1 to 25 of 43 Remote Incident Response Jobs in London

firms risk appetite, client expectations and legal and regulatory changes and attitudes Manage and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal … regulatory reporting, client and individual notifications and reputation management. Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide To support the CPO and CISO in the formulation and delivery of the firms cyber and incident response

will support information security and risk activities within Operational Security Management. Our Security Operations Center (SOC) is the frontline of defense, responsible for incident response, initial triage, and proactive threat hunting. You will work closely with the Cyber Security Incident Response Team (CSIRT) and business units … work as part of a rotation. Where weekend work is done days off during the week will be provided. What you will deliver: Perform incident detection and response within the SOC, including analysis and escalation of security alerts. Investigate security incidents and ensure accurate documentation in SIEM

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. Job description: Support SOC Manager to deliver the followingSIEM, IR tools platform … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement

Role: Agentic AI for Security & Sentinel Advanced Capabilities Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft Sentinel Model Context Protocol … advanced context-aware analytics and automation. Develop and maintain security analytics and data pipelines within Sentinel Data Lake to support large-scale threat detection, incident response, and threat hunting, while optimizing cost and enabling Agentic AI-driven security operations. Integrate and automate security workflows using Microsoft Sentinel Graph

getting organised ahead of their anticipated growth. We’re focused on finding them a Security Operations (SecOps) Manager to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes line management of two team members who support IT operations … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct

getting organised ahead of their anticipated growth. We’re focused on finding them a Security Operations (SecOps) Manager to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes line management of two team members who support IT operations … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct

Company description: As the Lead - SOC Incident Manager, your role will encompass communicating cybersecurity incidents to key partners across the enterprise as well as being the main interface between the Colt business units and the cybersecurity groups. You will be the subject matter expert responsible for coordinating cyber security … incidents across the enterprise. Job description: You will play a key role within the SOC to manage incidents: Coordinate response efforts to cyber security incidents caused by internal and external threats to reduce the impact of these incidents to Colt and its customers. Act as the bridge between

performance: Use observability tools like Prometheus and Grafana to track the health of test environments, identify bottlenecks, and resolve issues proactively, not reactively. Manage incident response: Lead the incident management process for test environment issues, conducting blameless post-mortems to understand the root causes and implement lasting … associated with test environments to free up engineering time for more strategic work. Strategic and cultural responsibilities Drive continuous improvement: Analyze environment performance data, incident reports, and post-mortems to identify opportunities for continuous improvement and innovation. Balance reliability and speed: Use an "error budget" for test environments.

Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise … Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain

Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise … Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain

industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets to meet good security

industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets to meet good security

global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will

bottlenecks using advanced problem-solving and performance tuning techniques. Conduct capacity planning and implement solutions to ensure systems can support current and future workloads Incident Response & Troubleshooting Respond swiftly to production incidents, ensuring minimal downtime and quick restoration of services. Perform root cause analysis and postmortems, implementing lessons … dashboards. Improve observability of services, ensuring issues are identified and addressed before impacting users. Continuously refine monitoring practices to reduce alert fatigue and improve response times. Automation & Tooling Develop automation to eliminate manual, repetitive tasks and improve operational efficiency. Write clear, maintainable, and well-tested code to support automation

cyber defence function. This position is suited to someone with a strong technical security background who can drive strategy, uplift security maturity, and oversee incident response activities. You will be responsible for safeguarding the business's infrastructure, digital assets, and data by shaping security processes, managing risk … recognised security frameworks. Key Responsibilities Lead and develop a team of cyber security engineers, providing technical and strategic direction. Oversee security operations including monitoring, incident management, and threat response. Conduct assessments across the IT estate to identify risks and emerging threats. Manage security events from detection through to remediation

GDPR, and other frameworks. Deliver security awareness training and embed a culture of compliance. Support day-to-day security operations, including monitoring, incident response, and threat analysis. What We're Looking For Experience: 3-5 years in information security or compliance roles. ISO 27001 Mastery: Proven track record

GDPR, and other frameworks. Deliver security awareness training and embed a culture of compliance. Support day-to-day security operations, including monitoring, incident response, and threat analysis. What We're Looking For Experience: 3-5 years in information security or compliance roles. ISO 27001 Mastery: Proven track record

including Data Protection Impact Assessments. Manage compliance and supplier security controls. Oversee penetration testing and manage vulnerability fixes. Develop and test the company's incident response plan. Support the secure implementation of new AI-driven tools. Lead, coach, and support a small technical team. Requirements 2+ years

GDPR, BCBS 239, FFIEC 101, 3402, CHAP. Working experience and/or knowledge of Security domains including Access management, Threat management, Incident response and recovery, Data protection, Vulnerability management, Monitoring and logging, Physical security, and Security risk management and governance. Working experience and/or knowledge of cloud

error budgets across all deployments. Designing automation and tooling to improve reliability and reduce manual work. Your Responsibilities and Tasks 1. Environment Health & Incident Response Monitor ST and MT environments for server performance, response times, error rates, and application health. Detect and resolve database issues, stalled file … 4. Monitoring & Reporting Implement and maintain Azure Monitor/Application Insights/Log Analytics dashboards for: Environment uptime & performance SLA compliance & error budget tracking Incident trends and recurring issue analysis Provide regular reliability reports and improvement recommendations to stakeholders. 5. Continuous Improvement & Knowledge Sharing Feed recurring issues and systemic

also translated into actionable insights and long-term improvements across the business. Skills required from the Security Analyst: Proven experience in a Security Analyst , Incident Response , or SOC environment (2nd line or similar). Strong hands-on experience in threat investigation, log analysis, and remediation . Good understanding … management and relevant stakeholders. Advise on security best practices and improvement initiatives across systems, networks, and processes. Contribute to ongoing development of detection, response, and monitoring capabilities. Support reviews and recommendations around security toolsets, processes, and automation opportunities. The Security Analyst can work fully remote for the duration

successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands … equivalent experience. Experience working in healthcare, charity, or public sector environments. Familiarity with NCSC CAF and NHS DSPT frameworks. Experience working with SOCs and incident response partners. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only

part of an on-call rota, ready to respond if we have a severe, platform-impacting security tooling failure or need second-line security incident response assistance Desirable You have an interest in offensive security, potentially including participation in CTFs and past experience as a red team operator

Deliver timely, high-quality threat briefings and risk assessments to operational stakeholders. Drive continuous improvement of threat intelligence processes, tooling, and automation. Participate in incident response investigations, providing threat context and attribution support. Maintain awareness of global regulatory and compliance requirements related to threat intelligence and offensive security

attacker tactics (TTPs), integrating insights into detection and prevention strategies. Collaborate across Cyber Security, Engineering, and Global IT teams to enhance security posture and incident response. About you Strong experience across both offensive and defensive cyber security disciplines. Deep understanding of attacker tactics, techniques, and procedures (TTPs), with expertise