1 to 25 of 666 Incident Response Jobs in England

Senior Analyst, (Delivery Lead), Incident Response London We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the Incident Response Team. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some … Working in Cyber at S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we'd like to hear from you. Our Incident Response Delivery Leads are a critical part of our Cyber Security division's success. As a Delivery Lead on our team, you will deploy your incident response More ❯

Security Incident Response Engineer, AWS CorpSec Response Job ID: Amazon Development Centre (London) Limited The Amazon Web Services team is looking for a passionate Security Incident Response Engineer who can lead the response to security issues across the largest cloud provider in the world. You must thrive in dynamic/ambiguous situations, and think … like both an attacker and defender, while working through the entire incident response lifecycle. You'll be working in a global team environment where clear and accurate communication and collaboration on security issues is critical. In this role you'll be conducting security monitoring and response activities for the Amazon internal network. We value broad and deep … technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence. We don't expect you to be an expert in all of the domains mentioned above, but we do expect you to be excited to learn about them! You'll apply your More ❯

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - minimum 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. … As the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. … for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

Incident Response Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an Incident Response Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯

Security Engineer, Incident Response , Security Incident Response Team (SIRT) Job ID: Amazon Development Centre Ireland Limited Amazon is seeking a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events … knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence. Key job responsibilities - Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon. - Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future. - Assisting in … the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk. - Identifying and recommending solutions that improve or expand Amazon's incident response capabilities. - Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk. - Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

integral to responding to and managing cybersecurity threats and incidents throughout their lifecycle - from Preparation to Identification, Containment, Eradication, Recovery, and Lessons Learned - collaborating with a global team of incident responders. You will apply your comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address security incidents across our endpoints, network, and cloud infrastructure. In … this role, you will be responsible for prevention, detection, response, and remediation activities, ensuring that information assets and technologies are adequately protected by leveraging various technologies such as Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more. You will also leverage your collaboration and … communication skills to work effectively with all relevant stakeholders in multicultural and global environments. Responsibilities - Report to Director to facilitate all phases in the incident response lifecycle - Be involved in various incident prevention projects to improve Security posture Preparation: - Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc. - Take part in self More ❯

Role: VP - Digital Forensics & Incident Response (DFIR) Manager Location: London (Hybrid working available) Salary: Up to £90,000 + benefits Sector: Cyber Security/Financial Services Overview A leading financial services organisation is seeking a VP-level DFIR Manager to lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role … focused on incident response, threat detection, and forensics within a complex, regulated environment. You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response … investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. Contribute to vulnerability management and remediation plans. More ❯

Senior SOC Engineer/SOC Technical Lead (Incident Response) Reporting into the Security Operations Centre Senior Manager, the role will take the lead across the EMEA region to develop and integrate the Incident Response (IR)/SOC security infrastructure to monitor both on premise and cloud environments. The role will serve as a critical bridge between … operations and engineering. Responsibilities: - Drive and improve continuous monitoring and incident response, serving as a senior resource in the SOC and Incident Response processes. - Configure and integrate platforms, tools, service providers, and solutions into IR/SOC systems, make recommendations as needed. - Consolidate and improve security logging and monitoring solutions on premise and in the cloud … to detect and respond to security threats in real time. - Drive efforts to automate and accelerate the detection and response processes. - Ensure integration of input from the deployed suite of security tools to SOC systems (e.g. SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA, DNS Security, and cloud More ❯

re now seeking a Consultant to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, Incident Response, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . You will be expected to … be a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London office at least three days a week (hybrid) with … on-call rotations that may include weekends/evenings. Experience in digital forensics and incident response is essential. Responsibilities Provide forensic/incident response consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation teams across regions. Deliver high-quality, timely, and efficient results to clients. Ensure work is defensible and meets evidential More ❯

Security Analyst, Security Operations and Incident Response Meta is seeking a Security Analyst to join the Global Security Operations and Incident Response team. The Analyst will serve on the front lines of Meta's Security team and will lead and support security investigations across the company's global infrastructure as well as respond to escalations from … closely with technical teams, with a broad set of skills to tackle the panoply of unique security challenges that we encounter at Meta scale. Security Analyst, Security Operations and Incident Response Responsibilities Investigate and respond to external and internal cybersecurity threats in a timely manner while communicating clearly and proactively until remediation. Act as an escalation point for … high quality and accurate reports for a wide range of stakeholders. Collaborate with Security Engineers and cross-functional teams to investigate and remediate large scale security incidents. Support security incident root cause analysis, identify control gaps, and recommend mitigation strategies. Collaborate with cross-functional teams to drive improvements to security tools, policies and processes. Improve the effectiveness and efficiency More ❯

lawyer to advise on and coordinate data protection matters, in particular, to oversee and run the Global Record of Processing Activities (RoPA) Inventory as well as coordinate the Global Incident Response (IR) Process. This involves overseeing a team who are responsible for completing and maintaining EY's Global RoPA and integration of Privacy Impact Assessment (PIA) records and … Third Party Vendor Due Diligence (VDD) data as well as coordinating the work of other resources and EY's Global Delivery Service ("GDS") involved in the Global Incident Response Process. The global data protection team is responsible for the implementation and transformation of EY's privacy compliance program, which include Binding Corporate Rules. The team works closely with … on data protection matters, including both personal data privacy and the protection of client and EY confidential information. The opportunity As the Global Legal Counsel - Data Protection RoPA and Incident Response, you will be responsible for overseeing the Records of Processing Activity (RoPA) process and inventory as well as the management of the Global Incident Response More ❯

We are looking for a seasoned, detail-oriented Security Incident Manager to join our security team. The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents. This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory … requirements.The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution. This individual will drive teams to ensure timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions. Your Impact Incident Response Leadership Lead … all phases of incident response, including detection, analysis, containment, eradication, recovery and communication. Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams. Ensure adherence to the organization's incident response framework and regulatory requirements. 2. Strategic Communication Serve as the main point of contact for incident updates to More ❯

Social network you want to login/join with: We are looking for a seasoned, detail-oriented Security Incident Manager to join our security team.The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents. This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory requirements. The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution. This individual will drive teams to ensure timely detection, containment, eradication, and recovery from cyber threats while minimizing … operational disruptions. Your Impact Incident Response Leadership Lead all phases of incident response, including detection, analysis, containment, eradication, recovery and communication. Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams. Ensure adherence to the organization's incident response framework and regulatory requirements. 2. Strategic Communication Serve as More ❯

Cyber Incident Response Manager A Global Organisation requires a Contract Incident Response Manager to lead the Cyber Incident response function. Day Rate: £635 - £675pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This Incident Response Manager will have the following previous experience: Direct end-to-end … cyber incident lifecycle management for major security events -ensuring rapid coordination across business units and leveraging tools like Splunk and Defender to contain and mitigate threats Design, maintain, and continuously enhance playbooks, response frameworks, and tabletop exercises, incorporating threat intelligence and detection insights from CrowdStrike and Splunk to mature IR readiness. Lead root cause analysis and develop actionable … reporting and trend analysis using integrated dashboards, combining insights from Splunk and Defender data sources. Serve as the primary advisor to senior leaders and cross-functional teams, guiding cyber incident communications, impact assessment, and risk mitigation strategies across the company, Operating Companies, and Joint Ventures. More ❯

or any other characteristic protected by law. Accommodation is available upon request for candidates taking part in the selection process. Job Description: Cyber Risk Advisor Primary Responsibilities Support Cyber Incident In-take and Triage : As the primary back-up to the AXIS Cyber Incident Commander, field in-bound notices of incidents by customers and brokers. Make contact as … will serve as the initial and primary contact point to AXIS by customers, until you refer matters to AXIS Claims and/or 3rd party vendors, as appropriate. Deliver Incident Response "Drills" to Customers: Work with Primary Cyber insurance customers to conduct realistic cyber incident scenario exercises ("Drills"). This complimentary service helps customers test and strengthen … their Incident Response Plans, with practical advice provided following the engagement. This sought-after service would be delivered virtually and may involve third-party experts (e.g. Privacy Counsel, Digital Forensics/Incident Response, etc.). Support customer service program: Through response to requests and direct customer outreach, provide Customers with education, onboarding, and other support More ❯

Security Engineer, AWS SOC Incident Response Job ID: Amazon Data Services UK Limited The Amazon Web Services Security Operations Center AWS-SOC Team manages security issues across the globe. The team is looking for a highly motivated, technically inclined individual to work as a Security Engineer. A successful candidate will need to embody our 16 leadership principles; especially … real-time. - Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. - Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. - Maintain and optimize security information and event management systems and other security tools used in the SOC. - Collaborate with other teams to enhance threat intelligence, improve … incident response procedures, and provide regular reports on security posture. A day in the life A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating More ❯

how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on cutting-edge research and designed to drive change, resilience, and … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯

Security Operations Specialist to join our cybersecurity team. In this role, you will be responsible for administering and enhancing our security monitoring and detection capabilities, ensuring rapid and effective response to cyber incidents, and driving continuous improvements across our security operations. The main responsibilities will include overseeing and optimizing alert rules and triggers, guiding the Cyber Incident Response Team (CIRT) in Level 1 incident handling, and stepping in to manage Level 1 and Level 2 responses when needed. You will play a key role in maintaining and developing cyber response playbooks, actively monitoring IT and security infrastructure beyond the scope of our Security Operations Centers (SOCs) and ensuring alignment with organizational IT security policies and … Network and Application Security, Cloud environments, and Endpoint Protection. What you'll be doing Administer and optimize security monitoring and detection tools, refining alert rules and triggers to enhance incident detection by optimizing Monitoring and Detection Systems: Consistently improve and fine-tune security monitoring tools and alert rules to maximize timely detection and minimize false positives, including the health More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

you then please read on! As a UK/EMEA Lead DART Analyst, you will serve as the bridge between frontline analysts and DART management, helping guide real-time incident response, providing mentorship and quality assurance across shifts, and contributing to process development and strategic improvement. You will lead shift operations, act as an escalation point for complex … investigations, and ensure consistent application of incident response processes across global teams. Key Responsibilities Operational Leadership Coordinate daily DART shift activities to ensure smooth operations and adequate coverage. Act as an escalation point for high-priority security alerts and investigations. Act as an Incident Commander to ensure the incident investigation process is streamlined and completed from … start to finish. Conduct QA reviews on tickets to ensure accuracy, completeness, and adherence to IR procedures. Lead shift handovers, ensuring continuity and communication across regions. Incident Response Monitor and triage security alerts using SIEM, EDR, and NDR platforms. Perform in-depth investigations into potential threats, applying TTP-based analysis and leveraging internal tools. Collaborate with business units More ❯

with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incident response playbooks, reviewing existing policy sets, documenting key BAU and incident response processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incident response playbooks Policy reviews Incident response If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯

with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incident response playbooks, reviewing existing policy sets, documenting key BAU and incident response processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incident response playbooks Policy reviews Incident response If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯