26 to 50 of 307 Incident Response Jobs in England

Overall Package The role Join a leading financial services client as a Cyber Threat Specialist (Blue Team) and help strengthen a critical Threat Detection & Response function. You will be a key member of the Threat Detection & Response team, focusing on defensive security across complex, business-critical environments. Working … optimise high-fidelity detections, investigate incidents, and contribute to continuous improvement of cyber defences. What youll be doing Deliver hands-on detection engineering, incident response, threat hunting, security engineering and threat intelligence activities. Investigate and respond to security incidents across host, identity, email, SaaS and cloud workloads. ...

users. We are looking for a Cyber Security Engineer to join our IT Security team and play a key role in security operations, incident response, vulnerability management and the ongoing development of our security posture. This is a hands-on role for a driven security professional who enjoys … organisation. Key responsibilities Monitor, investigate and respond to cyber security incidents using SIEM, EDR/MDR and other security tooling Perform deep-dive incident analysis across multiple log sources to identify root cause, indicators of compromise (IoCs) and remediation actions Conduct proactive and reactive threat hunting activities Manage vulnerability ...

Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience … leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks ...

Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience … leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks ...

Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience … leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks ...

security incidents for our customers using Microsofts leading security technologies. Youll work closely with senior analysts and engineers, playing a key role in incident response while also contributing to the continuous improvement and evolution of our SOC services. About The Role As a Security Operations Analyst, you will … Provide day-to-day monitoring and initial response for SOC customers in line with Intercitys Security Incident Response Framework. Investigate alerts generated by Microsoft Sentinel and Microsoft Defender for 365, identifying true positives and responding appropriately. Analyse multiple security data sources to detect malicious activity and support ...

Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing ...

drive improvements to tools, processes, automation, and reporting to enhance programme maturity. Stay current with emerging vulnerabilities, zero-day threats, and vendor advisories. Support incident response activities where vulnerabilities are linked to potential security events. What Youll Bring Proven experience in vulnerability management, cyber security operations … SIEM, SOAR, EDR, and associated security tooling. Strong analytical skills with the ability to translate technical risk into clear, executive-level reporting. Experience supporting incident response and investigations. Excellent stakeholder management skills, with the confidence to challenge and influence both technical and non-technical teams. Strong understanding ...

enterprise-wide security strategy, and ensure resilience across all technology environments during a time of rapid change. You'll oversee governance, architecture, operations, and incident response, while working closely with senior leadership to safeguard critical systems, data, and digital services. Acting as a trusted advisor, you'll translate … drive a global information security strategy aligned to organisational priorities and risk appetite. Lead multidisciplinary teams spanning governance, risk, compliance, architecture, operations, and incident response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring ...

/LLM tools , including Copilot, Azure OpenAI, and agentic systems-ensuring proper guardrails, risk assessments, and data protection. Participate in cloud monitoring, detection & incident response , working with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labeling, access control … governance controls using Microsoft Purview. Practically skilled in AI security , including risk identification, secure integration patterns, and AI governance models. Experience with cloud monitoring, incident response, SIEM/XDR operations. Ability to translate complex security risks into clear business language and actionable recommendations. Desirable Skills Experience with secure ...

role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional who thrives in fast … alerts across SIEM platforms and ticketing systems, managing incidents through to resolution Participate in an on-call rota to support live security incidents Manage incident queues and approvals within IT service management tools Act as a subject matter expert for nominated security technologies, ensuring effective configuration and optimisation Support ...

with strong backgrounds in cyber, intelligence, communications, CIS or operational security environments. About the Role: You will lead medium to high-severity investigations, support incident containment and remediation, and act as the escalation point for Tier 1 analysts. You’ll play a key part in threat hunting, detection engineering … impact role where your expertise genuinely makes a difference. What You Will Be Doing: • Leading triage, investigation and classification of security events • Owning complex incident response, containment and root cause analysis • Providing technical escalation support to junior analysts • Conducting threat intelligence analysis and sharing insights • Enhancing SIEM rules ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

client environments and act as a trusted security advisor. What you’ll be doing: Designing and implementing security solutions (firewalls, endpoint, cloud security) Leading incident response and remediation activities Conducting vulnerability assessments & penetration testing Implementing security monitoring, reporting & best practices Advising clients on Cyber Essentials, CE+, GDPR … similar environment Firewall experience (Palo Alto, Fortinet) EDR/endpoint protection (Microsoft Defender, Sophos, Bitdefender) Network & cloud security knowledge (Azure, AWS, VPNs, VLANs, DNS) Incident response & vulnerability management experience Cyber Essentials/CE+ knowledge or certification Confident communicator, comfortable in client-facing scenarios What’s on offer: Hybrid ...

Implement monitoring, logging, and alerting using Azure Monitor, Application Insights, and Log Analytics Design and support identity and access management controls across environments Support incident response, recovery processes, and operational resilience Design backup and recovery strategies, ensuring RTO/RPO requirements are met Develop scripts and automation tools … Microsoft Fabric deployments Experience with identity and access management in Azure environments Understanding of backup and recovery design including RTO/RPO Experience supporting incident response and recovery Strong problem-solving and troubleshooting skills Experience working collaboratively with engineering teams, security teams, and third-party partners Working Style ...

Analyst (Tier 2) to support their security operations function. This role will focus on investigating security incidents, improving detection capabilities and supporting the wider incident response process. Key Responsibilities: Investigate and respond to security alerts and incidents Perform threat analysis and incident investigation Analyse security logs … understanding of security threats, vulnerabilities and attack techniques Hands-on experience with SIEM platforms (Splunk, Sentinel, QRadar, Elastic) Knowledge of endpoint security tools and incident response processes Strong analytical and investigative skills Nice to Have: Experience with CrowdStrike, SentinelOne or Microsoft Defender Knowledge of MITRE ATT&CK framework ...

stakeholder input for operational excellence Ensure SLA compliance, lead governance, and implement corrective actions as needed Coordinate NOC processes including escalation, event monitoring, and incident response to maintain service stability Support Vendor Partnership Manager (e.g., Oracle) Drive continuous improvement using data, feedback, and industry trends to streamline service … delivery Lead major incident response and escalation, ensuring rapid resolution and clear communication across teams Conduct problem management and root cause analysis, implementing lasting solutions and reducing incidents Analyse ticket data to uncover opportunities for automation and process improvements Deliver comprehensive reports on KPIs, SLAs, incident trends ...

approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures … risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring ...

expert for Microsoft Sentinel and Defender XDR? Join my international client and take ownership of advanced engineering, threat hunting, and incident response in a modern, cloud-first environment.? My client is an international Consultancy firm, specialist in Cyber Security and looking for a Senior Security Engineer to take … lead role in advanced engineering work for SIEM and XDR , escalated security incident response, and advanced threat hunting. What this job is really about Owning M icrosoft Sentinel and Defender XDR so they work for you, not the other way round: shaping the data, the rules, the playbooks ...

regions. Key Responsibilities Lead the design and implementation of secure authentication, authorisation, and data protection frameworks. Manage and enhance Data Loss Prevention (DLP) systems, incident response, and risk management processes. Oversee cloud security architecture across Azure, O365, and iManage Cloud environments. Collaborate with global IT, compliance, and risk … information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. ...

improvement, tuning and optimisation of security systems Support the delivery of projects with security assurance and alignment to best practice Collaborate with threat intelligence, incident response teams, and internal stakeholders Develop metrics, reporting, and dashboards to track operational effectiveness What we're looking for: Proven experience leading cyber … security operations, SOCs or threat defence teams Strong knowledge of vulnerability management, security testing, and incident response Experience managing technical teams and working with outsourced security providers Ability to translate threat intelligence into actionable operational improvements Familiarity with regulatory compliance, service management, and security frameworks SC Clearance ...

maintains observability capabilities across applications, infrastructure, and cloud platforms. The role ensures reliable log ingestion, actionable monitoring, and high-quality telemetry to support operations, incident response, and platform assurance. Key Responsibilities Monitoring & Observability Implement and manage monitoring platforms such as Splunk, Elastic, Azure Monitor, Log Analytics, or similar … Ensure consistent, compliant log ingestion from Servers, applications, and cloud services. Optimise data retention, indexing, and storage efficiency. Operational Support & Assurance Support troubleshooting and incident response through log analysis and metrics insights. Conduct platform tuning, optimisation, and capacity reviews. Identify monitoring gaps and implement improvements to strengthen observability. ...

practical learning, and shaping the next generation of defence cyber capability. Key Responsibilities Training Delivery & Subject Matter Expertise Deliver high‐quality cyber security and incident response training to learners with varying experience levels. Translate real‐world cyber operations, threat analysis, and incident handling into clear, practical instruction. … competence. Key Skills & Experiences Live SC Clearance Strong hands‐on knowledge of cyber threats, network security, risk management, and compliance frameworks. Deep understanding of incident response methodologies, detection, investigation techniques and tooling. Ability to communicate complex technical concepts in a clear, engaging and learner‐friendly manner. Experience designing ...