26 to 50 of 499 Incident Response Jobs in England

environment and you will have on-going opportunities to develop your technical skills and grow within cyber security What you will do: Security Monitoring & Incident Response Actively monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos AV. Investigate suspected … malware infections, phishing campaigns, identity compromise, and unauthorised access attempts. Perform triage, root cause analysis, containment, and remediation of security incidents. Lead or support incident response activities in line with internal policies and procedures. Escalate significant incidents appropriately and provide clear, timely updates to stakeholders. Threat Detection & Prevention ...

integrated into business unit initiatives, motivating business units to adopt efficient security controls throughout their lifecycle. Oversight of R&B’s and Corporate platforms response to Incident, integrating cyber incident response policies with business operations to improve agility and effectiveness in cyber incident management. Work … internal business units to enhance cyber security communication, including knowledge of threats, vulnerabilities, and mitigation strategies. Provide strategic insights to senior management on cyber incident response readiness and effectiveness. Collaborate with security leadership to enforce cyber security policies and practices, addressing operations and incident response. Provide expertise ...

Senior Cyber Incident Responder Daily Rate: Inside IR35 Location: Sheffield Job Type: Hybrid (2-3 days on-site) Join our Cyber Defence Centre (CDC) as a Senior Cyber Incident Responder. This senior, business-facing role within Security Operations & Engineering focuses on end-to-end cyber incident management … coordination, and stakeholder engagement across complex environments. You will lead the response to high-severity cyber incidents, ensuring effective command, communication, and decision-making throughout the incident lifecycle. Day-to-day of the role: Incident Leadership & Management: Lead the coordination of high-severity cyber incidents from initiation ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

improvement Lead security engagement within client Design Authority and Enterprise Architecture forums Manage integration with the client SOC, including security reporting, SIEM alignment, and incident response coordination Oversee security incident management in line with the client Cyber Security Incident Response Plan Own joiner/mover … Strong understanding of NCSC HMG IAS5, Cyber Assessment Framework (CAF), ISO 27001, and GDPR Hands-on experience integrating with a UK Government SOC, including incident response and security reporting Strong working knowledge of Oracle Cloud security (OCI IAM, Vault, network security, audit, PAM) Experience securing Oracle SaaS applications ...

into change initiatives, and security by design principles are applied. Provide 3rd line support to the IT service desk, responding to support requests and incident tickets which have been triaged and escalated to the cybersecurity operations team, and provide out of hours support through participation in an on-call … threat hunting, analysing logs and event data across the firms' systems, and procuring threat intelligence to inform the hunts. Provide technical leadership during security incident response, from identification through to containment, eradication, recovery and post incident review, reporting and recommendations; liaising with external IR providers as required. ...

incidents and mangment of the SOC Analysts. This is a critical leadership role, responsible for protecting the organisation against real-time cyber threats, driving incident response, and ensuring resilience across a complex technology estate. Our client is offering a 6 month rolling contract, paying … high-impact opportunity to shape cyber strategy at an enterprise level, working closely with senior stakeholders and external agencies to strengthen security posture and response capability. You will play a key role in building and evolving the CSOC capability, operating within a highly visible and business-critical function, with ...

group’s Data Protection Lead (a non-statutory role distinct from a formal DPO appointment). The group’s security posture, risk register, incident response and audit defensibility all sit with you. If something has a security or data protection dimension, it lands on your desk first. Security … endpoint protection (Bitdefender GravityZone), conditional access, MFA, identity governance, vulnerability management, and security awareness and phishing simulation programmes via KnowBe4. Lead incident response — triage, containment, recovery, post-incident review and reporting, with playbooks kept current and tested. Oversee security across Auro Technology’s software stack — IoT device ...

play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security into the design of our Microsoft Word … threat modelling, define non-functional security requirements, and review designs for security impact. Guide security considerations in our AI/LLM-enabled products. Risk & Incident Management Own the company-wide incident response plan and lead tabletop exercises. Perform ongoing risk assessments, vendor security reviews, and DPIAs. Ensure ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end , lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolving cyber function. What you'll be doing … Leading and developing a Cyber Security Operations team Acting as incident commander during cyber events and investigations Maturing SOC, CSIRT and incident response capabilities Driving threat hunting, detection and monitoring improvements Owning vulnerability management and pen test governance Ensuring alignment with ISO27001, NIST, GDPR and regulatory expectations ...

business teams to protect research data, intellectual property, scientific platforms, regulated data and contract-bound information. Own and continuously improve Nxera’s cyber incident response capability, including playbooks, escalation routes, tabletop exercises, communication protocols and post-incident reviews. Manage the relationship and operational effectiveness of external cybersecurity … Microsoft Entra ID, Azure security, Intune, Microsoft Defender, Conditional Access, endpoint protection, data loss prevention, logging and monitoring. Experience with cybersecurity governance, risk management, incident response, vulnerability management, third-party security assurance and security control improvement. Experience managing external cybersecurity partners/vendors, such as SOC/ ...

mature cyber security capability, working closely with an outsourced Security Operations Centre. This is a hands-on technical role focused on security monitoring, incident response, threat detection and platform optimisation, with particular emphasis on CrowdStrike and Splunk technologies. You will also support capability development within the wider security … will need proven experience working with the following: Cyber Security Engineering or SOC Engineering within complex environments CrowdStrike Falcon, including endpoint protection, detection and response Splunk Enterprise Security, dashboard development and alert optimisation Incident response, threat hunting and security monitoring Writing and optimising Splunk SPL queries Security ...

detected by automated controls Translate threat intelligence into actionable hunt hypotheses Continuously refine detection logic based on hunt outcomes and emerging threats Investigations & Incident Response Lead complex and high-severity security investigations from triage through containment and remediation Act as the technical escalation point for advanced SOC investigations … Conduct root cause analysis and attacker kill-chain reconstruction Produce clear, defensible investigation documentation suitable for executive, legal, and regulatory audiences Coordinate incident response activities with IR, IT, Legal, Risk, and external partners as required SOC Technical Leadership Define investigation standards, workflows, and quality benchmarks Mentor and upskill ...

Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting … complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond ...

Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting … complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond ...

security operations tooling (SIEM, DLP, IAM, endpoint protection) to safeguard systems and data Develop, implement, and monitor KPIs and dashboards to measure detection effectiveness, incident response performance, data protection posture, and compliance Own and support Microsoft Purview capabilities including Information Protection, Data Loss Prevention, Data Lifecycle Management … risk, compliance, data governance, and IT teams to maintain robust security controls, support audit readiness, and strengthen operational resilience Support and participate in security incident response and investigations, ensuring rapid containment, remediation, and recovery. What we are looking for in our ideal Security Operations Engineer : Proven experience ...

Join us as a Site Reliability Engineer In this role, you’ll support improvements to availability, performance, efficiency, change management, monitoring, security, incident response, and capacity planning for our products and services You’ll enjoy significant stakeholder interaction, working in collaboration with engineers to ensure a principled approach … ensure services are observable, scalable, and resilient. You’ll also participate in the 24/7 support and on-call rotation, gaining experience in incident response and platform operations. In this role, we’ll expect you to be involved as well in the operation of AWS-based Kubernetes ...

experience. This is a senior, hands-on role working across firewalling, on-premise and cloud security, secure infrastructure, network security, workload segmentation, hardening, monitoring, incident response and security architecture. The environment is highly secure and regulated, with a strong focus on enterprise firewalling, Elastic/Elasticsearch, VMware-based … Server environments, Active Directory, Group Policy and endpoint configurations Implementing, auditing and remediating against CIS Benchmarks, STIGs and security hardening standards Supporting vulnerability management, incident response, root cause analysis and remediation planning Embedding security into DevSecOps/CI/CD practices, including automated security testing and policy ...

UBDS Group is looking for a highly skilled Senior Digital Forensics and Incident Response (DFIR) Consultant located in Manchester. This role focuses on delivering DFIR services to clients while supporting internal cybersecurity operations. You will lead incident response activities, conduct forensic investigations, and work closely with ...

Group plc is seeking a DFIR Managing Consultant to lead incident response engagements and manage a team of DFIR consultants. The role requires extensive experience in incident response and digital forensics, providing critical guidance during complex situations. Key responsibilities include coordinating teams, delivering thorough investigations ...

matched up to 9%, Hybrid working opportunity, Private Healthcare. Responsibilities Managing checklists and problem management through to handover or resolution. Threat identification and classification. Incident response lead. Report writing. Stakeholder management. Continuous improvement. Junior SOC staff mentoring. Tasks Maintain and monitor effectiveness of security measures and controls. … SIEM and EDR tools. Monitor and configure IDS/IPS. Analyse and create reports for security incidents, root cause, lessons learnt. Create and rehearse Incident Response plans; support audits and red team engagements. Work closely with Cyber Security/IT teams and external support groups. Communicate with individuals ...

security alerts, intrusions, and unauthorised activity Responding to incidents in line with defined SOC playbooks Escalating complex or high-risk incidents to Tier 2 Incident Response teams Reviewing vulnerability scan results and feeding findings back to technical teams Supporting secure configuration reviews and remediation activities Producing regular service … Junior SOC Analyst essential skills A qualification in Cyber Security, Computer Science, Networking, or a related technical discipline Strong interest in cyber security and incident response Understanding of core security concepts and common cyber threats Ability to follow processes, investigate alerts, and document findings clearly Willingness to work ...

execution, scaling the team, building operational maturity, and championing AI-augmented development practices. You will operate at multiple levels — coaching managers and ICs, owning incident response, and setting the operational direction for Xapien’s engineering organisation. The CTPO retains product and technical vision; you make it happen. This … architectural decisions within a domain-driven design structure. ● Establish engineering-wide standards for code quality, review processes, and technical governance. ● Build observability, incident management, and on-call practices that scale with team growth and deployment frequency. ● Embed DevOps, MLOps, security, and compliance practices into day-to-day workflows. ● Balance ...

This is an initial 6 month contract paying up to £600 per day Outside IR35. The role focuses on supporting security operations monitoring and incident response activities within a large enterprise environment. This role allows remote working with occasional travel to London when required. The successful SOC Analyst … cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams to improve detection capabilities Experience within financial services, fintech or other regulated environments would ...