26 to 50 of 413 Incident Response Jobs in England

Incident Responder/IR Consultant Hybrid - UK Wide Up to £85k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR/DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

build scalable, observable, and resilient platforms. We work closely with other Engineering, Data, Platform and Operations teams to help them build reliable, observable, and cost-effective systems. We lead incident response, improve deployment safety, and guide teams toward sustainable service ownership. We process large volumes of telemetry data every day and are constantly evolving our approach to cost … understanding of modern observability practices. You will be confident working across infrastructure and application layers, and you will lead by example in everything from SLOs and SLIs to post-incident reviews. What You Will Be Doing: Observability and OpenTelemetry: Own and evolve our observability strategy across services. Lead how we collect, process, sample, and surface trace and metrics data … visibility across the stack. SLOs, SLIs, and Service Ownership: Help teams define and adopt meaningful SLIs and SLOs. Guide product teams in using observability data to make reliability measurable. Incident Response and Reliability Engineering: Lead on-call investigations when issues arise. Drive blameless post-incident reviews and help to recommend mitigating actions that stem any losses, but More ❯

Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response … investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify … lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and More ❯

Unit 42 Consulting Unit 42 Consulting is Palo Alto Networks' elite security advisory team. Our vision is to create a more secure digital world by delivering the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team comprises highly recognized experts and incident responders with deep technical expertise and extensive … experience in investigations, data breach response, digital forensics, and information security. With a proven track record of delivering mission-critical cybersecurity solutions, we work swiftly to provide effective incident response, attack readiness, and remediation plans, focusing on long-term support to enhance our clients’ security posture. Job Description Your Career Unit 42 is a dynamic, energetic, and … dynamic environments. Deep Cybersecurity Domain Mastery: At least 10 years of experience selling complex Security solutions or services, including a profound understanding and proven success in: Offensive Security Services Incident Response Retainers Risk Management Services SOC Assessment Services Threat Intelligence Services Channel Ecosystem Acumen: A profound understanding of global channel partners and a proven ability to strategically leverage More ❯

Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development We are seeking a highly experienced Head of Cyber Security to lead the delivery of a best-in-class security posture within a large, complex public sector organisation. … Cyber Essentials Plus). Proven experience in developing and delivering cyber security strategies within complex organisations. Hands-on expertise across infrastructure, applications, and cloud environments. Track record of leading incident response, threat detection and vulnerability management activities. Strong leadership and stakeholder management skills, with the ability to engage senior executives, boards, and technical teams alike. Experience influencing and … manager ready to step up into a "Head of" role. Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more More ❯

Do you enjoy working across teams to improve security awareness and compliance? Want to make a real impact in a growing organisation? If you’re confident in network defence, incident response, and stakeholder collaboration — this could be your next move. About the Role We’re looking for a proactive and skilled Information Security Analyst to strengthen our cybersecurity … ll manage key platforms like CyGlass and KnowBe4, coordinate with external partners including Pentest People, and support internal compliance efforts. This is a hands-on role with variety — from incident response and penetration testing coordination to user training and policy development. Key Responsibilities Security Operations & Monitoring • Manage and monitor the CyGlass network defence platform • Coordinate penetration testing and … Pentest People • Provide regular updates to internal stakeholders on security posture Candidate Requirements Essential Skills & Experience • Experience in information security or infrastructure engineering • Strong understanding of network security and incident response • Familiarity with CyGlass, Pentest People, or similar platforms • Experience with KnowBe4 or other cybersecurity training tools • Knowledge of data protection regulations (e.g., GDPR, ISO27001) • Excellent communication and More ❯

Ready to take the lead in safeguarding complex digital ecosystems? Join a specialised cybersecurity consultancy dedicated to protecting organisations through advanced threat detection, incident response, and security architecture expertise. The organisation is recognised for its proactive approach to risk management and its commitment to delivering resilient, compliant, and secure technology environments. The team is hiring a Senior Cyber … ahead of cyber threats. Apply now! Key Responsibilities Oversee and deliver high-quality client engagements Risk and maturity assessments Cyber due diligence for funds and investors Tabletop exercises and incident response preparedness Conduct risk reviews and provide advisory around OT and IT environmentsSupport and, in time, lead business development activities Client briefings, proposals, and presentations within CISO and … in an information security, cyber, or risk role within industry or government. Governance, Risk, and Compliance (GRC) OT Security/Industrial Control Systems Cyber protection of complex IT estates Incident response, crisis management, and tabletop exercising Strong understanding of Access Control principles and implementation. Excellent project coordination skills with the ability to take ownership of small projects and More ❯

strategic decisions, and builds the next generation of cyber resilience. ??The Role This is more than a technical position - you'll be a trusted advisor, guiding enterprise clients through: Incident response and threat management Risk assessments and compliance frameworks (GDPR, ISO 27001) Security architecture and advanced defence strategies You'll lead projects end-to-end, mentor junior consultants … impact on clients' security posture. ?? What You'll Do Lead complex, multi-team cyber resilience projects for enterprise clients. Design and implement cutting-edge security frameworks and solutions. Direct incident response during live breaches. Advise senior stakeholders with clear, business-focused guidance. Run Agile ceremonies to drive project efficiency. Mentor junior consultants and contribute to growth. Support business … development through proposals and client engagement. ??? What We're Looking For Proven expertise in threat intelligence, risk management, incident response, compliance, and security architecture . Hands-on experience with tools such as Rapid7, SentinelOne, Fortinet, Netskope, SOAR (InsightConnect), AWS/CNAPP . Confident communicator able to influence executive-level stakeholders . Bonus: experience with virtualisation (VMware, Nutanix), networking More ❯

critical challenges, and deliver solutions that make a real impact. ?? The Role This isn't just a technical role. You'll act as a trusted advisor , guiding organisations through incident response, compliance, risk management, threat intelligence, and security architecture . From hands-on frameworks to executive-level strategy, you'll be at the centre of helping clients protect … what matters most. ?? What You'll Do Lead end-to-end cyber resilience projects with enterprise clients. Design and implement advanced security frameworks and solutions. Direct incident response teams during live breaches. Advise senior stakeholders with clear, business-focused guidance. Run Agile ceremonies to keep projects sharp and effective. Mentor junior consultants and build team capability. Contribute to … business growth through proposals and client engagement. ??? Skills & Experience Proven expertise in threat intelligence, risk management, incident response, compliance (GDPR, ISO 27001), and security architecture . Experience with tools such as Rapid7, SentinelOne, Fortinet, Netskope, SOAR (InsightConnect), AWS/CNAPP . Confident communicator, able to influence executive stakeholders . Track record leading complex, multi-team cybersecurity projects . More ❯

Senior Incident Responder - SOC Analyst (L3) £71000 GBP Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Senior Incident Responder - SOC Analyst (L3) Location: UK-wide (hybrid/on-site as required) Salary: £71,000 + Bonus Clearance: Must be eligible for SC Clearance Our client is a global consulting and technology services firm, supporting public … and private sector organisations with complex digital and cyber transformation. They are building out their UK Security Practice and are seeking a Senior Incident Responder - SOC Analyst (L3) to lead investigations, manage escalations, and strengthen cyber resilience for mission-critical environments. The Role As a Senior Incident Responder, you'll be the escalation point for L1 and L2 … to containment and remediation. You'll drive root cause analysis, ensure runbooks and playbooks are followed, and directly engage with clients and delivery managers to provide expert guidance on incident handling. This is a hands-on technical leadership role that combines investigation, response, threat intelligence, and collaboration with stakeholders. You'll also support service improvement, tool optimisation, and More ❯

Skills & Experience from the SOC Analyst Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Beneficial Experience More ❯

Skills & Experience from the Security Engineer Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Beneficial Experience More ❯

Skills & Experience from the Security Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft's security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now More ❯

environment. Defence Writing & JSP Familiarity: Prepare formal documentation in line with Defence Writing principles, with an understanding of Joint Service Publications (JSPs), particularly in areas related to cybersecurity governance, incident response, and monitoring operations. Incident & Case Management: Support the incident response lifecycle through alert review, case triage, evidence handling, escalation, and forensic data support. Ensure … Security Operations. Strong expertise in using Elastic Stack, including Elasticsearch, Logstash, and Kibana. Familiarity with other SIEM tools and security technologies. Knowledge of cybersecurity best practices, threat intelligence, and incident response. Excellent analytical and problem-solving skills. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Elastic Certified Engineer (ECE) are a plus. More ❯

Days: As per business need Special Working Conditions: Occasional client site travel The Role As SOC Manager, you will: Establish goals and priorities with your team, focusing on: Improving incident response times Reducing false positives and extraneous alerts Enhancing threat detection capabilities Oversee staff activities to ensure focus on the right priorities Review team performance metrics, incident reports, and other key indicators Lead incident response efforts with clear procedures and protocols Analyse incident reports to understand the organization's security posture Serve as primary point of contact for security incidents, liaising with internal stakeholders and external parties Conduct information security investigations and manage end-to-end security incident resolution Report to the … identifying new use cases and automations Act as POC for SOC engineering, threat intelligence, and threat exposure management Provide guidance to Level-2 SOC security analysts during investigations and incident resolution Lead coordination of individual information security incidents Mentor security analysts on risk management, security controls, incident analysis, SIEM monitoring, and operational tasks Document incidents from detection to More ❯

GBP Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Senior Incident Responder - SOC Analyst (L3) Location: UK-wide (hybrid/on-site as required) Salary: £71,000 + Bonus Clearance: Must be eligible for SC Clearance Our client is a global consulting and technology services firm, supporting public and private sector organisations with complex digital and … cyber transformation. They are building out their UK Security Practice and are seeking a Senior Incident Responder - SOC Analyst (L3) to lead investigations, manage escalations, and strengthen cyber resilience for mission-critical environments. The Role As a Senior Incident Responder, you'll be the escalation point for L1 and L2 SOC Analysts, taking ownership of security incidents from … to containment and remediation. You'll drive root cause analysis, ensure runbooks and playbooks are followed, and directly engage with clients and delivery managers to provide expert guidance on incident handling. This is a hands-on technical leadership role that combines investigation, response, threat intelligence, and collaboration with stakeholders. You'll also support service improvement, tool optimisation, and More ❯

for all employees to promote a culture of proactive risk management. Build threat intelligence capabilities to stay ahead of emerging risks. Balance risk management with product and engineering velocity. Incident Response & Resilience Own response plans for high-severity threats and incidents. Build robust detection, containment, and remediation processes. Drive business continuity and disaster recovery strategy. Technology & Infrastructure … DevSecOps. Proven experience securing systems involving digital assets, cryptographic components, or distributed infrastructure. Strong grasp of regulatory frameworks: SOC 2, ISO 27001, GDPR, NIST, etc. Background in threat modeling, incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer Science, Information Security, or related field. Bonus: Experience with CTFs, red More ❯

This role offers a chance to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly, and monthly monitoring of systems … Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity principles. Excellent communication skills, with … impact in a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

variety of stakeholders to ensure, the Leidos CSOC, a Defensive Cyber Security capability, can support a customers Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating their risk of Cyber Attack. The successful candidate will be able to demonstrate experience from a CSOC background or be able to demonstrate sufficient transferable Cyber Security … reactive analysis, articulating emerging trends to leadership and staff. Use data collected from Cyber Defence tools firewalls, IDS, network traffic, UEBA (User Entity Behaviour Analysis), Security Orchestration and Automated Response (SOAR) etc. to analyse events that occur within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security Information Event Monitoring … SIEM), End Point Protection (EPP), End Point Detection and Response (EDR), XDR (Extended DR), Web Application Firewall (WAF), and Firewalls. Proactively detect suspicious activity, vulnerabilities, and security misconfigurations before they can be exploited by adversaries impacting Confidentiality, Integrity and Availability which could lead to a Cyber Security Incident. Inspection and correlation of logs from multiple sources to identify repeating More ❯

Evaluate emerging technologies (AI, RPA, cloud, hybrid infrastructure) from a security perspective. Policy, Procedure, and Guidance Oversight Review, update, and enforce security policies, standards, and guidance (e.g. Acceptable Use, Incident Response, Remote Access). Ensure compliance with NCSC, ISO 27001, NIST, Cyber Essentials, and GDPR frameworks. Clarify security roles and responsibilities across departments. Support Information Governance and Data … awareness campaigns and training. Promote a culture of security and resilience across the organisation. Collaborate with HR and L&D to embed cyber hygiene into inductions and ongoing learning. Incident Management and Business Continuity Oversee the development and testing of Incident Response, Disaster Recovery, and Business Continuity Plans. Provide senior escalation and leadership during security incidents. Conduct … post-incident reviews and ensure lessons learned drive continuous improvement. Continuous Improvement and Innovation Stay informed on emerging threats and industry trends. Champion automation and innovation in security operations (e.g. SOAR, XDR). Drive security maturity assessments and roadmap development. Essential Experience Proven leadership in IT or cyber security at enterprise or local authority level. Strong understanding of security More ❯

taking a leading role in delivering technology change/improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: * Endpoint monitoring … and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise incident … computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing * Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. * Significant experience within a SOC environment. * Incident response experience * Qualification/Certification in Cyber Security Desirable * IT Qualifications/Certifications such as CompTIA More ❯

role, you will help monitor and defend networks, systems, and applications against evolving threats. You'll work as part of a team that provides 24/7 monitoring, detection, response, and remediation services for a diverse client base. Key Responsibilities: Support the Managed Extended Detection & Response (MXDR) service. Monitor security alerts and events to identify potential incidents. Assist … monitoring tools such as SIEM, IDS/IPS, EDR, and threat intelligence platforms. Basic understanding of networking, operating systems, and core security technologies. Foundational knowledge of digital forensics and incident response practices. Exposure to scripting/programming languages (e.g., Python, Bash, PowerShell). Strong analytical and problem-solving skills. Good communication and collaboration abilities. Relevant security certifications are … client is unable to offer sponsorship for this role. In order to be considered you must have full, unrestricted right to work in the UK. Keywords: Cyber Security/Incident Response/SOC/Security Operations Centre/Detect and Response/Blue Team/Junior/London Circle Recruitment is acting as an Employment Agency in More ❯

IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration … across global cybersecurity efforts. What You Bring Degree or equivalent experience in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security More ❯

IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration … global cybersecurity efforts. What You Bring Essential: Degree or equivalent experience in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security More ❯

AI, RPA, cloud, hybrid infrastructure) from a security perspective. Policy, Procedure, and Guidance Oversight Review and update security policies, procedures, standards, and guidance regularly (e.g., acceptable use, remote access, incident response, etc.). Ensure alignment with frameworks such as NCSC guidance, ISO 27001, NIST, Cyber Essentials, and GDPR. Develop and communicate clear roles and responsibilities for information security … cybersecurity awareness and training campaigns. Build a security-conscious culture across the organisation. Work with HR and Learning & Development to embed cyber hygiene into inductions and role-based training. Incident Management and Business Continuity Develop and review the Disaster Recovery and Business Continuity Plans for IT Services and support the Disaster Recovery and Business Continuity for the services areas. … Oversee and periodically test the incident response and disaster recovery plans. Provide strategic direction and escalation oversight during major incidents. Conduct post-incident reviews and feed findings into policy, technical, and training improvements. Continuous Improvement and Innovation Keep abreast of emerging threats, vulnerabilities, and industry best practices. Champion innovation in security practices, tools, and automation (e.g., SOAR More ❯