1 to 25 of 231 Incident Response Jobs in London

Principal Incident Response Consultant – MOD DV Location: UK wide – Remote Salary - £85,000 - £110,000 + excellent benefits Clearance - DV clearance required We're seeking a Principal Incident Response Consultant to join our client's elite cybersecurity and digital forensics team. This is a client-facing role where you'll lead DFIR (Digital Forensics & Incident Response) investigations, guide executives through cyber incidents, and help organisations strengthen their threat detection, response, and resilience. If you're an expert in incident response, threat hunting, and forensic analysis and thrive under pressure, this is your opportunity to work on some of the UK's most significant cyber cases. Key Responsibilities Incident Response … intelligence and MITRE ATT&CK to attribute attacks and inform proactive defences. Crisis Management: Lead coordination between internal stakeholders, third parties, and law enforcement. Cybersecurity Advisory: Help clients improve incident readiness, detection engineering, and response capabilities. Innovation: Contribute to new playbooks, tools, and methodologies to evolve our DFIR practice. Mentorship: Train and coach junior consultants in incident More ❯

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application. Accenture is a leading global professional services company … CEO Accenture’s Security is one of the fastest growing areas of the business with significant growth plans through additional recruitment and acquisitions. Our global Cyber Investigation and Forensic Response (CIFR) practice is rapidly expanding in order to uniquely deliver around the clock incident response services to our expanding portfolio of enterprise customers. The sheer variety and … global team, you'll be working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. In our team you will: · Lead incident response engagements, including co-ordination of other assigned resources for on-site and remote investigations · Identify and investigate intrusions to determine the cause and extent of the breach More ❯

DFIR Consultant | Digital Forensics & Incident Response Salary - £50,000 – £65,000 Location: Remote UK About the Role We're looking for a DFIR Consultant (Digital Forensics and Incident Response) to join our expert cybersecurity team. In this role, you'll apply your technical skills, investigative mindset, and forensic expertise to help clients respond to and recover … from complex cyber incidents. You'll lead and support forensic investigations across endpoint, network, and cloud environments, guiding clients through incident triage and digital evidence collection. This position is ideal for someone who thrives in fast-paced environments and enjoys solving technical challenges under pressure. What You'll Do Lead digital forensic investigations across endpoint, network, and cloud environments … AWS, Azure). Perform incident response for on-premises and cloud infrastructures, identifying root causes and containment strategies. Use tools like CrowdStrike, Magnet Axiom, X-Ways, SIFT Workstations, and EZTools to collect, preserve, and analyse evidence. Develop custom scripts and forensic tooling to automate investigation workflows. Document findings clearly in reports and client presentations, tailoring communication for both More ❯

Senior Cyber Incident Response InvestigatorFully UK RemoteDV Clearance or eligibility essential£80,000 + OT and On-Call earning £100,000+ Excellent opportunity for a candidate with Incident Response experience, DV Clearance or the ability to obtain it, and extensive experience with cyber forensic tools to join a business offering an entirely remote working position, the … key stakeholders within your client. This is a highly autonomous environment and you'll even set your own hours of work.The ideal candidate will have good experience within Cyber Response and have a wide range of experience with different cyber forensic tools. Candidates must be happy to travel to customer sites a few times a year, must be eligible … a wide and varied client base, remote working opportunities, and the chance to make a real difference to businesses across the UK and Europe! The Role: *Senior-Level Cyber Incident Response Investigator*Fully Remote*Helping businesses deal with real-time cyber-attacks remotely*Occasionally travelling to customer sites*£80,000 base + OT and On-all bumping total More ❯

Senior Cyber Incident Response Investigator Fully UK Remote DV Clearance or eligibility essential £80,000 + OT and On-Call earning £100,000+ Excellent opportunity for a candidate with Incident Response experience, DV Clearance or the ability to obtain it, and extensive experience with cyber forensic tools to join a business offering an entirely remote working … stakeholders within your client. This is a highly autonomous environment and you'll even set your own hours of work. The ideal candidate will have good experience within Cyber Response and have a wide range of experience with different cyber forensic tools. Candidates must be happy to travel to customer sites a few times a year, must be eligible … a wide and varied client base, remote working opportunities, and the chance to make a real difference to businesses across the UK and Europe! The Role: *Senior-Level Cyber Incident Response Investigator *Fully Remote *Helping businesses deal with real-time cyber-attacks remotely *Occasionally travelling to customer sites *£80,000 base + OT and On-all bumping total More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

Incident Responder/IR Consultant Hybrid - UK WideUp to £85k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR/DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

Incident Responder/IR Consultant Hybrid - UK Wide Up to £85k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR/DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

culture that values trust, accountability, and shared success where your work truly matters. Job Description Your Career We are seeking a Threat Intelligence Researcher for our Unit 42 Intelligence Response Unit. This team plays a critical role in providing timely, actionable threat intelligence and response capabilities to help protect our customers. Your Impact As a Threat Intelligence Researcher … in the Intel Response Unit, your primary responsibilities will include: Embedded Intelligence Support: Partner with the Unit 42 incident response teams to provide intelligence support to cases and track activity with intelligence value, including high profile cases that may require support outside of normal business hours. Leveraging Unique Data Holdings: Harness the full weight of the company … s unique data holdings, including product telemetry, front line Incident Response (IR) and Managed Detection and Response (MDR) data, and Intel Holdings. Utilize these resources to produce unique and valuable insights, enhancing the effectiveness and differentiation of our threat intelligence capabilities. Integrate internal holdings with external information to provide actionable intelligence findings to IR teams. Contributing to More ❯

Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response … investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify … lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and More ❯

Unit 42 Consulting Unit 42 Consulting is Palo Alto Networks' elite security advisory team. Our vision is to create a more secure digital world by delivering the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team comprises highly recognized experts and incident responders with deep technical expertise and extensive … experience in investigations, data breach response, digital forensics, and information security. With a proven track record of delivering mission-critical cybersecurity solutions, we work swiftly to provide effective incident response, attack readiness, and remediation plans, focusing on long-term support to enhance our clients’ security posture. Job Description Your Career Unit 42 is a dynamic, energetic, and … dynamic environments. Deep Cybersecurity Domain Mastery: At least 10 years of experience selling complex Security solutions or services, including a profound understanding and proven success in: Offensive Security Services Incident Response Retainers Risk Management Services SOC Assessment Services Threat Intelligence Services Channel Ecosystem Acumen: A profound understanding of global channel partners and a proven ability to strategically leverage More ❯

Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development We are seeking a highly experienced Head of Cyber Security to lead the delivery of a best-in-class security posture within a large, complex public sector organisation. … Cyber Essentials Plus). Proven experience in developing and delivering cyber security strategies within complex organisations. Hands-on expertise across infrastructure, applications, and cloud environments. Track record of leading incident response, threat detection and vulnerability management activities. Strong leadership and stakeholder management skills, with the ability to engage senior executives, boards, and technical teams alike. Experience influencing and … manager ready to step up into a "Head of" role. Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more More ❯

for all employees to promote a culture of proactive risk management. Build threat intelligence capabilities to stay ahead of emerging risks. Balance risk management with product and engineering velocity. Incident Response & Resilience Own response plans for high-severity threats and incidents. Build robust detection, containment, and remediation processes. Drive business continuity and disaster recovery strategy. Technology & Infrastructure … DevSecOps. Proven experience securing systems involving digital assets, cryptographic components, or distributed infrastructure. Strong grasp of regulatory frameworks: SOC 2, ISO 27001, GDPR, NIST, etc. Background in threat modeling, incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer Science, Information Security, or related field. Bonus: Experience with CTFs, red More ❯

NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident response processes, including forensic readiness and regular tabletop exercises. Compliance: Drive readiness for external certifications (ISO 27001, SOC2) and ensure ongoing … regulatory compliance (GDPR, export control, etc.). Collaboration: Partner with IT Ops Lead to embed controls into infra, IAM, and developer platforms; work with ITSM Lead to ensure security incident handling and knowledge base integration. Awareness & Culture: Develop training, awareness, and a culture of security-first thinking across Humanoid. We’re Looking For Proven experience in cyber security leadership … frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating in a dynamic, high-growth environment with a More ❯

NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident response processes, including forensic readiness and regular tabletop exercises. Compliance: Drive readiness for external certifications (ISO 27001, SOC2) and ensure ongoing … regulatory compliance (GDPR, export control, etc.). Collaboration: Partner with IT Ops Lead to embed controls into infra, IAM, and developer platforms; work with ITSM Lead to ensure security incident handling and knowledge base integration. Awareness & Culture: Develop training, awareness, and a culture of security-first thinking across Humanoid. We’re Looking For Proven experience in cyber security leadership … frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating in a dynamic, high-growth environment with a More ❯

NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident response processes, including forensic readiness and regular tabletop exercises. Compliance: Drive readiness for external certifications (ISO 27001, SOC2) and ensure ongoing … regulatory compliance (GDPR, export control, etc.). Collaboration: Partner with IT Ops Lead to embed controls into infra, IAM, and developer platforms; work with ITSM Lead to ensure security incident handling and knowledge base integration. Awareness & Culture: Develop training, awareness, and a culture of security-first thinking across Humanoid. We’re Looking For Proven experience in cyber security leadership … frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating in a dynamic, high-growth environment with a More ❯

NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident response processes, including forensic readiness and regular tabletop exercises. Compliance: Drive readiness for external certifications (ISO 27001, SOC2) and ensure ongoing … regulatory compliance (GDPR, export control, etc.). Collaboration: Partner with IT Ops Lead to embed controls into infra, IAM, and developer platforms; work with ITSM Lead to ensure security incident handling and knowledge base integration. Awareness & Culture: Develop training, awareness, and a culture of security-first thinking across Humanoid. We’re Looking For Proven experience in cyber security leadership … frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating in a dynamic, high-growth environment with a More ❯

role, you will help monitor and defend networks, systems, and applications against evolving threats. You'll work as part of a team that provides 24/7 monitoring, detection, response, and remediation services for a diverse client base. Key Responsibilities: Support the Managed Extended Detection & Response (MXDR) service. Monitor security alerts and events to identify potential incidents. Assist … monitoring tools such as SIEM, IDS/IPS, EDR, and threat intelligence platforms. Basic understanding of networking, operating systems, and core security technologies. Foundational knowledge of digital forensics and incident response practices. Exposure to scripting/programming languages (e.g., Python, Bash, PowerShell). Strong analytical and problem-solving skills. Good communication and collaboration abilities. Relevant security certifications are … client is unable to offer sponsorship for this role. In order to be considered you must have full, unrestricted right to work in the UK. Keywords: Cyber Security/Incident Response/SOC/Security Operations Centre/Detect and Response/Blue Team/Junior/London Circle Recruitment is acting as an Employment Agency in More ❯

Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly … compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection … and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and More ❯

Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly … compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection … and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and More ❯

Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly … compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection … and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and More ❯

assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud environments. Establish and maintain a Product Security Incident Response Team (PSIRT) process to handle reported vulnerabilities, disclosures, and security incidents related to Ipsotek products. Ensure timely triage, investigation, and resolution of product-related security issues. Security … Operations (SecOps) Oversee incident response, monitoring, and reporting processes. Manage security tooling and automation for detection and prevention. Continuously improve threat detection and response capabilities. Cross-Functional Collaboration Work with development teams to embed secure coding practices and DevSecOps principles. Support project operations and presales with security input for bids, proposals, and delivery. Provide security guidance during More ❯