1 to 25 of 111 Incident Response Jobs in London

Senior Incident Response Manager (SOC) London/WFH to £120k Do you have expertise in the field of Incident Response, Cyber Security Operations or Digital Forensics? You could be progressing your career in a senior, hands-on leadership role at the Investment Management … global bank. As a Senior Incident Response Manager you will continuously develop a high performance technical response team and lead the Incident Response efforts, overseeing the end-to-end incident response lifecycle, from detection and containment to eradication, recovery and post incident ...

Senior Incident Response Manager (SOC) London/WFH to £120k Do you have expertise in the field of Incident Response, Cyber Security Operations or Digital Forensics? You could be progressing your career in a senior, hands-on leadership role at the Investment Management … global bank. As a Senior Incident Response Manager you will continuously develop a high performance technical response team click apply for full job details ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document … infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams ...

firms risk appetite, client expectations and legal and regulatory changes and attitudes Manage and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal … regulatory reporting, client and individual notifications and reputation management. Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide To support the CPO and CISO in the formulation and delivery of the firms cyber and incident response ...

Operations Analyst to join a fast-growing Blue Team within our Cyber Practice. You will work with high-profile clients to ensure effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms … escalation for junior analysts. Serve as a technical subject matter expert on client engagements, presenting findings to senior stakeholders. Participate in alert testing, incident response exercises, and threat hunting activities. Stay up to date with the latest threat intelligence and emerging attacker tactics. Additional Responsibilities (client-dependent): Threat ...

looking for a SOC Analyst to join an established Security Operations Centre team. This role focuses on incident investigation, triage, and response , along with client engagement and proactive security activities. What You'll Do Investigate and respond to security incidents Perform triage and remediation across client environments Engage … with clients during incident response activities Support proactive security and continuous improvement initiatives Mentor junior team members where appropriate What We're Looking For 2+ years' experience in cyber security, ideally incident response Strong communication skills Experience across Windows, Linux/Unix, and macOS Knowledge ...

servers, and workstations. Carrying out security monitoring and improving the configuration of the security monitoring tools used by Smart Communications. Enhancing security detection and incident response processes ranging from individual playbooks to security incident response and remediation plans. Managing vulnerability detection and remediation by working with … years of hands-on experience in a similar role. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments including proactive configuration of AWS accounts and assets to meet good security practices Experience conducting security ...

client is seeking a SOC Analyst to join a security operations team in London. The role is focused on real-time monitoring, investigation, and incident response across a modern enterprise security environment. Key Responsibilities Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint … Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce clear incident documentation, reports, and recommendations for continuous improvement. Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows. Required ...

Lead Cybersecurity Incident Responder - IR, Cyber, - London/Hybrid (some travel European travel) Salary: Competitive, We are seeking a highly experienced cybersecurity professional with a strong background in incident response and advanced security operations. Extensive hands-on experience in Incident Response (IR), SOC, MSSP, CSIRT … party vendor relationships. Solid working knowledge of the MITRE ATT&CK framework. Willingness to take part in on-call rotations. As the Lead Cybersecurity Incident Responder, you will play a critical role in guiding clients through high-impact, time-sensitive security incidents. Conducting network, host, and forensic investigations, presenting ...

strong observability and auditability, including logging, monitoring, alerting, and security events. ·Design systems assuming attack, failure, and misuse as default scenarios. ·Lead cloud-level incident response and post-incident reviews. ·Ensure the platform meets expectations for a trading/regulated environment. Reliability, DR & Resilience ·Design, implement … trading, or other security-sensitive environments. ·Experience with containerised and event-driven systems. ·Experience inheriting, hardening, or cleaning up existing cloud environments. ·Familiarity with incident response and DR testing in cloud platforms. Working Style ·Proactive and self-directed; sees gaps and addresses them without prompting. ·Detail-oriented ...

CloudFormation. Embed security checks into GitHub CI/CD pipelines for continuous compliance. Develop automated remediation workflows for security findings. Monitoring & Incident Response: Implement monitoring and alerting for security events using AWS native tools and SIEM integrations. Support incident response and root cause analysis for security ...

CloudFormation. Embed security checks into GitHub CI/CD pipelines for continuous compliance. Develop automated remediation workflows for security findings. Monitoring & Incident Response: Implement monitoring and alerting for security events using AWS native tools and SIEM integrations. Support incident response and root cause analysis for security ...

Operations Centre • Coordinate penetration testing, cybersecurity risk self-assessments and remediation activity • Lead real-time monitoring of cybersecurity alerts and events, including investigation and incident response • Manage and maintain security infrastructure including firewalls, IPS, WAF, SIEM, EDR and endpoint controls • Oversee vulnerability management, patching and security hardening across … Cyber Essentials • Strong understanding of UK regulatory expectations, including PRA, FCA, ICO and GDPR • Proven experience with SIEM-led monitoring, threat detection and incident response • Hands-on experience managing firewalls, IPS, WAF, EDR and endpoint security tools • Strong network security knowledge including routing, switching and firewall design • Solid ...

will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence ...

will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence ...

leads the organisation's cyber security strategy, ensuring strong resilience, compliance, and protection of information assets. You will oversee operations, governance, risk management, and incident response while guiding a high-performing security & infrastructure team. Client Details Our client is a respected not-for-profit UK organisation with … regulatory requirements. Conduct security risk assessments, maintain governance frameworks, and ensure robust oversight. Set, enforce, and update security policies, standards, and technical controls. Lead incident response, including investigation, coordination, remediation, and reporting. Manage supplier assurance, third-party risk, and security obligations within contracts. Plan and support external audits ...

Incident Manager Permanent Central London £38,000 to £40,000 Our client is seeking an IT Incident Manager to lead the response to high-priority and major IT incidents across a complex technology environment. When things don’t go to plan, you’ll take the lead — coordinating … clearly, and driving incidents through to resolution with minimal impact on the business. This newly created role offers a great opportunity for an IT incident management professional looking to step up, broaden their responsibilities, and work in close partnership with the Head of Operations. This role is critical ...

specific and relevant security data points Participate in an on-call rotation and assist with troubleshooting issues that arise Defining and implementing a Security Incident Response process/policy with regular evolvement, testing and adherence Required Qualifications Three years or more experience in Cloud Infrastructure roles (predominantly … team Advantageous Qualifications AWS Certified Security Specialist Hands on experience designing and implementing security controls within GCP Experience defining and operating a Security Incident Response process Good knowledge of monitoring and alerting using one or more of: Graphite, Statsd, Prometheus, Grafana, OpenSearch Any experience of ISO27001 certification processes ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

posture aligns with business objectives, regulatory requirements, and recognised industry standards. The Information Security Officer will own security strategy, risk management, policy development, and incident response, while promoting security awareness across the organisation. Key Responsibilities Develop and maintain an organisation-wide information security strategy. Establish and enforce security … policies, standards, and governance processes. Lead incident response and manage security breaches. Ensure compliance with relevant laws, regulations, and security frameworks. Embed security into risk management, application development, and operational processes. Report on security risks and programme performance to senior leadership. Support supplier assurance, audits, penetration testing ...

risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyse, and manage vulnerabilities in applications, providing guidance for remediation efforts Support incident response by investigating and analyzing security incidents related to applications Stay current on the latest security threats, vulnerabilities, and technologies to enhance … background looks something like: Extensive experience in application security, cybersecurity, or related fields Strong understanding of secure coding practices, threat modelilng, risk assessments, and incident response Proficiency in programming languages such as TypeScript, Python, or similar Experience with security tools, security protocols, encryption methods, and application security frameworks ...

runtime behaviour to meet latency and throughput expectations , especially under compute-heavy usage. Raise the bar on operational maturity Establish best practices for incident response, fault tolerance, deployment safety, and infrastructure hygiene. Partner with application engineers Work closely with product and engineering teammates to ensure the platform supports … building and maintaining CI/CD pipelines Deep understanding of cloud networking, autoscaling, and load balancing Solid security fundamentals across IAM, network controls, and incident response practices Preferred haves Experience with ECS or container orchestration platforms Familiarity with distributed worker/job systems (e.g., Celery, Sidekiq, Resque ...

agility required in a fast paced, regulated environment. Key responsibilities: Take ownership of day-to-day security monitoring, including investigating alerts, manual monitoring, and incident response Diagnose, troubleshoot, and resolve Linux OS level issues across servers and infrastructure Maintain, improve, and secure cloud and internal infrastructure, including monitoring … cloud environments such as AWS, Azure, or GCP, alongside on prem systems Solid understanding of security fundamentals including access control, monitoring, vulnerability management, and incident response Scripting or automation experience using tools such as Python, Bash, or PowerShell Desirable experience includes exposure to endpoint management or security tooling ...