1 to 25 of 130 Remote Incident Response Jobs in London

Senior Analyst, (Delivery Lead), Incident Response London We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the Incident Response Team. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some … Working in Cyber at S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we'd like to hear from you. Our Incident Response Delivery Leads are a critical part of our Cyber Security division's success. As a Delivery Lead on our team, you will deploy your incident response More ❯

Role: VP - Digital Forensics & Incident Response (DFIR) Manager Location: London (Hybrid working available) Salary: Up to £90,000 + benefits Sector: Cyber Security/Financial Services Overview A leading financial services organisation is seeking a VP-level DFIR Manager to lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role … focused on incident response, threat detection, and forensics within a complex, regulated environment. You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response … investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. Contribute to vulnerability management and remediation plans. More ❯

re now seeking a Consultant to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, Incident Response, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . You will be expected to … be a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London office at least three days a week (hybrid) with … on-call rotations that may include weekends/evenings. Experience in digital forensics and incident response is essential. Responsibilities Provide forensic/incident response consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation teams across regions. Deliver high-quality, timely, and efficient results to clients. Ensure work is defensible and meets evidential More ❯

We are looking for a seasoned, detail-oriented Security Incident Manager to join our security team. The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents. This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory … requirements.The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution. This individual will drive teams to ensure timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions. Your Impact Incident Response Leadership Lead … all phases of incident response, including detection, analysis, containment, eradication, recovery and communication. Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams. Ensure adherence to the organization's incident response framework and regulatory requirements. 2. Strategic Communication Serve as the main point of contact for incident updates to More ❯

with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incident response playbooks, reviewing existing policy sets, documenting key BAU and incident response processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incident response playbooks Policy reviews Incident response If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯

with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incident response playbooks, reviewing existing policy sets, documenting key BAU and incident response processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incident response playbooks Policy reviews Incident response If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯

We are looking for aEngineering Manager, Security Operations to lead and scale security operations across Vercel's platform and enterprise security functions. This role will focus on operational resilience, incident response readiness, and fostering alignment across security and engineering teams. You will oversee threat detection, response processes, and security best practices, while guiding Security Operations Engineers to … For location-specific details, please connect with our recruiting team. What You Will Do: Lead and manage Security Operations for platform and enterprise security functions, ensuring effective detection and response capabilities. Develop and refine incident response protocols and threat detection processes, ensuring rapid and effective mitigation of security incidents. Own internal attack surface management, including SaaS security … and reduce operational overhead. Support compliance initiatives (PCI, SOC2, ISO) by ensuring audit readiness and security visibility across critical systems. About You: Extensive experience leading security operations functions, including incident response, threat detection, and security monitoring at scale. Strong technical expertise in SIEM, logging infrastructure, and cloud security (AWS, Kubernetes, serverless architectures). Proven leadership in mentoring and More ❯

organised crime remains the biggest concern for digital leaders. Public services, councils and healthcare providers continue to be high-profile victims. This is driving demand for security operations specialists, incident response teams and forensic analysts. Supply chain risk is under the spotlight Breaches linked to third-party providers have exposed vulnerabilities beyond company walls. In response, organisations … evolving threats and advising on proactive measures. Typical salary: £50,000 to £85,000 Cybersecurity Analyst - A key all-rounder role, analysts monitor networks, investigate suspicious activity and support incident response efforts. They are often the first to identify and flag vulnerabilities. Typical salary: £45,000 to £70,000 We're also seeing new hybrid titles emerge, such … business. The Skills Employers Are Prioritising Employers are looking for more than technical knowledge, they're searching for people who can make a real impact. Core technical skills include: Incident response and threat hunting Identity and access management Zero Trust architecture Familiarity with UK regulatory standards and NCSC guidance Certifications often requested: CISSP, CISM, CISA CompTIA Security+ ISO More ❯

Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world’s most prestigious law firms is seeking a Senior Incident Response & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a key role in the operation and … enhancement of a 24/7 SOC , handling incident response and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement … Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal More ❯

and lead the global cyber security strategy. This is a high-impact, senior leadership role ideal for someone who combines strategic oversight with hands-on expertise across security operations, incident response, and governance. As the business continues to modernise its technology infrastructure, this role will be central to protecting digital assets and ensuring compliance with global security and … privacy standards. What You’ll Be Doing: Define and implement the cyber security strategy, policies, and controls across a multi-regional environment. Lead global security operations, including threat detection, incident response, and risk mitigation. Manage compliance with standards such as ISO27001, NIST, Cyber Essentials+, and GDPR. Build and develop a high-performing cyber team spanning multiple international offices. … Collaborate with senior leadership, risk committees, and external vendors to ensure alignment on cyber risk and mitigation. Own the incident response function, including planning, testing, and leading responses when required. Drive security awareness across the organisation with a measurable, well-governed training programme. What We’re Looking For: Minimum 5 years’ experience in a senior cyber security role More ❯

Location: United Kingdom 100% Remote? Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incident response Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What … You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security … MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to More ❯

security tools such as CSPM and CNAPP. In addition, you'll write scripts and build automation tools to streamline security activities, work cross-functionally to ensure effective monitoring and incident response, and collaborate closely with product teams to provide guidance and encourage adoption of security best practices. You'll also take part in an on-call rotation to … support timely and effective incident response when needed. What we're looking for Cloud engineering experience with security tooling and cloud workload protection Skilled in DevOps, AWS, Infrastructure as Code (Terraform), and scripting (Python, Bash) Knowledge of secure engineering standards (OWASP, CIS, NIST) and Agile/DevOps practices Experienced with CSPM, CNAPP, security incident response, and More ❯

setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit … preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Incident Response & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and More ❯

natural focus sits in protecting an organization's technology infrastructure and data from cyber-attacks. Provide support and expertise during cyber incidents and contribute to the development of cyber incident management and response plans Prepare detailed technical documentation to support with the improvement of a customer’s security estate, acting as a go-to for general advice and … spent Progression Plan - training & mentor programme. Experience 2+ years in Pre-Sales or similar role within an MSP/Reseller organisation. Previous experience being part of or working with incident response teams would be beneficial Good understanding of incident response stages and handling preferred o Knowledge and/or experience using endpoint detection and threat management More ❯

Job Summary: The Security Operations Lead is responsible for our security monitoring and incident response capabilities within the Square Enix Cyber Security team (covering Europe and North America). The primary goals of the role are the timely detection of security incidents, effective response and the continuous improvement of our preventative and detective controls. This role will … across Square Enix. Day to day you will be performing in-depth analysis and investigation of security alerts, game/brand related security events as well as leading the response to incidents. You will be responsible for maintaining and optimising our security operations tools and processes. Additionally you will be testing the effectiveness of our preventative and detective controls … platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with key More ❯

and clarity. Drive Transformation: Lead security by design across cloud, data, AI, IoT, and operational technology landscapes-embedding security in every initiative. Stay Ahead of Threats: Oversee threat detection, incident response, and resilience programs with precision and global coordination. Shape Culture: Champion a cyber-aware culture across 100,000+ employees, embedding secure behaviours in the DNA of our … and prioritize information security risks to the organization, and develop strategies to mitigate these risks effectively. Security Assurance: Oversee the day-to-day assurance of information security activity, including incident response, threat detection, vulnerability management, and security monitoring. Day-to-day Security Operations are managed by Technology Operations so this role acts as a second line of defence. … training, education, and communication programs. Vendor Assurance: Review critical third-party vendors and service providers to ensure the security of outsourced systems and services and the data they contain. Incident Reviews: Lead the review of security incidents and breaches, coordinating with internal teams and external stakeholders to ensure any learnings are effectively applied. Budget Management: Develop and manage the More ❯

tests, identifying risks and driving remediation efforts. Monitor infrastructure for security incidents or unauthorised activity, responding swiftly to mitigate potential threats. Investigate security breaches and incidents, and develop robust incident response plans to ensure timely and effective resolution. Collaborate with cross-functional teams to design, implement, and manage security controls and configurations across a range of platforms and … . Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols More ❯

in network security to lead and coordinate critical infrastructure and cybersecurity projects. This role operates on a 24/7 shift rotation , ensuring continuous oversight of security initiatives and incident response coordination. Key Responsibilities and skills Lead and manage end-to-end delivery of network security projects, ensuring alignment with business goals and compliance standards. Coordinate with cross … network security technologies. Monitor project progress during all shifts, ensuring timely escalation and resolution of issues. Maintain detailed project documentation, including risk assessments, change logs, and status reports. Support incident response efforts and post-incident reviews during off-hours. Ensure adherence to cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements. Provide leadership and mentorship to junior More ❯

security data and identify patterns or anomalies that may indicate a security breach. Review regular vulnerability assessments and penetration testing to ensure the robustness of security measures. Ensure rapid response to common incidents: Contribute to incident response plans to address security breaches promptly and effectively. Key Skills and Experience Required: Proven experience in cyber security, with a … monitoring techniques, using Microsoft Sentinel and its integration technologies and related tools to manage and analyse logs to detect and respond to threats effectively. Demonstrated ability to execute robust incident response, ensuring swift and effective handling of security incidents Ability to provide clear, actionable advice on best practices, improving the organisation's overall security posture and resilience. Excellent More ❯

incidents and escalate as appropriate Collaborate with the SOC and internal teams to respond to and resolve security events Drive vulnerability remediation across infrastructure and cloud environments Participate in incident response activities, forensic investigations, and risk mitigation Participate in an on-call rota for out-of-hours cyber incident response What We're Looking For Experience More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

and application support engineer to manage the operation and maintenance of regulatory reporting systems for financial institutions. This role focuses on ensuring stable system operation through continuous monitoring, rapid incident response (including on-call support), root cause analysis, and documentation. The ideal candidate will have experience in maintaining mission-critical systems and strong skills in SQL-based data … weekend support Location: Central London (Hybrid) Position Overview This position supports the stable operation of regulatory reporting systems used by financial institutions. You will be responsible for system monitoring, incident response, root cause analysis, and providing comprehensive incident reports. The role requires attention to detail and a strong sense of ownership, as you will be supporting systems … and provide both temporary and permanent solutions • Extract and analyse data using SQL (Microsoft SQL Server) • Analyse incidents using logs and DB traces to identify root causes • Prepare detailed incident reports, including root cause and preventative actions • Communicate with clients and internal stakeholders in both English and Japanese Must Requirements • Experience in IT system operations and support for financial More ❯

and escalation management. Originate cyber risk management and technology resilience opportunities. Own key client relationships, supported with account, sales and marking plans. Position our cyber threat intelligence, assurance and incident response practices. Provide clear, brand-enhancing, and energetic consulting leadership in EMEA, actively promoting Control Risks as an advisor on cyber and technology risk in the market, leading … management. Business development Originate cyber risk management and technology resilience opportunities. Own key client relationships, supported with account, sales and marking plans. Position our cyber threat intelligence, assurance and incident response practices. Provide clear, brand-enhancing, and energetic consulting leadership in EMEA, actively promoting Control Risks as an advisor on cyber and technology risk in the market, leading More ❯

security strategy. Responsibilties: Designing and implementing robust security policies, controls, and infrastructure protection strategies. Leading vulnerability management efforts, penetration testing, and remediation plans. Monitoring and investigating security events, managing incident response processes end-to-end. Ensuring compliance with security standards such as ISO 27001 and supporting audits and certifications. Collaborating across teams to embed security into the core … vulnerability scanners, encryption, SAST/DAST tools, OWASP ZAP, etc. Strong understanding of network security protocols and best practices. Scripting and automation experience (e.g. Python). Proven experience with incident response and threat mitigation. Familiarity with security compliance frameworks (ISO 27001, SOC 2, etc.). Security certifications (e.g. Security+, CISSP, or equivalent) are a plus. You'll Thrive More ❯

including device setup and account management. Manage global laptop deployment and hardware provisioning for employees worldwide. Maintain network connectivity and infrastructure across multiple sites Assist with security investigations and incident response activities Resolve IT issues and provide technical support within office environments Collaborate closely with security, compliance, and other technical teams Coordinate with vendors and suppliers to procure … efficiency Strong understanding of information security frameworks, particularly ISO27001 Experience with enterprise device management and deployment at scale Knowledge of networking fundamentals and troubleshooting Familiarity with security tools and incident response procedures Experience supporting remote and hybrid work environments Strong vendor management and procurement skills Excellent problem-solving and communication abilities Ability to work across multiple time zones More ❯