1 to 25 of 54 Remote Incident Response Jobs in London

We now have an exciting opportunity for an Associate Director to join our Digital Forensics and Incident Response (DFIR) team in London. As the senior member of the EMEA DFIR team with deep digital forensic experience, you will be integral to the wider EMEA practice, and part of a global practice offering and influencing the direction of our … forensic technology and digital forensics incident response capability. The Discovery and Data Insights department is the hub of all technical consulting, providing digital forensics and incident response solutions for cyber response investigations, digital forensic investigations, eDiscovery, and data analytics. Our clients include law firms and Fortune 500 multinationals across the globe. Day to day, you … and execute matters that arise on short notice, support crises, and deploy the team as needed. As the technical lead, you will provide direction, ensure quality, and manage forensic incident response engagements. You will also engage across the business to leverage technology consulting into business development and go-to-market strategies, increasing the team's visibility and capabilities More ❯

case lead in sufficient time to allow review and feedback, before submitting to a client. Produce case summary and other reports as directed. Supporting the growth of the Cyber Response practice Refining Control Risks' cyber response methodologies and approaches and tailoring the approach in changing market conditions. Supporting marketing initiatives. As the Graduate Consultant you will focus on … two key areas: crisis management and incident response. Crisis Management Support the Cyber Incident Response team advising clients on post incident cyber crisis management independently or in conjunction with Control Risks response department. Support initial assessment of case and where appropriate, providing immediate verbal/written advice, recorded in an initial information gathering form. Support … covering: Liaising with key stakeholders, including the Client, law firm and communication specialists. Options, contingency plans and recommendations for managing the strategic and or less technical elements of a response engagement. Discuss and input into communications strategies and plans. Incident Response Support the Cyber Incident Response team advising clients on post incident cyber crisis More ❯

SOC Analysts to join their Security Operations Centre. This is an excellent opportunity for an experienced SOC professional to step into a senior role, leading on complex investigations and incident response within a high-profile environment. The Role - The Senior SOC Analyst will act as the technical expert within the SOC, responsible for handling escalations from Tier … and Tier 2 analysts and managing the most complex security incidents. You will lead deep-dive investigations, improve detection and response processes, and play a key role in stakeholder engagement. Key responsibilities include: Analysing advanced security incidents, determining root cause and attack paths. Leading incident response activities across SIEM, EDR/XDR, networks, and cloud platforms. Producing … clear, business-focused incident reports and updates for senior stakeholders. Advising on SOC tooling and ensuring effective integration of incident response requirements. Supporting security exercises, crisis response, and compliance alignment with industry frameworks. Candidate Profile - The successful candidate will bring: Significant experience in SOC operations and cyber incident response. Strong knowledge of adversary TTPs and More ❯

SOC Analysts to join their Security Operations Centre. This is an excellent opportunity for an experienced SOC professional to step into a senior role, leading on complex investigations and incident response within a high-profile environment. The Role - The Senior SOC Analyst will act as the technical expert within the SOC, responsible for handling escalations from Tier … and Tier 2 analysts and managing the most complex security incidents. You will lead deep-dive investigations, improve detection and response processes, and play a key role in stakeholder engagement. Key responsibilities include: Analysing advanced security incidents, determining root cause and attack paths. Leading incident response activities across SIEM, EDR/XDR, networks, and cloud platforms. Producing … clear, business-focused incident reports and updates for senior stakeholders. Advising on SOC tooling and ensuring effective integration of incident response requirements. Supporting security exercises, crisis response, and compliance alignment with industry frameworks. Candidate Profile - The successful candidate will bring: Significant experience in SOC operations and cyber incident response. Strong knowledge of adversary TTPs and More ❯

setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit … preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Incident Response & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and More ❯

security across Intigriti infrastructure, ensuring the confidentiality, integrity, and availability of company data. Collaborate with the IT System Administrator to manage and enhance the overall network and system security. Incident Response and Threat Detection Develop and implement incident response plans to address security incidents promptly and effectively. Work closely with the Threat Detection Engineer to monitor More ❯

speaking knowledgeably at regular internal threat intelligence briefings. Leveraging threat intelligence, experience, and other inputs to perform active threat hunting. Work alongside the Attack Surface Management Team to build response playbooks on emerging vulnerabilities. Interface with technical and non-technical users to conduct fact-finding interviews, gather forensic artifacts and understand business processes. Engage with other teams as appropriate … either as a result of incident response, to build platform specific alerting, or to advocate for improvements to configurations or technologies. Continue to develop and improve the Cyber Incident Response Plan and advocate for the program. Participate in on-call rotation for escalated security events.# QUALIFICATIONS Experience in having worked in a Security Operations, CSIRT, or … and log analysis. Knowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, data loss prevention, Endpoint Detection and Response (EDR), and SIEM (Splunk) Strong understanding of common communication protocols, networking fundamentals and the necessary tools to analyze network activity. Track record of mentorship and knowledge sharing to broader More ❯

incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Location/WFH: You'll join the team in brand new Central London based offices three days a week with flexibility to work from … home the other two days. About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of More ❯

incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Location/WFH: You'll join the team in brand new Central London based offices three days a week with flexibility to work from … home the other two days. About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of More ❯

incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Location/WFH: You'll join the team in brand new Central London based offices three days a week with flexibility to work from … home the other two days. About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of More ❯

incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Location/WFH: You'll join the team in brand new Central London based offices three days a week with flexibility to work from … home the other two days. About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of More ❯

CE+, GDPR, NIS2, ONR Security Domains/Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management Programmes Incident Response and Threat Assessment Emergency Patch Governance Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact) Audit Support (internal assurance, penetration test follow-ups, external audits) Exception More ❯

Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What you'll do: SIEM … Engineering & Management: Deploy, configure, and optimise QRadar. Onboard log sources from cloud/on-prem environments. Build detection and anomaly rules. Playbook Development & Automation: Design and implement automated response playbooks (phishing, lateral movement, exfiltration) with SOAR tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel, coordinate incident response. Threat … in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic analysis. Familiarity with ITIL processes (Incident, Problem, Change). More ❯

Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams effectiveness through ownership of relevant issues More ❯

Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams effectiveness through ownership of relevant issues More ❯

Centre interconnects), ensuring high availability, resilience, and service excellence. SLA & KPI Management: Define, measure, and continuously improve network service SLAs, KPIs, and operational benchmarks across availability, latency, performance, and incident resolution. Vendor & Partner Management: Manage relationships with ISPs, telecom providers, and technology vendors. Drive accountability through contracts, SLA adherence, service credits, and strategic partnerships. Incident & Problem Management: Oversee … critical incident response, escalation handling, root cause analysis, and problem remediation to minimise downtime and service disruption. Delivery & Transformation: Ensure successful delivery of network upgrades, capacity enhancements, and new connectivity services while maintaining zero disruption to production services. Governance & Compliance: Implement operational processes aligned with ISO 27001, PCI DSS, and other relevant compliance frameworks. Cost & Budget Ownership: Optimise … technologies. Experience in managing ISP peering, public IP allocations, redundancy, and DDoS protection strategies. Strong understanding of automation, observability, and network monitoring tools to drive proactive operations. Skilled in incident, change, and problem management processes within ITIL or similar frameworks. Excellent communicator with the ability to engage both executive stakeholders and technical teams. Payments industry or regulated-sector experience More ❯

The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯

The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯

The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯

The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯

Cyber Security. Core responsibilities: - Overall management and maintenance of the CrowdStrike platform, including configuring EDR policies, tuning SIEM rules, and optimizing the system for performance - Leading or participating in incident response efforts, conducting root cause analysis, and developing runbooks for incident handling - Monitoring for security threats, analysing alerts, and responding to incidents using CrowdStrike and other security More ❯

cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incident response using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯

cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incident response using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯

cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incident response using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯

cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incident response using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯