We now have an exciting opportunity for an Associate Director to join our Digital Forensics and IncidentResponse (DFIR) team in London. As the senior member of the EMEA DFIR team with deep digital forensic experience, you will be integral to the wider EMEA practice, and part of a global practice offering and influencing the direction of our … forensic technology and digital forensics incidentresponse capability. The Discovery and Data Insights department is the hub of all technical consulting, providing digital forensics and incidentresponse solutions for cyber response investigations, digital forensic investigations, eDiscovery, and data analytics. Our clients include law firms and Fortune 500 multinationals across the globe. Day to day, you … and execute matters that arise on short notice, support crises, and deploy the team as needed. As the technical lead, you will provide direction, ensure quality, and manage forensic incidentresponse engagements. You will also engage across the business to leverage technology consulting into business development and go-to-market strategies, increasing the team's visibility and capabilities More ❯
SOC Analysts to join their Security Operations Centre. This is an excellent opportunity for an experienced SOC professional to step into a senior role, leading on complex investigations and incidentresponse within a high-profile environment. The Role - The Senior SOC Analyst will act as the technical expert within the SOC, responsible for handling escalations from Tier … and Tier 2 analysts and managing the most complex security incidents. You will lead deep-dive investigations, improve detection and response processes, and play a key role in stakeholder engagement. Key responsibilities include: Analysing advanced security incidents, determining root cause and attack paths. Leading incidentresponse activities across SIEM, EDR/XDR, networks, and cloud platforms. Producing … clear, business-focused incident reports and updates for senior stakeholders. Advising on SOC tooling and ensuring effective integration of incidentresponse requirements. Supporting security exercises, crisis response, and compliance alignment with industry frameworks. Candidate Profile - The successful candidate will bring: Significant experience in SOC operations and cyber incident response. Strong knowledge of adversary TTPs and More ❯
London, Old Bailey, United Kingdom Hybrid / WFH Options
Morson Talent
SOC Analysts to join their Security Operations Centre. This is an excellent opportunity for an experienced SOC professional to step into a senior role, leading on complex investigations and incidentresponse within a high-profile environment. The Role - The Senior SOC Analyst will act as the technical expert within the SOC, responsible for handling escalations from Tier … and Tier 2 analysts and managing the most complex security incidents. You will lead deep-dive investigations, improve detection and response processes, and play a key role in stakeholder engagement. Key responsibilities include: Analysing advanced security incidents, determining root cause and attack paths. Leading incidentresponse activities across SIEM, EDR/XDR, networks, and cloud platforms. Producing … clear, business-focused incident reports and updates for senior stakeholders. Advising on SOC tooling and ensuring effective integration of incidentresponse requirements. Supporting security exercises, crisis response, and compliance alignment with industry frameworks. Candidate Profile - The successful candidate will bring: Significant experience in SOC operations and cyber incident response. Strong knowledge of adversary TTPs and More ❯
setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit … preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements IncidentResponse & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incidentresponse and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and More ❯
security across Intigriti infrastructure, ensuring the confidentiality, integrity, and availability of company data. Collaborate with the IT System Administrator to manage and enhance the overall network and system security. IncidentResponse and Threat Detection Develop and implement incidentresponse plans to address security incidents promptly and effectively. Work closely with the Threat Detection Engineer to monitor More ❯
speaking knowledgeably at regular internal threat intelligence briefings. Leveraging threat intelligence, experience, and other inputs to perform active threat hunting. Work alongside the Attack Surface Management Team to build response playbooks on emerging vulnerabilities. Interface with technical and non-technical users to conduct fact-finding interviews, gather forensic artifacts and understand business processes. Engage with other teams as appropriate … either as a result of incidentresponse, to build platform specific alerting, or to advocate for improvements to configurations or technologies. Continue to develop and improve the Cyber IncidentResponse Plan and advocate for the program. Participate in on-call rotation for escalated security events.# QUALIFICATIONS Experience in having worked in a Security Operations, CSIRT, or … and log analysis. Knowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, data loss prevention, Endpoint Detection and Response (EDR), and SIEM (Splunk) Strong understanding of common communication protocols, networking fundamentals and the necessary tools to analyze network activity. Track record of mentorship and knowledge sharing to broader More ❯
Central London, London, United Kingdom Hybrid / WFH Options
Client Server
incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incidentresponse readiness and capabilities. Location/WFH: You'll join the team in brand new Central London based offices three days a week with flexibility to work from … home the other two days. About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and IncidentResponse You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Client Server Ltd
incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incidentresponse readiness and capabilities. Location/WFH: You'll join the team in brand new Central London based offices three days a week with flexibility to work from … home the other two days. About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and IncidentResponse You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Anson Mccade
Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What you'll do: SIEM … Engineering & Management: Deploy, configure, and optimise QRadar. Onboard log sources from cloud/on-prem environments. Build detection and anomaly rules. Playbook Development & Automation: Design and implement automated response playbooks (phishing, lateral movement, exfiltration) with SOAR tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel, coordinate incident response. Threat … in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incidentresponse, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic analysis. Familiarity with ITIL processes (Incident, Problem, Change). More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Copello
Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incidentresponse activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams effectiveness through ownership of relevant issues More ❯
Centre interconnects), ensuring high availability, resilience, and service excellence. SLA & KPI Management: Define, measure, and continuously improve network service SLAs, KPIs, and operational benchmarks across availability, latency, performance, and incident resolution. Vendor & Partner Management: Manage relationships with ISPs, telecom providers, and technology vendors. Drive accountability through contracts, SLA adherence, service credits, and strategic partnerships. Incident & Problem Management: Oversee … critical incidentresponse, escalation handling, root cause analysis, and problem remediation to minimise downtime and service disruption. Delivery & Transformation: Ensure successful delivery of network upgrades, capacity enhancements, and new connectivity services while maintaining zero disruption to production services. Governance & Compliance: Implement operational processes aligned with ISO 27001, PCI DSS, and other relevant compliance frameworks. Cost & Budget Ownership: Optimise … technologies. Experience in managing ISP peering, public IP allocations, redundancy, and DDoS protection strategies. Strong understanding of automation, observability, and network monitoring tools to drive proactive operations. Skilled in incident, change, and problem management processes within ITIL or similar frameworks. Excellent communicator with the ability to engage both executive stakeholders and technical teams. Payments industry or regulated-sector experience More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Stack Recruitment
The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 IncidentResponse: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯
The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 IncidentResponse: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯
london (city of london), south east england, united kingdom Hybrid / WFH Options
Stack Recruitment
The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 IncidentResponse: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯
london, south east england, united kingdom Hybrid / WFH Options
Stack Recruitment
The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 IncidentResponse: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯
City of London, London, United Kingdom Hybrid / WFH Options
DGH Recruitment
Cyber Security. Core responsibilities: - Overall management and maintenance of the CrowdStrike platform, including configuring EDR policies, tuning SIEM rules, and optimizing the system for performance - Leading or participating in incidentresponse efforts, conducting root cause analysis, and developing runbooks for incident handling - Monitoring for security threats, analysing alerts, and responding to incidents using CrowdStrike and other security More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Qurated
cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incidentresponse using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯
cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incidentresponse using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯
london, south east england, united kingdom Hybrid / WFH Options
Qurated
cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incidentresponse using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯
london (city of london), south east england, united kingdom Hybrid / WFH Options
Qurated
cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incidentresponse using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Proactive Appointments
and stability of all IT systems and services. Key Responsibilities: Implement and enforce cybersecurity best practices (ISO 27001,CE+, CIS benchmarks), including endpoint protection, vulnerability scanning, penetration testing, and incidentresponse planning. Ensure compliance with regulatory standards such as GDPR Ensure best security practice for Office 365, Exchange Online, and SharePoint administration. Administer firewalls, VPNs, and endpoint security More ❯
develop a career in Cyber Security in an exciting, fast-moving industry. Key Deliverables: SIEM Management and Optimisation Lead the management, administration and support of our SIEM platform and incidentresponse environment, including general infrastructure and system administration. On-board, maintain and manage security log sources for our SIEM platform, including agent and policy deployment and creating ingest More ❯
City of London, London, England, United Kingdom Hybrid / WFH Options
How to Job Ltd
trends and best practices. Qualifications: •Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication skills with the ability to explain More ❯