1 to 25 of 70 Remote/Hybrid Incident Response Jobs in London

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

integrated into business unit initiatives, motivating business units to adopt efficient security controls throughout their lifecycle. Oversight of R&B’s and Corporate platforms response to Incident, integrating cyber incident response policies with business operations to improve agility and effectiveness in cyber incident management. Work … internal business units to enhance cyber security communication, including knowledge of threats, vulnerabilities, and mitigation strategies. Provide strategic insights to senior management on cyber incident response readiness and effectiveness. Collaborate with security leadership to enforce cyber security policies and practices, addressing operations and incident response. Provide expertise ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

into change initiatives, and security by design principles are applied. Provide 3rd line support to the IT service desk, responding to support requests and incident tickets which have been triaged and escalated to the cybersecurity operations team, and provide out of hours support through participation in an on-call … threat hunting, analysing logs and event data across the firms' systems, and procuring threat intelligence to inform the hunts. Provide technical leadership during security incident response, from identification through to containment, eradication, recovery and post incident review, reporting and recommendations; liaising with external IR providers as required. ...

play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security into the design of our Microsoft Word … threat modelling, define non-functional security requirements, and review designs for security impact. Guide security considerations in our AI/LLM-enabled products. Risk & Incident Management Own the company-wide incident response plan and lead tabletop exercises. Perform ongoing risk assessments, vendor security reviews, and DPIAs. Ensure ...

mature cyber security capability, working closely with an outsourced Security Operations Centre. This is a hands-on technical role focused on security monitoring, incident response, threat detection and platform optimisation, with particular emphasis on CrowdStrike and Splunk technologies. You will also support capability development within the wider security … will need proven experience working with the following: Cyber Security Engineering or SOC Engineering within complex environments CrowdStrike Falcon, including endpoint protection, detection and response Splunk Enterprise Security, dashboard development and alert optimisation Incident response, threat hunting and security monitoring Writing and optimising Splunk SPL queries Security ...

This is an initial 6 month contract paying up to £600 per day Outside IR35. The role focuses on supporting security operations monitoring and incident response activities within a large enterprise environment. This role allows remote working with occasional travel to London when required. The successful SOC Analyst … cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams to improve detection capabilities Experience within financial services, fintech or other regulated environments would ...

hybrid working mode. In this role, you will lead the Security Operations Center's day-to-day functions, focusing on operational excellence in incident management and response. This position ensures round-the-clock coverage, drives team performance, and maintains a high standard for incident handling and escalation. … providing leadership in Real Time threat detection and response, you will strengthen organizational resilience and safeguard critical systems against evolving cyber threats. Responsibilities Lead and oversee incident management and response processes within the SOC Manage shift coverage, ensuring continuous and effective operation Monitor and analyze key performance ...

Cyber Security Consultant - Incident and Vulnerability Management +6 months + +1 day a week on site in London/Preston/Birmingham - 4 days WFH +Inside IR35 + 550 - 580 a day +SC cleared role - must have current active clearance +Sole British nationals only due to nature … project Role Description: Security Incident & Vulnerability Management Consultant (Operational Integrator/SIAM - Transition Role) UK Sole National ONLY Security Clearance required Role Summary The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within ...

Cyber Security Consultant - Incident and Vulnerability Management Duration: 6 months Location: 1 day a week on site in London/Preston/Birmingham - 4 days WFH Employment type: Inside IR35 Rate: £550 - £580 a day SC cleared role - must have current active clearance Sole British nationals only … nature of the project Security Incident & Vulnerability Management Consultant (Operational Integrator/SIAM - Transition Role) UK Sole National ONLY Security Clearance required Role Summary The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within ...

tooling Career progression within a growing security function Key responsibilities: Monitor, investigate and respond to cyber security alerts and incidents Lead and support incident response activities Conduct threat hunting and threat modelling exercises Manage vulnerability remediation and penetration testing activities Support and improve SIEM, EDR/…/XDR, IDS/IPS and firewalls Good understanding of Microsoft Azure security technologies Knowledge of NIST, ISO27001 and CIS Controls Experience in incident response, vulnerability management and threat intelligence Relevant certifications such as CISSP, CISM, GIAC or Security+ Soft skills: Strong analytical and problem-solving abilities Calm ...

maintained. Establish, document, and enforce security controls that safeguard information flows across internal systems, third parties, and public networks. Develop, maintain, and execute incident response and crisis management procedures, ensuring swift and effective mitigation of security events while minimizing business disruption. Monitor security operations to identify anomalies, investigate … compliance activities. GENERAL Be the primary point of contact for all information security alerts and breaches within the Bank and coordinate responses via incident management protocols. Daily administrative tasks, reporting, and communication with the relevant departments in the organization. Maintain security records and documents of controls, security dashboards ...

data. The successful individual will: Lead and develop a high-performing Information Security team Oversee security operations including SIEM, endpoint protection, vulnerability management and incident response Manage cyber resilience across both cloud and on-premise environments Act as the senior escalation point for security incidents and response … understanding of cyber security operations, governance and risk management Experience managing and developing technical security teams Strong knowledge of SIEM technologies, cloud security and incident response processes Ability to communicate effectively with both technical teams and senior leadership Experience operating within regulated environments Desirable experience includes: CISSP, CISM ...

across Azure cloud, VMware infrastructure and Cisco Meraki networking. This is an operational cyber security role focused on cloud security, infrastructure hardening, vulnerability remediation, incident response, DR testing and cyber resilience. Key Skills & Experience: • Azure security, Entra ID, Conditional Access, RBAC and Azure Policy • VMware vSphere, vCenter … ESXi • Cisco Meraki, VLANs, VPNs, firewall rules and network segmentation • Security monitoring, incident response and vulnerability management • Sophos MDR or similar MDR/SIEM tooling • Windows/Linux hardening and secure configuration • Disaster Recovery and Business Continuity testing • PowerShell, KQL or Python desirable • Microsoft Defender, Sentinel ...

security policies, standards and procedures. Leading security awareness and training programmes that improve behaviours and strengthen Moneybox’s security culture. Owning Moneybox’s security incident response framework, ensuring the business is prepared to identify, contain, respond to and recover from security incidents effectively. Overseeing vulnerability management, including scanning … operational efficiency. Experience managing security risk in cloud‐based environments, ideally including Azure. Strong understanding of third‐party security risk management. Experience with incident response planning, testing and improvement. Experience reporting security risks, controls and metrics to senior management. Strong communication skills, with the ability to translate technical ...

Vault), and security integration into the delivery pipeline as a first-class concern Identify and address tooling gaps across monitoring, alerting, observability, and incident response; own the on-call process, runbooks, escalation paths, and post-incident reviews People Management & Team Leadership Directly manage 4/5 DevOps … diverse perspectives are constructively managed Delivery & Cross-Functional Collaboration Act as the primary point of contact for DevOps matters in cross-functional planning, incident response, and infrastructure governance Collaborate closely with the Engineering Manager, Core Platform to ensure platform reliability, deployment pipelines, and infrastructure tooling meet backend SLAs ...

play a key role in a growing SecOps function protecting a modern Microsoft and cloud environment. This is a highly technical role focused on incident response, SIEM optimisation, vulnerability management, and security engineering, helping drive a Zero Trust journey and supporting ISO 27001 & CIS controls. What … doing Lead and support incident response, threat monitoring and root-cause analysis Tune and optimise SIEM & CrowdStrike EDR for maximum effectiveness Drive vulnerability management, remediation and risk reduction Secure cloud and infrastructure across Intune, Entra ID, Palo Alto, Cisco ISE, Mimecast and more Implement key security controls including ...

infrastructure and applications. You will design, implement, and maintain monitoring solutions to provide visibility into system health and performance, proactively detect anomalies, and reduce incident response time. Our Engineering Team The CMG engineering team consists of domain experts who work collaboratively within a culture of cross‐domain knowledge … implement SLOs, SLIs, and error budgets to measure system reliability. Develop and optimize dashboards, alerts, and reports for system performance and business metrics. Alerting & Incident Management Design actionable alerting strategies to minimize noise and improve MTTR. Integrate alerting systems with Jira. Establish and refine runbooks for on‐call teams ...

initial contract) Location: SW1A 2AH, City of Westminster, England, United Kingdom Remote type: Remote Start date: As soon as possible Head of SOC/Incident Response – LA International Senior leadership within public sector and Defence cybersecurity. Coordinating and integrating public sector/defence digital services. Leverage … public benefit and strengthen digital infrastructure. Manage incident response with knowledge of NIST, ISO 27001, etc. Recruit, mentor, and influence SOC teams. Duration: 6 months Location: Fully remote (with occasional onsite meetings 1–2x per month) Start date: As soon as possible SOC Solutions & Cyber Advisory Lead ...

growth and innovation. You’ll define and lead our security strategy, establish governance and compliance frameworks, strengthen cloud and third‐party security, and drive incident response and resilience planning across the organisation. About You Experience & Expertise 10+ years’ experience in information security, including leadership‐level responsibility Proven experience … building and scaling security and privacy programmes within growing organisations Strong hands‐on knowledge of GDPR, PCI‐DSS, incident response, and resilience planning Experience working within cloud‐first environments, ideally AWS Strong understanding of security within e‐commerce, fintech, or customer‐data‐led businesses Comfortable operating as both ...

secure, reliable, and scalable delivery of Retail platforms and applications. Oversee delivery planning, execution, and risk management, including ownership of P1 and P2 incident response and resolution. Build and develop engineering capability through strong leadership of Engineering Managers and senior engineers. Promote consistent engineering standards across automation, DevOps … technical design decisions to ensure solutions are scalable, secure, and maintainable. Act as an escalation point for major incidents, coordinating resolution and leading post‐incident reviews. Work with Engineering Managers to track delivery progress, dependencies, and risks. Coach and mentor engineering leaders, supporting capability and leadership development. Represent Retail ...

safe, controllable execution. Build evaluation frameworks, feedback loops, and testing for deterministic and non‐deterministic systems. Operate agents in production (AgentOps): logging, monitoring, alerting, incident response, and continuous improvement. Contribute to production infrastructure standards including CI/CD, environment separation, secrets management, and security fundamentals. Must Haves 5+ … ownership across design, implementation, deployment, and operations. Solid understanding of cloud‐native infrastructure and production operations (CI/CD, environment separation, secrets, monitoring, incident response). Nice to Haves Experience with Camunda, BPMN, DMN, or other workflow/orchestration platforms. Experience building reusable internal platforms, shared services ...