber threats that may go undetected in our environment that have evaded our automated security tools and defences. … Accountable for Cyber Security incident response management including the establishment, maintenance and improvement of cyber security incident response plans, procedures, and playbooks. Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis (RCA) for security More ❯

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Social network you want to login/join with: Incident Response Consultant - Cybersecurity, London Client: Location: London, United Kingdom Job Category: Other EU work permit required: Yes Job Reference: 00a6e2d9ea78 Job Views: 8 Posted: 24.04.2025 Expiry Date: 08.06.2025 Job Description: Role Do you want to work with international … global Cyber Security challenges. Join a specialist cyber security consultancy comprising 80 dedicated professionals, where you can become the Subject Matter Expert (SME) in incident response. This role offers a competitive base salary of £60,000 – £80,000, along with a range of benefits, including private medical coverage, remote … working options, discounted gym memberships, and performance bonuses. If you’re interested in this opportunity, apply here! Responsibilities: Delivery of incident response consultancy to corporate clients suffering a cyber incident. Delivery of consultancy on building incident response capacity, including SOC design, policy development, skills definition. Design More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Security Engineer, Incident Response , AWS Corporate Security Job ID: Amazon Corporate Services Pty Ltd AWS is looking for a passionate Security Engineer, Incident Response who can lead the response to security issues across the largest cloud provider in the world. You must thrive in high … pressure situations, and think like both an attacker and defender, while working through the entire incident response lifecycle. You'll be working in a global team environment where clear and accurate communication, documentation, and collaboration on security issues is critical. In this role you'll be conducting security … monitoring and response activities for the Amazon internal network. We value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, detection and hunting, and emergent security intelligence. We don't expect More ❯

Security Engineer, Incident Response , AWS Corporate Security Job ID: 2966013 | Amazon Corporate Services Pty Ltd AWS is looking for a passionate Security Engineer, Incident Response who can lead the response to security issues across the largest cloud provider in the world. You must thrive in … high-pressure situations, and think like both an attacker and defender, while working through the entire incident response lifecycle. You’ll be working in a global team environment where clear and accurate communication, documentation, and collaboration on security issues is critical. In this role you’ll be conducting … security monitoring and response activities for the Amazon internal network. We value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, detection and hunting, and emergent security intelligence. We don’t More ❯

to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, Incident Response, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . … a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London … office at least three days a week (hybrid) with on-call rotations that may include weekends/evenings. Experience in digital forensics and incident response is essential. Responsibilities Provide forensic/incident response consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation More ❯

to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating, and responding to security … Security Operations Team collaborates closely with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what … you'll do: As a Senior Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and More ❯

on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions … Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively … in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection. Familiarity with security event log analysis, alerts management, and incident response workflows. Cybersecurity Frameworks & Compliance: Knowledge of Cyber Essentials Plus and ISO 27001 compliance requirements. Ability to help maintain and audit compliance for More ❯

on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions … Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively … in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection. Familiarity with security event log analysis, alerts management, and incident response workflows. Cybersecurity Frameworks & Compliance: Knowledge of Cyber Essentials Plus and ISO 27001 compliance requirements. Ability to help maintain and audit compliance for More ❯

our expanding teams. As an Information Security Engineer with a focus on development and automation, you will serve as the engineering backbone of the Incident Response team. Your expertise in development and automation will play a critical role in enhancing security operations and incident response capabilities. … and implement automated processes for containment and remediation of affected assets, IOCs, and TTPs. Design and maintain automated workflows for efficient and effective security incident response. Collaborate with cross-functional teams to automate security-related tasks and processes, enhancing overall efficiency and accuracy. Leverage automation frameworks and scripting languages … to streamline security operations and improve incident handling capabilities. Produce detailed incident reports and security recommendations using automated reporting and analysis tools. Hold stakeholders accountable for implementing automated remediation actions and monitor their effectiveness. Provide training and guidance on leveraging automation tools for streamlined incident response More ❯