51 to 75 of 499 Incident Response Jobs in England

Group is seeking a DFIR Managing Consultant in Manchester to lead incident response engagements. The role involves managing a team of skilled consultants, providing hands-on support during cyber incidents, and ensuring effective communication. Candidates should have extensive experience in incident response and digital forensics, strong ...

across the business. The Role Youll lead day-to-day cyber security operations, working closely with IT and business stakeholders to ensure robust monitoring, incident response, and risk management processes are in place. This is a hands-on role with both operational and strategic elements. Key Responsibilities Overseeing … cyber operations, including threat monitoring and incident response Managing vulnerabilities and supporting remediation activities Supporting the development and delivery of cyber security strategy Collaborating with internal teams and third-party providers Driving awareness, training, and continuous improvement initiatives About You Experience in cyber security operations, SOC, or incident ...

system environments. This role sits within a Security Operations function but is heavily engineering focused, combining hands on OT security tooling, detection engineering and incident response to strengthen resilience across critical infrastructure. Key Responsibilities: Act as the OT security engineering SME, supporting both operational and project based activities … equivalent) Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points Lead technical investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM ...

hybrid working mode. In this role, you will lead the Security Operations Center's day-to-day functions, focusing on operational excellence in incident management and response. This position ensures round-the-clock coverage, drives team performance, and maintains a high standard for incident handling and escalation. … providing leadership in Real Time threat detection and response, you will strengthen organizational resilience and safeguard critical systems against evolving cyber threats. Responsibilities Lead and oversee incident management and response processes within the SOC Manage shift coverage, ensuring continuous and effective operation Monitor and analyze key performance ...

Cyber Security Manager is responsible for security operations, risk management, incident response, policy development and user awareness. The role will manage external 3rd party and internal virtual resources. Client Details The client is a well-established, multi-site professional services organisation operating at national scale. With a strong … matters, providing clear guidance to leadership and technical teams Lead engagement with a third-party Security Operations Centre (SOC), ensuring effective monitoring, detection and response Oversee incident management, including coordination, post-incident reviews and continuous improvement actions Own and manage key security platforms, including security awareness ...

network estate (including Cisco Meraki). The role is hands-on and operational, partnering with IT teams to implement security controls, support monitoring and incident response through Sophos MDR, and improve cyber resilience by supporting Disaster Recovery (DR) testing and Business Continuity (BC) readiness. Key Responsibilities Cloud Security … ensure changes follow change control. Enable and review network security logging/alerting (e.g., syslog/SIEM integrations where applicable). Monitoring, Detection & Incident Response (Sophos MDR) Act as the internal technical point of contact for Sophos MDR and ensure smooth collaboration with MDR analysts. Maintain coverage ...

Defender for Identity, Defender for Cloud Apps, etc.) and other monitoring tools to identify and respond to potential data loss or unauthorised data sharing Incident Triage & Response: Perform timely triage of security alerts to determine impact and urgency, investigating incidents using available tools and data Lead initial incident response actions (containment, remediation, communication) for confirmed security incidents, following established escalation procedures Ensuring that all incidents are promptly escalated to senior leadership or external partners, as appropriate Threat Analysis & Intelligence Integration: Analyse malicious activities to determine root cause and attack vectors by mapping observed attacker actions ...

clients—from fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth … cyber threats across varied environments. You will support and mentor junior analysts, lead complex investigations, and contribute to the ongoing development of detection and response capabilities. This role is suited to a security professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership ...

reliability problems across our stack, then design and implement software and systems to create step-function improvements. You will design robust observability solutions, lead incident response, automate operational tasks, and continuously improve our infrastructure's reliability, all while mentoring and educating the broader engineering team to make reliability … Build systems to monitor and report on these metrics, holding teams accountable and ensuring we maintain high reliability standards while balancing innovation speed. Lead Incident Management and Response: Act as a senior leader during high-impact incidents, guiding the team to rapid resolution. Conduct thorough, blameless post-mortems ...

operational resilience, developer experience and infrastructure team leadership. You will be responsible for shaping the long term infrastructure roadmap, improving reliability and observability, strengthening incident response and ensuring the platform can support a growing customer base and increasingly critical product suite. This is a role for someone … cloud architecture to support scale, resilience and performance Set standards across infrastructure, CI/CD, environments and observability Lead production reliability, uptime, incident response and post incident reviews Improve monitoring, alerting and on call practices to ensure they are effective and sustainable Partner closely with the Information ...

Cyber Security Consultant - Incident and Vulnerability Management +6 months + +1 day a week on site in London/Preston/Birmingham - 4 days WFH +Inside IR35 + 550 - 580 a day +SC cleared role - must have current active clearance +Sole British nationals only due to nature … project Role Description: Security Incident & Vulnerability Management Consultant (Operational Integrator/SIAM - Transition Role) UK Sole National ONLY Security Clearance required Role Summary The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within ...

Cyber Security Consultant - Incident and Vulnerability Management Duration: 6 months Location: 1 day a week on site in London/Preston/Birmingham - 4 days WFH Employment type: Inside IR35 Rate: £550 - £580 a day SC cleared role - must have current active clearance Sole British nationals only … nature of the project Security Incident & Vulnerability Management Consultant (Operational Integrator/SIAM - Transition Role) UK Sole National ONLY Security Clearance required Role Summary The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within ...

organisation based in the Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience … procedures, and playbooks to respond to cyber threats. Develop and maintain cyber strategy, capabilities to stay ahead of emerging threats. Lead the Cyber Defence response for the organisation when under cyber-attack. Lead and manage multiple cyber security teams. Engage with stakeholders, report to snr management and collaborate with ...

smoothly in production. You will contribute to the operation of managed Kubernetes platforms (AKS/EKS), supporting best practices in monitoring, automation, and incident response, while continuing to develop your expertise in cloud-native technologies. About Synalogik Synalogik develops technology that enables organisations to work effectively with complex … supported, and then get the satisfaction of seeing them in products used in Tier 1 businesses. Key Responsibilities Site Reliability Engineering Participate in incident response, troubleshooting, and post-incident reviews Help reduce operational toil through automation and process improvements Contribute to improving system availability, performance, and scalability ...

tooling Career progression within a growing security function Key responsibilities: Monitor, investigate and respond to cyber security alerts and incidents Lead and support incident response activities Conduct threat hunting and threat modelling exercises Manage vulnerability remediation and penetration testing activities Support and improve SIEM, EDR/…/XDR, IDS/IPS and firewalls Good understanding of Microsoft Azure security technologies Knowledge of NIST, ISO27001 and CIS Controls Experience in incident response, vulnerability management and threat intelligence Relevant certifications such as CISSP, CISM, GIAC or Security+ Soft skills: Strong analytical and problem-solving abilities Calm ...

relax and recharge Free secure on-site parking Dress Down Fridays Free VDU eye test What you’ll be doing: Leading the investigation and response to security incidents, acting as the escalation point for complex or high-severity events. Monitoring and optimising security tooling, including SIEM and endpoint protection … platforms, to improve detection and response capabilities. Conducting threat hunting, root cause analysis, and forensic investigations to identify risks and control weaknesses. Developing and maintaining incident response processes, playbooks, and detection rules aligned to best practice frameworks. Translating threat intelligence into actionable controls to strengthen detection ...

relax and recharge Free secure on-site parking Dress Down Fridays Free VDU eye test What you’ll be doing: Leading the investigation and response to security incidents, acting as the escalation point for complex or high-severity events. Monitoring and optimising security tooling, including SIEM and endpoint protection … platforms, to improve detection and response capabilities. Conducting threat hunting, root cause analysis, and forensic investigations to identify risks and control weaknesses. Developing and maintaining incident response processes, playbooks, and detection rules aligned to best practice frameworks. Translating threat intelligence into actionable controls to strengthen detection ...

mature Security Operations Centre, focused on protecting essential services. The Opportunity You'll play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability … response maturity. What You'll Be Doing Monitoring & Triage Analyse and triage security alerts using SIEM platforms Correlate events and identify patterns across multiple data sources Assess severity, scope, and business impact Investigation & Analysis Conduct detailed investigations across endpoint, network, identity, and log data Build evidence-led timelines ...

cyber assurance integrates Knowledge of methodologies (Waterfall, Incremental, SAFE, DevOps) Experienced in managing ITHC activities end-to-end, from initial scoping through remediation Incident Response & Awareness Experienced in developing and managing Cyber Incident Response capabilities, including planning, implementation, and continuous improvement Proven experience designing and delivering ...

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...

maintained. Establish, document, and enforce security controls that safeguard information flows across internal systems, third parties, and public networks. Develop, maintain, and execute incident response and crisis management procedures, ensuring swift and effective mitigation of security events while minimizing business disruption. Monitor security operations to identify anomalies, investigate … compliance activities. GENERAL Be the primary point of contact for all information security alerts and breaches within the Bank and coordinate responses via incident management protocols. Daily administrative tasks, reporting, and communication with the relevant departments in the organization. Maintain security records and documents of controls, security dashboards ...

implement next generation Microsoft cloud security across Azure and multi cloud environments. Drive adoption of Agentic AI for Security to enable autonomous detection, adaptive response, and continuous security posture improvement. Enhance Microsoft Sentinel with MCP (Model Context Protocol), Sentinel Data Lake, and Sentinel Graph capabilities for advanced analytics, threat … Automate, and advanced SOAR workflows. Drive proactive threat detection, email threat defence, and automated containment using MDO and Darktrace Email. Partner closely with GSOC, Incident Response, Threat Hunting, TI and Cloud Engineering teams to deliver unified detection, response, and governance. Manage, mentor and strengthen a team ...

data. The successful individual will: Lead and develop a high-performing Information Security team Oversee security operations including SIEM, endpoint protection, vulnerability management and incident response Manage cyber resilience across both cloud and on-premise environments Act as the senior escalation point for security incidents and response … understanding of cyber security operations, governance and risk management Experience managing and developing technical security teams Strong knowledge of SIEM technologies, cloud security and incident response processes Ability to communicate effectively with both technical teams and senior leadership Experience operating within regulated environments Desirable experience includes: CISSP, CISM ...

mapping Risk advisory and assurance Business resilience Data privacy and GDPR ISO 27001 assessments Supply chain assurance PCI 3DS, PCI P2PE, PCI SSF audits Incident response readiness and planning Card production and PIN audits Cyber maturity assessments Incident response planning Gold/Silver/Bronze tabletops ...

across Azure cloud, VMware infrastructure and Cisco Meraki networking. This is an operational cyber security role focused on cloud security, infrastructure hardening, vulnerability remediation, incident response, DR testing and cyber resilience. Key Skills & Experience: • Azure security, Entra ID, Conditional Access, RBAC and Azure Policy • VMware vSphere, vCenter … ESXi • Cisco Meraki, VLANs, VPNs, firewall rules and network segmentation • Security monitoring, incident response and vulnerability management • Sophos MDR or similar MDR/SIEM tooling • Windows/Linux hardening and secure configuration • Disaster Recovery and Business Continuity testing • PowerShell, KQL or Python desirable • Microsoft Defender, Sentinel ...