1 to 25 of 38 Incident Response Jobs in Liverpool

Digital Forensics & Incident Response Consultant Our client, a globally recognised consultancy with one of the most established and high-performing Cyber Incident Response teams in the UK, is looking to hire new incident response talent. As one of only 9 accredited Tier 1 responders … industries, work on some of the most significant incidents in the UK, and benefit from top-tier training and certifications. Key Responsibilities of an Incident Response Consultant: Lead and coordinate response efforts for high-impact cyber incidents Conduct forensic analysis of compromised systems, memory dumps, and network … data. Provide clients with actionable insights on emerging threats and attacker tactics. Collaborate directly with stakeholders during response and recovery engagements. Support pre-sales efforts by contributing to bids, proposals, and client pitches. Key requirements of an Incident Response Consultant: Proven hands-on experience managing and investigating More ❯

Job Title: Senior Cyber Security Incident Responder Role: A leading Managed Security Service Provider is expanding its team and is hiring a Senior Incident Responder. This is a dedicated incident response position focused on managing high-impact cases and directly supporting clients experiencing cyber breaches. This … is an opportunity to take full ownership of incident response engagements, work directly with customers under pressure, and shape a growing IR function within a well-established MSSP. If you’ve led major incidents and want to step into a visible, high-trust role, this is it. Responsibilities … Lead end-to-end incident response investigations and containment efforts Communicate directly with clients during live cyber incidents, offering reassurance and expert guidance Produce detailed incident reports with root cause analysis and actionable recommendations Perform forensic and log analysis using SIEM, EDR, SOAR, and other security tools More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … security teams, customer operation teams as well as breach coach legal teams. This role with be reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and will collaborate closely with other cross-functional teams … identification of root cause and issue resolution or escalation Identify and escalate priority issues that need immediate attention Meet or exceed customer expectations on response quality, timeliness of responses and overall customer experience Serve as internal and external point of contact on customer escalations and ensure customer issues are More ❯

aligned with best practices. Monitor and address emerging threats, vulnerabilities, and security trends, ensuring timely implementation of countermeasures. Perform vulnerability assessments, threat analysis, and incident response. Participate in Incident response efforts by conducting log analysis, gathering evidence, and executing remediation tasks. Work closely with partners in infrastructure … such as AZ-500/AZ-700/AZ -305. Background in computer networking. Experience with a scripting language for task automation. Previous incident response participation. Previous experience working as a security or infrastructure engineer in a cloud environment. Enjoy our comprehensive benefits package designed to meet More ❯

will help safeguard Plus Dane's systems, data, and devices. Your role will encompass various aspects of cyber security, including monitoring, analysis, investigations, and incident response. Additionally, you will have opportunities to participate in the general day-to-day infrastructure tasks. Role PLEASE NOTE: Possession of a valid driving … people skills. Monitor Security Alerts: Assist in monitoring security alerts and responding to potential threats, working with the infrastructure Team and Plus Dane partners Incident Response: Participate in incident response activities, including identifying, analysing, and mitigating security incidents, working with the infrastructure Team and Plus Dane More ❯

aligned with global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT … cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership with security operations, legal, compliance, incident response teams, etc. Qualifications & Experience: Bachelor’s degree; Preferred Management Information Systems, Computer Science, Engineering, or related discipline. 5-10 years of information …/IP, Storage devices, network devices, fail-safe strategies, system architecture, LAN and WAN and intranet/internet security environments including firewalls, intrusion detection, incident response, vulnerability testing, operating system hardening, regulatory compliance, and data classification. Experience in IAM, SEIM, Log Management, Patch Management, Vulnerability Management, eDiscovery, Cloud More ❯

The scope of work includes replacing the existing Trend Micro infrastructure and rolling out CrowdStrike across all server environments to enhance threat detection and response capabilities. Job Title: Security Consultant Job Type: 3 month Contract Contract: Outside I35 Location: Remote Responsibilities: Collaborate with delivery teams and the client to … develop SOC playbooks supporting both SIEM and SOC operations. Design and implement SOAR workflows to automate incident response processes. Configure correlation searches and alerting mechanisms, optimising rules to minimise false positives. Serve as the Subject Matter Expert (SME) for SIEM deployment, supporting data ingestion from sources such as … AWS and Qualys. Assist in the integration of SIEM alerts with Jira, enabling streamlined alert tracking and incident management. Define and configure alert severity levels within SIEM, SOAR, and Jira to align with established Service Level Agreements (SLAs). Build and customise dashboards to support real-time reporting and More ❯

vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture and application development. Maintain and enhance incident response procedures and disaster recovery plans. Investigate and document security breaches, providing root cause analysis and remediation plans. Conduct security awareness training for More ❯

based clients, this role also requires eligibility to obtain SC Clearance. Roles & Responsibilities Create, maintain, and optimise Logic Apps and Sentinel playbooks to automate incident detection and response workflows in Microsoft Sentinel. Develop and implement API integrations between Microsoft Sentinel and other systems to enhance data collection, cross … as expected, identifying opportunities for further improvements. Skills & Experience Hands-on experience with Microsoft Sentinel: proven track record in developing playbooks, automation workflows, and incident response processes within Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development More ❯

ecosystem. You are passionate about leveraging Microsoft security technologies to protect critical assets and data, with a focus on proactive monitoring, threat detection, and incident response. Your hands-on expertise with Microsoft Defender solutions and Azure-based security tools will be crucial in maintaining a secure and resilient IT … Group Policy (GPO) to secure endpoints, user accounts, and cloud applications. Monitor security alerts and incidents through Microsoft Sentinel, conducting thorough investigations and leading response efforts to mitigate risks. Perform proactive threat hunting using data from Defender, Sentinel, and Entra logs to detect potential security incidents. Optimise and maintain … threat detection rules, automation playbooks, and alert tuning within Sentinel and Defender solutions to reduce false positives and enhance response efficiency. Manage access control policies and identity protection configurations to secure user authentication and reduce the risk of account compromise. Regularly assess the security posture of Microsoft 365 and More ❯

This is not your average support role – you’ll be: Client-facing – engaging with high-profile stakeholders, requiring strong communication Handling monitoring, escalations, and incident response Working closely with Cloudflare’s security & performance services Supporting feeds & tools introduced to prevent breaches during races Acting as a key part … of the incident management chain Must-Have Skills Cloudflare experience (WAF, CDN, DDoS protection, DNS, etc.) Strong communication – this is a client-heavy, speaking role Understanding of security operations, monitoring, and escalation Experience in incident or breach response Comfortable in a high-pressure, fast-moving environment like More ❯

risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley Insurance, we’ve been at … the forefront of cyber insurance management and breach response activities for business clients in the US, UK, and Europe since 2017. As Beazley Security, the company will have an expanded scope, leveraging nearly two decades of cyber incident experience, a strong services division, and a business strategy focused More ❯

experience with a broad range of cybersecurity tools. Key Responsibilities: Working closely with the SOC to implement SIEM technology Automating security workflows to streamline incident response Utilising cloud environments across both Azure and AWS. Assisting with Incident Management Contributing to platform automation and DevOps practices. Utilising XQL More ❯

maintain standard operating procedures and protocols. Collaborate closely with the Cyber Defence team to uphold enterprise defence practices, guidelines, and procedures. Provide support for incident response efforts as needed. Assist with operational and management reporting produced by the team. Skills/Qualifications A highly self-motivated individual with More ❯

breaches, ROPAs, and DPIAs, while delivering scalable training and awareness across the company. Design and implement secure, low-overhead technical and organisational controls, overseeing incident response, vendor security, and external certifications. Drive compliance automation initiatives to minimise manual processes and support scalable growth, conducting internal audits and monitoring More ❯

email/web filtering, and vulnerability scanning. Maintain the disaster recovery strategy and conduct regular DR testing. Act as a senior technical resource for incident response, threat monitoring, and 3rd line infrastructure support. What We're Looking For Candidates should come from either a public sector (central/ More ❯

development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR is a real plus Comfortable working in very fast-moving, customer facing delivery environments The Technical Shizzle: Microsoft Sentinel (KQL More ❯

for new deployments, providing continual management and maintenance Instrumental in developing, testing, and managing disaster recovery plans and maintaining operational resilience Work within the incident response process providing expertise and support to the support team as required Lead technical evaluation of products within the infrastructure domain, participating in More ❯

in place, this is a relatively greenfield SOC buildout, where you will work alongside the SOC Manager to shape their SOC monitoring, detection and response function. Key Responsibilities: Act as a lead and technical escalation point on the most complex incidents and investigations. Develop and engineer new detection rules … and potential threat actors as a way of developing rules to safeguard against potential future threats. Mentor and train junior team members through complex incident response investigations. Key Requirements: Significant experience working in a SOC environment (4 years minimum) , dealing with and responding to escalated and most high More ❯

functionally to identify risks and improve security posture continuously Support cloud-native app and ML security efforts across Azure and AWS Own AppSec policies, incident response processes, and related KPIs/KRIs Key Skills Required: 5+ years in AppSec or DevSecOps, with strong experience in secure SDLC and More ❯

delivery lifecycle 🛠️ Feeding into control design activities—DevSecOps, threat modelling, workshops, and design reviews 🧪 Managing and coordinating penetration testing and remediation efforts 🚨 Leading security incident response for the programme, from detection to resolution 🎓 Running tailored security awareness training for teams 🔒 Maintaining continuous oversight of emerging threats, vulnerabilities, and More ❯

spec available): 5+ years experience in a technical security role Experience in vulnerability assessment, penetration testing, and vulnerability management processes, etc. Familiarity with security incident response procedures. Excellent communication skills and the ability to collaborate with cross-functional teams. Experience with Python scripting Solid experience in GRC Relevant More ❯

hybrid infrastructure solutions across Azure and traditional platforms. Collaborate with DevOps, SecOps, and development teams to support deployments and maintain secure, reliable environments. Support incident response and perform root cause analysis of infrastructure-related issues. Contribute to disaster recovery and business continuity planning. Lead infrastructure product evaluations and More ❯

hybrid infrastructure solutions across Azure and traditional platforms. Collaborate with DevOps, SecOps, and development teams to support deployments and maintain secure, reliable environments. Support incident response and perform root cause analysis of infrastructure-related issues. Contribute to disaster recovery and business continuity planning. Lead infrastructure product evaluations and More ❯

maintain the Company’s competitive edge. Guiding the creation and maintenance of advanced tools and scripts for real-time detection, threat analysis, and rapid incident response. Championing the adoption of cutting-edge security standards and practices, ensuring our mobile platforms meet both internal and industry regulatory requirements. By applying More ❯