1 to 25 of 584 Incident Response Jobs in England

Senior Analyst, (Delivery Lead), Incident Response London We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the Incident Response Team. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some … Working in Cyber at S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we'd like to hear from you. Our Incident Response Delivery Leads are a critical part of our Cyber Security division's success. As a Delivery Lead on our team, you will deploy your incident response More ❯

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a week in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. As … the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We … looking for someone Midlands based who can be on site in Warwickshire 1 day a week on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - minimum 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. … As the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. … for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

Incident Response Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an Incident Response Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

integral to responding to and managing cybersecurity threats and incidents throughout their lifecycle - from Preparation to Identification, Containment, Eradication, Recovery, and Lessons Learned - collaborating with a global team of incident responders. You will apply your comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address security incidents across our endpoints, network, and cloud infrastructure. In … this role, you will be responsible for prevention, detection, response, and remediation activities, ensuring that information assets and technologies are adequately protected by leveraging various technologies such as Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more. You will also leverage your collaboration and … communication skills to work effectively with all relevant stakeholders in multicultural and global environments. Responsibilities - Report to Director to facilitate all phases in the incident response lifecycle - Be involved in various incident prevention projects to improve Security posture Preparation: - Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc. - Take part in self More ❯

Inside IR35 via umbrella Location: Birmingham hybrid (2-3 days per week in office) Are you an experienced Security Operations Director with strong knowledge of SOC + Security operations, Incident Response implementation, SOC Process Development, Security Ops Budget + Financial Management and Security Ops Maturity Improvement amongst others? ARM is recruiting for a fulltime contract experienced Security Operations … operational maturity improvements, and oversees containment and recovery activities. Operating at SFIA Level 6, the role requires the initiation, definition, and oversight of high-impact security operations activities, including incident response, operational maturity improvement, containment, and recovery efforts. The Director is responsible for aligning security initiatives with business objectives and ensuring the organisation's resilience against evolving threats. … will: Pre-Sales Support and Business Development o Partner with sales and business development teams to define and articulate the value proposition of the security offerings, including SOC services, incident response, threat intelligence, vulnerability management, and compliance. o Represent the security operations function in client engagements, pre-sales discussions, and technical assessments, positioning the organisation's capabilities to More ❯

Role: VP - Digital Forensics & Incident Response (DFIR) Manager Location: London (Hybrid working available) Salary: Up to £90,000 + benefits Sector: Cyber Security/Financial Services Overview A leading financial services organisation is seeking a VP-level DFIR Manager to lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role … focused on incident response, threat detection, and forensics within a complex, regulated environment. You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response … investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. Contribute to vulnerability management and remediation plans. More ❯

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

Security Analyst, Security Operations and Incident Response Meta is seeking a Security Analyst to join the Global Security Operations and Incident Response team. The Analyst will serve on the front lines of Meta's Security team and will lead and support security investigations across the company's global infrastructure as well as respond to escalations from … closely with technical teams, with a broad set of skills to tackle the panoply of unique security challenges that we encounter at Meta scale. Security Analyst, Security Operations and Incident Response Responsibilities Investigate and respond to external and internal cybersecurity threats in a timely manner while communicating clearly and proactively until remediation. Act as an escalation point for … high quality and accurate reports for a wide range of stakeholders. Collaborate with Security Engineers and cross-functional teams to investigate and remediate large scale security incidents. Support security incident root cause analysis, identify control gaps, and recommend mitigation strategies. Collaborate with cross-functional teams to drive improvements to security tools, policies and processes. Improve the effectiveness and efficiency More ❯

lawyer to advise on and coordinate data protection matters, in particular, to oversee and run the Global Record of Processing Activities (RoPA) Inventory as well as coordinate the Global Incident Response (IR) Process. This involves overseeing a team who are responsible for completing and maintaining EY's Global RoPA and integration of Privacy Impact Assessment (PIA) records and … Third Party Vendor Due Diligence (VDD) data as well as coordinating the work of other resources and EY's Global Delivery Service ("GDS") involved in the Global Incident Response Process. The global data protection team is responsible for the implementation and transformation of EY's privacy compliance program, which include Binding Corporate Rules. The team works closely with … on data protection matters, including both personal data privacy and the protection of client and EY confidential information. The opportunity As the Global Legal Counsel - Data Protection RoPA and Incident Response, you will be responsible for overseeing the Records of Processing Activity (RoPA) process and inventory as well as the management of the Global Incident Response More ❯

lawyer to advise on and coordinate data protection matters, in particular, to oversee and run the Global Record of Processing Activities (RoPA) Inventory as well as coordinate the Global Incident Response (IR) Process. This involves overseeing a team who are responsible for completing and maintaining EY's Global RoPA and integration of Privacy Impact Assessment (PIA) records and … Third Party Vendor Due Diligence (VDD) data as well as coordinating the work of other resources and EY's Global Delivery Service ("GDS") involved in the Global Incident Response Process. The global data protection team is responsible for the implementation and transformation of EY's privacy compliance program, which include Binding Corporate Rules. The team works closely with … on data protection matters, including both personal data privacy and the protection of client and EY confidential information. The opportunity As the Global Legal Counsel - Data Protection RoPA and Incident Response, you will be responsible for overseeing the Records of Processing Activity (RoPA) process and inventory as well as the management of the Global Incident Response More ❯

and procedure development: Support and oversee the creation, review, and enforcement of information security policies, standards, procedures, and guidelines covering all aspects of security including data handling, access control, incident response, and supplier risk. Security architecture and engineering: Support and oversee the secure design, implementation, and maintenance of secure software development lifecycles (SDLC) and secure system architectures for … all products and business systems. Incident response and management: Develop, implement, and manage the information security incident response plan, including detection, analysis, containment, eradication, recovery, and post-incident review, supporting timely reporting to relevant authorities (eg ICO, NHS England) where required. Vulnerability management and testing: Own, support and oversee programs for vulnerability scanning, penetration testing … processes, along with secure system architecture principles. Risk management: Demonstrated expertise in developing, implementing, and managing information security risk management frameworks, including risk assessment methodologies (eg OCTAVE, FAIR). Incident response: Proven track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg More ❯

and procedure development: Support and oversee the creation, review, and enforcement of information security policies, standards, procedures, and guidelines covering all aspects of security including data handling, access control, incident response, and supplier risk. Security architecture and engineering: Support and oversee the secure design, implementation, and maintenance of secure software development lifecycles (SDLC) and secure system architectures for … all products and business systems. Incident response and management: Develop, implement, and manage the information security incident response plan, including detection, analysis, containment, eradication, recovery, and post-incident review, supporting timely reporting to relevant authorities (eg ICO, NHS England) where required. Vulnerability management and testing: Own, support and oversee programs for vulnerability scanning, penetration testing … processes, along with secure system architecture principles. Risk management: Demonstrated expertise in developing, implementing, and managing information security risk management frameworks, including risk assessment methodologies (eg OCTAVE, FAIR). Incident response: Proven track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg More ❯

or any other characteristic protected by law. Accommodation is available upon request for candidates taking part in the selection process. Job Description: Cyber Risk Advisor Primary Responsibilities Support Cyber Incident In-take and Triage : As the primary back-up to the AXIS Cyber Incident Commander, field in-bound notices of incidents by customers and brokers. Make contact as … will serve as the initial and primary contact point to AXIS by customers, until you refer matters to AXIS Claims and/or 3rd party vendors, as appropriate. Deliver Incident Response "Drills" to Customers: Work with Primary Cyber insurance customers to conduct realistic cyber incident scenario exercises ("Drills"). This complimentary service helps customers test and strengthen … their Incident Response Plans, with practical advice provided following the engagement. This sought-after service would be delivered virtually and may involve third-party experts (e.g. Privacy Counsel, Digital Forensics/Incident Response, etc.). Support customer service program: Through response to requests and direct customer outreach, provide Customers with education, onboarding, and other support More ❯

Primary Details Time Type: Full time Worker Type: Employee Incident Response Specialist London/Hybrid (2 days a week) The Opportunity QBE Europe is currently recruiting an incident response specialist to join our cyber security team in our London Office. Reporting to regional team leads, the Security Incident Responder will be a key member of … high-level proactive and reactive threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events. The focus is to provide effective, proactive and a highly technical analytical response to cyber security-related incidents to prevent QBE from becoming compromised by modern attack methods and techniques. Your new role Act as point of escalation and mentor to junior … and resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures. Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs Actively manage and apply the phases of Incident Response More ❯

how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on cutting-edge research and designed to drive change, resilience, and … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

you're inspired to think big and bring your ambition to work every day, which is why, at British Airways the sky is never the limit. The role: Cyber Incident Lead This role reports into the Cyber Incident Manager, and works with stakeholders across the organisation to ensure BA is able to effectively identify, respond, and recover from … to, and manage, cyber incidents across the BA estate 24/7 365 days a year as part of an on call function. Responsible for developing, maintaining, and managing incident response processes Ability to present on complex, technical concepts to a wide range of stakeholders of varying seniority and knowledge Confident to engage with business stakeholders and build … ambiguous information Assist with the development of BA's in-house digital forensics capability, supporting various investigation teams across the organisation Work closely with other cyber teams to feed incident data back into tuning our security tool configuration and assessing our deployed controls Effectively liaise and communicate with other Operating Companies (OpCos) within IAG to respond to wider-impacting More ❯

We are looking for aEngineering Manager, Security Operations to lead and scale security operations across Vercel's platform and enterprise security functions. This role will focus on operational resilience, incident response readiness, and fostering alignment across security and engineering teams. You will oversee threat detection, response processes, and security best practices, while guiding Security Operations Engineers to … For location-specific details, please connect with our recruiting team. What You Will Do: Lead and manage Security Operations for platform and enterprise security functions, ensuring effective detection and response capabilities. Develop and refine incident response protocols and threat detection processes, ensuring rapid and effective mitigation of security incidents. Own internal attack surface management, including SaaS security … and reduce operational overhead. Support compliance initiatives (PCI, SOC2, ISO) by ensuring audit readiness and security visibility across critical systems. About You: Extensive experience leading security operations functions, including incident response, threat detection, and security monitoring at scale. Strong technical expertise in SIEM, logging infrastructure, and cloud security (AWS, Kubernetes, serverless architectures). Proven leadership in mentoring and More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

seeking a permanent Information Security Specialist to join our prestigious Global Investment Bank client's team. This role involves a wide range of responsibilities including security operations, threat intelligence, incident response, and compliance tasks. The ideal candidate will have experience in IT infrastructure security, particularly within financial institutions, and a strong understanding of various security platforms and standards. … virtualization platforms, Windows, and Linux. Working experience with network infrastructure components such as IPS, SIEM, WAFS, load balancers, proxies, and firewall management systems. Burpsuite and DevSecOps Solid understanding of incident management and forensics for security-related issues. Excellent documentation and communication skills, with the ability to communicate effectively with technical colleagues. Qualifications and Training (Good to Have): CISSP or … identifying and reporting potential unauthorized access. Implement and maintain Active Directory and File Share security controls, and participate in regular AD security assessments and remediation efforts. Threat Intelligence and Incident Response: Monitor and analyse phishing campaigns and assist in managing the organizational phishing response program. Review and distribute threat intelligence alerts to relevant stakeholders, assessing potential impacts More ❯