1 to 25 of 203 Remote Incident Response Jobs in England

Senior Analyst, (Delivery Lead), Incident Response London We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the Incident Response Team. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some … Working in Cyber at S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we'd like to hear from you. Our Incident Response Delivery Leads are a critical part of our Cyber Security division's success. As a Delivery Lead on our team, you will deploy your incident response More ❯

Incident Response Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an Incident Response Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

Inside IR35 via umbrella Location: Birmingham hybrid (2-3 days per week in office) Are you an experienced Security Operations Director with strong knowledge of SOC + Security operations, Incident Response implementation, SOC Process Development, Security Ops Budget + Financial Management and Security Ops Maturity Improvement amongst others? ARM is recruiting for a fulltime contract experienced Security Operations … operational maturity improvements, and oversees containment and recovery activities. Operating at SFIA Level 6, the role requires the initiation, definition, and oversight of high-impact security operations activities, including incident response, operational maturity improvement, containment, and recovery efforts. The Director is responsible for aligning security initiatives with business objectives and ensuring the organisation's resilience against evolving threats. … will: Pre-Sales Support and Business Development o Partner with sales and business development teams to define and articulate the value proposition of the security offerings, including SOC services, incident response, threat intelligence, vulnerability management, and compliance. o Represent the security operations function in client engagements, pre-sales discussions, and technical assessments, positioning the organisation's capabilities to More ❯

Role: VP - Digital Forensics & Incident Response (DFIR) Manager Location: London (Hybrid working available) Salary: Up to £90,000 + benefits Sector: Cyber Security/Financial Services Overview A leading financial services organisation is seeking a VP-level DFIR Manager to lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role … focused on incident response, threat detection, and forensics within a complex, regulated environment. You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response … investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. Contribute to vulnerability management and remediation plans. More ❯

and procedure development: Support and oversee the creation, review, and enforcement of information security policies, standards, procedures, and guidelines covering all aspects of security including data handling, access control, incident response, and supplier risk. Security architecture and engineering: Support and oversee the secure design, implementation, and maintenance of secure software development lifecycles (SDLC) and secure system architectures for … all products and business systems. Incident response and management: Develop, implement, and manage the information security incident response plan, including detection, analysis, containment, eradication, recovery, and post-incident review, supporting timely reporting to relevant authorities (eg ICO, NHS England) where required. Vulnerability management and testing: Own, support and oversee programs for vulnerability scanning, penetration testing … processes, along with secure system architecture principles. Risk management: Demonstrated expertise in developing, implementing, and managing information security risk management frameworks, including risk assessment methodologies (eg OCTAVE, FAIR). Incident response: Proven track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg More ❯

and procedure development: Support and oversee the creation, review, and enforcement of information security policies, standards, procedures, and guidelines covering all aspects of security including data handling, access control, incident response, and supplier risk. Security architecture and engineering: Support and oversee the secure design, implementation, and maintenance of secure software development lifecycles (SDLC) and secure system architectures for … all products and business systems. Incident response and management: Develop, implement, and manage the information security incident response plan, including detection, analysis, containment, eradication, recovery, and post-incident review, supporting timely reporting to relevant authorities (eg ICO, NHS England) where required. Vulnerability management and testing: Own, support and oversee programs for vulnerability scanning, penetration testing … processes, along with secure system architecture principles. Risk management: Demonstrated expertise in developing, implementing, and managing information security risk management frameworks, including risk assessment methodologies (eg OCTAVE, FAIR). Incident response: Proven track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg More ❯

how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on cutting-edge research and designed to drive change, resilience, and … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯

We are looking for aEngineering Manager, Security Operations to lead and scale security operations across Vercel's platform and enterprise security functions. This role will focus on operational resilience, incident response readiness, and fostering alignment across security and engineering teams. You will oversee threat detection, response processes, and security best practices, while guiding Security Operations Engineers to … For location-specific details, please connect with our recruiting team. What You Will Do: Lead and manage Security Operations for platform and enterprise security functions, ensuring effective detection and response capabilities. Develop and refine incident response protocols and threat detection processes, ensuring rapid and effective mitigation of security incidents. Own internal attack surface management, including SaaS security … and reduce operational overhead. Support compliance initiatives (PCI, SOC2, ISO) by ensuring audit readiness and security visibility across critical systems. About You: Extensive experience leading security operations functions, including incident response, threat detection, and security monitoring at scale. Strong technical expertise in SIEM, logging infrastructure, and cloud security (AWS, Kubernetes, serverless architectures). Proven leadership in mentoring and More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

Role: As a Cyber Security Manager, you will be responsible for monitoring, analyzing, and improving the security posture of the organization. You will drive the maturity of security monitoring, incident response, and threat intelligence capabilities, working closely with technical and business teams. Key Responsibilities: Develop and refine security monitoring controls and use-cases to detect threats and anomalies. … Investigate security incidents, conduct forensics analysis, and manage incident response processes. Collaborate with independent penetration testing programs and support risk assessment processes. Implement and mature threat intelligence capabilities and integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK … and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security technologies, including SIEM tools, network security, IAM solutions, and DLP tools. Hands-on experience with incident investigation tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and More ❯

Role: As a Cyber Security Manager, you will be responsible for monitoring, analyzing, and improving the security posture of the organization. You will drive the maturity of security monitoring, incident response, and threat intelligence capabilities, working closely with technical and business teams. Key Responsibilities: Develop and refine security monitoring controls and use-cases to detect threats and anomalies. … Investigate security incidents, conduct forensics analysis, and manage incident response processes. Collaborate with independent penetration testing programs and support risk assessment processes. Implement and mature threat intelligence capabilities and integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK … and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security technologies, including SIEM tools, network security, IAM solutions, and DLP tools. Hands-on experience with incident investigation tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and More ❯

alert fatigue. You'll create bespoke analytic rules and collaborate with analysts to refine detection capabilities. You'll also take an active role in managing security alerts and leading incident response and investigation efforts. As a senior colleague, you'll advise on cyber risks, emerging threats, and mitigation strategies aligned with the Government Security Framework and standards. You … as expected, ensuring requirements, policies, and standards to govern all activities and outputs are met. Reviewing high-priority or high-complexity analysis of security event data to manage security incident response, making key decisions on reporting or escalations for monitoring Containing and remediating those incidents, identifying potential process improvements. Communicating with a broad range of senior stakeholders and … be responsible for defining the vision, principles, and strategy for incident response Deputising for the SOC manager as a when required. Reviewing incident documentation ensuring that appropriate lessons learned are captured and implemented. Maintaining and integrating Cyber Threat Intelligence services to enhance the Departments capabilities to detect threats. Mentor junior engineers and contribute to the development of More ❯

and ISO27001:2022. Risk Management : Lead the identification and mitigation of information security risks across all operations. Security Architecture : Oversee secure system and software design throughout the development lifecycle. Incident Response : Manage the full lifecycle of security incidents, including reporting to relevant authorities. Awareness & Training : Drive a strong security culture through staff training and awareness initiatives. Regulatory Compliance … Deep understanding of secure SDLC and embedding security into product and system architecture. Risk Management : Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. More ❯

organised crime remains the biggest concern for digital leaders. Public services, councils and healthcare providers continue to be high-profile victims. This is driving demand for security operations specialists, incident response teams and forensic analysts. Supply chain risk is under the spotlight Breaches linked to third-party providers have exposed vulnerabilities beyond company walls. In response, organisations … evolving threats and advising on proactive measures. Typical salary: £50,000 to £85,000 Cybersecurity Analyst - A key all-rounder role, analysts monitor networks, investigate suspicious activity and support incident response efforts. They are often the first to identify and flag vulnerabilities. Typical salary: £45,000 to £70,000 We're also seeing new hybrid titles emerge, such … business. The Skills Employers Are Prioritising Employers are looking for more than technical knowledge, they're searching for people who can make a real impact. Core technical skills include: Incident response and threat hunting Identity and access management Zero Trust architecture Familiarity with UK regulatory standards and NCSC guidance Certifications often requested: CISSP, CISM, CISA CompTIA Security+ ISO More ❯

Location: United Kingdom 100% Remote? Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incident response Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What … You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security … MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to More ❯

Director of Cyber Security - NIST CSF, Risk Management, Incident Response - Dublin - £150,000 + 40% bonus A leading international gaming and entertainment company are searching for a Director of Cyber Security to drive their Group cyber security strategy and build resilience across their global operations. The Director of Cyber Security's responsibilities will be: Lead implementation of Group … implementing technology security policies and NIST CSF standards. Strengthen cyber governance and risk management, providing timely and accurate risk reporting to senior management and risk committees. Lead Security Monitoring & Incident Response teams, ensuring robust processes across critical business systems. Oversee Platforms & Services Security teams, ensuring assets comply with NIST CSF v2 and Group policies. Manage SEC reporting requirements … experienced cyber security leader looking to drive strategic transformation at a global entertainment company with operations across multiple markets? Please apply! Director of Cyber Security - NIST CSF, Risk Management, Incident Response - Dublin (mostly remote) - £150,000 + 40% bonus Burns Sheehan Ltd will consider applications based only on skills and ability and will not discriminate on any grounds. More ❯

in Leeds office per quarter. Mostly remote working. DGH Recruitment are currently recruiting on behalf of a leading global organisation who are looking for a Threat detection and threat response subject matter expert to join the team on a permanent basis. Responsibilities: - Design, engineer, and manage automations and workflow improvements for security operations analysts to triage and respond to … detected events. - Build and enhance security automation playbooks using SOAR platforms or custom scripts Serve as a technical resource for the security operations team during active response efforts. - Conduct and manage event/incident investigations and post-mortem analysis as needed. - Document and maintain Automation, Detection and Incident Response procedures as required. - Regularly monitor and translate … logs to determine trends and identify security incidents. - Assist in responding to audits, penetration tests and vulnerability assessments. Required Skills/Experience: - Experience with SIEM security telemetry, security monitoring, incident detection, incident response and forensics - Experience in Threat hunting & IR experience in Windows and/or Linux environments, cloud/hybrid environments - Proficient in SIEM management, configuration More ❯

a leading organisation based in Croydon, who are looking to employ an experienced Cyber Security Manager with an in-depth knowledge of Cybersecurity frameworks, tools, and technologies, ISO27001 adoption, Incident management and Change management. This role involves the development and implementation of security strategies, policies, and procedures to protect against cybersecurity threats, as well as actively monitoring and responding … per week Some of the main duties of the Cyber Security Manager will include: Security Strategy & Implementation: Design, implement, and maintain comprehensive cybersecurity policies, procedures, and controls Threat Detection & Response: Continuously monitor the digital environment for potential vulnerabilities and security breaches Incident Management : Lead incident response activities, coordinating with IT teams to mitigate risks and minimise … damage. Responsible for writing incident reports, gathering input across the technical and business teams to then share the report and project management of any improvement change actions Security Integration & System Management: Collaborate with IT and development teams to ensure security is embedded in all new and existing applications, systems, and network infrastructure Risk Management & Compliance: Ensure compliance with industry More ❯

skill growth. Mentorship: Support junior analysts through guidance and promote a culture of learning and innovation. Technical Leadership: Act as the principal expert to ensure effective monitoring, detection, and response to security threats. Continuous Improvement: Drive innovation and keep the team aligned with the latest cybersecurity practices. Tool Optimisation: Oversee the enhancement of security tools to maintain a proactive … security posture. Incident Response: Provide expert guidance during security incident investigations and response efforts. Insider Threat: Manage and investigate Insider Threat cases as required. Threat Hunting: Lead scheduled threat hunts to ensure thorough detection of advanced threats. External Collaboration: Work with external partners to strengthen SOC defenses and ensure compliance. Customer Network Oversight: Serve as the … dynamic service. You'll need strong analytical skills and the ability to communicate professionally with peers and customers, even under pressure. Proven cyber security experience in protective monitoring and incident response (e.g., GIAC GMON, GCIA, GCIH, or equivalent). Hands-on experience with SIEM tools (LogRhythm, Splunk) and IDS (Snort). Solid background in network and host security. More ❯

a leading organisation based in Croydon, who are looking to employ an experienced Cyber Security Manager with an in-depth knowledge of Cybersecurity frameworks, tools, and technologies, ISO27001 adoption, Incident management and Change management. This role involves the development and implementation of security strategies, policies, and procedures to protect against cybersecurity threats, as well as actively monitoring and responding … per week Some of the main duties of the Cyber Security Manager will include: * Security Strategy & Implementation: Design, implement, and maintain comprehensive cybersecurity policies, procedures, and controls * Threat Detection & Response: Continuously monitor the digital environment for potential vulnerabilities and security breaches * Incident Management : Lead incident response activities, coordinating with IT teams to mitigate risks and minimise … damage. Responsible for writing incident reports, gathering input across the technical and business teams to then share the report and project management of any improvement change actions * Security Integration & System Management: Collaborate with IT and development teams to ensure security is embedded in all new and existing applications, systems, and network infrastructure * Risk Management & Compliance: Ensure compliance with industry More ❯

a leading organisation based in Croydon, who are looking to employ an experienced Cyber Security Manager with an in-depth knowledge of Cybersecurity frameworks, tools, and technologies, ISO27001 adoption, Incident management and Change management. This role involves the development and implementation of security strategies, policies, and procedures to protect against cybersecurity threats, as well as actively monitoring and responding … per week Some of the main duties of the Cyber Security Manager will include: * Security Strategy & Implementation: Design, implement, and maintain comprehensive cybersecurity policies, procedures, and controls* Threat Detection & Response: Continuously monitor the digital environment for potential vulnerabilities and security breaches* Incident Management : Lead incident response activities, coordinating with IT teams to mitigate risks and minimise … damage. Responsible for writing incident reports, gathering input across the technical and business teams to then share the report and project management of any improvement change actions* Security Integration & System Management: Collaborate with IT and development teams to ensure security is embedded in all new and existing applications, systems, and network infrastructure* Risk Management & Compliance: Ensure compliance with industry More ❯

are secure by design, resilient to threats, and aligned with best-in-class standards (including ISO 27001 and SOC 2). You'll play a key role in monitoring, incident response, vulnerability management, and secure DevOps practices-helping us maintain customer trust and regulatory compliance as we scale. What You'll Do Monitor systems and infrastructure for potential … vulnerabilities, threats, and breaches Own and improve incident detection, response, and recovery processes Implement and manage SIEM, intrusion detection, vulnerability scanners, and other security tooling Collaborate with DevOps and Engineering to embed security into CI/CD pipelines and cloud infrastructure (Azure) Manage processes for regular vulnerability assessments and penetration testing (internal or third-party) Support internal audits … security monitoring tools such as SIEM, EDR, vulnerability management tools, and log aggregation platforms Strong knowledge of security frameworks, standards, and best practices (ISO 27001, SOC 2, GDPR) Proven incident response, threat detection, and investigation experience Experience with cloud platforms (preferably Azure), identity & access management, and secure networking Scripting or automation experience (e.g. PowerShell, Python, Bash) Clear, proactive More ❯

setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit … preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Incident Response & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and More ❯

natural focus sits in protecting an organization's technology infrastructure and data from cyber-attacks. Provide support and expertise during cyber incidents and contribute to the development of cyber incident management and response plans Prepare detailed technical documentation to support with the improvement of a customer’s security estate, acting as a go-to for general advice and … spent Progression Plan - training & mentor programme. Experience 2+ years in Pre-Sales or similar role within an MSP/Reseller organisation. Previous experience being part of or working with incident response teams would be beneficial Good understanding of incident response stages and handling preferred o Knowledge and/or experience using endpoint detection and threat management More ❯