1 to 25 of 82 Incident Response Jobs in London

primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document … infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams ...

firms risk appetite, client expectations and legal and regulatory changes and attitudes Manage and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal … regulatory reporting, client and individual notifications and reputation management. Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide To support the CPO and CISO in the formulation and delivery of the firms cyber and incident response ...

Cyber Security Analyst - Incident Response London - Hybrid | Up to £75,000 + benefits A global specialist insurer is expanding its internal cyber defence capability and is seeking an experienced analyst to strengthen its Security Operations Centre. This role is focused on incident response first and foremost. … suits someone who has spent 3-5 years in a SOC environment and is now taking ownership of investigations, leading response activity, and managing incidents end-to-end. Threat intelligence exposure is welcome but not essential. The role Lead and coordinate responses to live security incidents including malware, phishing ...

Operations Analyst to join a fast-growing Blue Team within our Cyber Practice. You will work with high-profile clients to ensure effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms … escalation for junior analysts. Serve as a technical subject matter expert on client engagements, presenting findings to senior stakeholders. Participate in alert testing, incident response exercises, and threat hunting activities. Stay up to date with the latest threat intelligence and emerging attacker tactics. Additional Responsibilities (client-dependent): Threat ...

servers, and workstations. Carrying out security monitoring and improving the configuration of the security monitoring tools used by Smart Communications. Enhancing security detection and incident response processes ranging from individual playbooks to security incident response and remediation plans. Managing vulnerability detection and remediation by working with … years of hands-on experience in a similar role. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments including proactive configuration of AWS accounts and assets to meet good security practices Experience conducting security ...

client is seeking a SOC Analyst to join a security operations team in London. The role is focused on real-time monitoring, investigation, and incident response across a modern enterprise security environment. Key Responsibilities Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint … Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce clear incident documentation, reports, and recommendations for continuous improvement. Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows. Required ...

client is an innovative and growing financial services organisation focused on providing exceptional service and safeguarding client wealth. They are seeking an Operational Resilience & Incident Manager to ensure the organisation can anticipate, withstand, respond to, and recover from operational disruptions. This pivotal role involves leading resilience testing, managing real … simulations. Assess critical business services and their dependencies, ensuring robust impact tolerances. Collaborate with technology and business teams to embed resilience into operational processes. Incident Management Lead and coordinate real-time response efforts for operational incidents, ensuring swift and effective resolution. Develop and maintain incident response ...

client is seeking a SOC Analyst to join a security operations team in London. The role is focused on real-time monitoring, investigation, and incident response across a modern enterprise security environment. Key Responsibilities Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint … Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce clear incident documentation, reports, and recommendations for continuous improvement. Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows. Required ...

Lead Cybersecurity Incident Responder - IR, Cyber, - London/Hybrid (some travel European travel) Salary: Competitive, We are seeking a highly experienced cybersecurity professional with a strong background in incident response and advanced security operations. Extensive hands-on experience in Incident Response (IR), SOC, MSSP, CSIRT … party vendor relationships. Solid working knowledge of the MITRE ATT&CK framework. Willingness to take part in on-call rotations. As the Lead Cybersecurity Incident Responder, you will play a critical role in guiding clients through high-impact, time-sensitive security incidents. Conducting network, host, and forensic investigations, presenting ...

threats, trends, technologies, and best practices. Provide expert advice and guidance on information security matters to various stakeholders across the organization. 2. Security Operations & Incident Response: Oversee the day-to-day operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus … vulnerability scanners, and data encryption solutions. Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses. Lead and manage security incident response, including detection, analysis, containment, eradication, recovery, and post-incident review. Develop and maintain robust disaster recovery and business continuity plans related ...

strong observability and auditability, including logging, monitoring, alerting, and security events. ·Design systems assuming attack, failure, and misuse as default scenarios. ·Lead cloud-level incident response and post-incident reviews. ·Ensure the platform meets expectations for a trading/regulated environment. Reliability, DR & Resilience ·Design, implement … trading, or other security-sensitive environments. ·Experience with containerised and event-driven systems. ·Experience inheriting, hardening, or cleaning up existing cloud environments. ·Familiarity with incident response and DR testing in cloud platforms. Working Style ·Proactive and self-directed; sees gaps and addresses them without prompting. ·Detail-oriented ...

will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence ...

will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence ...

risk management frameworks Regulatory Compliance & Privacy: Advise on compliance with GDPR, UK GDPR, and other global data protection regulations, including policy development Operations, Incident Response & Resilience: Support and improve security operations, incident response frameworks, and business continuity capabilities Assessment, Audit & Advisory: Conduct security and privacy assessments ...

implementing, operating, and monitoring technical security controls across IT and operational environments. The role is hands-on and delivery-focused, covering vulnerability management, incident response, identity and access controls, security tooling, and technical risk mitigation, while working in alignment with governance and risk requirements. Key Responsibilitie s Security … Controls & Architecture Vulnerability & Threat Management Incident Response Identity, Access & Data Security Risk & Compliance Support Security Training and awareness Required Technical Experience: Proven experience in a hands-on IT security/cybersecurity role Logging and monitoring Security Tooling (vulnerability scanning (Tenable, Qualys, Rapid7) Endpoint or network security platforms ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

posture aligns with business objectives, regulatory requirements, and recognised industry standards. The Information Security Officer will own security strategy, risk management, policy development, and incident response, while promoting security awareness across the organisation. Key Responsibilities Develop and maintain an organisation-wide information security strategy. Establish and enforce security … policies, standards, and governance processes. Lead incident response and manage security breaches. Ensure compliance with relevant laws, regulations, and security frameworks. Embed security into risk management, application development, and operational processes. Report on security risks and programme performance to senior leadership. Support supplier assurance, audits, penetration testing ...

specific and relevant security data points Participate in an on-call rotation and assist with troubleshooting issues that arise Defining and implementing a Security Incident Response process/policy with regular evolvement, testing and adherence Required Qualifications Three years or more experience in Cloud Infrastructure roles (predominantly … team Advantageous Qualifications AWS Certified Security Specialist Hands on experience designing and implementing security controls within GCP Experience defining and operating a Security Incident Response process Good knowledge of monitoring and alerting using one or more of: Graphite, Statsd, Prometheus, Grafana, OpenSearch Any experience of ISO27001 certification processes ...

risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyse, and manage vulnerabilities in applications, providing guidance for remediation efforts Support incident response by investigating and analyzing security incidents related to applications Stay current on the latest security threats, vulnerabilities, and technologies to enhance … background looks something like: Extensive experience in application security, cybersecurity, or related fields Strong understanding of secure coding practices, threat modelilng, risk assessments, and incident response Proficiency in programming languages such as TypeScript, Python, or similar Experience with security tools, security protocols, encryption methods, and application security frameworks ...

agility required in a fast paced, regulated environment. Key responsibilities: Take ownership of day-to-day security monitoring, including investigating alerts, manual monitoring, and incident response Diagnose, troubleshoot, and resolve Linux OS level issues across servers and infrastructure Maintain, improve, and secure cloud and internal infrastructure, including monitoring … cloud environments such as AWS, Azure, or GCP, alongside on prem systems Solid understanding of security fundamentals including access control, monitoring, vulnerability management, and incident response Scripting or automation experience using tools such as Python, Bash, or PowerShell Desirable experience includes exposure to endpoint management or security tooling ...

agility required in a fast paced, regulated environment. Key responsibilities: Take ownership of day-to-day security monitoring, including investigating alerts, manual monitoring, and incident response Diagnose, troubleshoot, and resolve Linux OS level issues across servers and infrastructure Maintain, improve, and secure cloud and internal infrastructure, including monitoring … cloud environments such as AWS, Azure, or GCP, alongside on prem systems Solid understanding of security fundamentals including access control, monitoring, vulnerability management, and incident response Scripting or automation experience using tools such as Python, Bash, or PowerShell Desirable experience includes exposure to endpoint management or security tooling ...

threat actor profiles, and campaign assessments. Translate complex technical findings into concise, risk-based intelligence for decision-making. Collaborate with SOC, Detection Engineering, and Incident Response teams on purple-team exercises and threat-hunting. Maintain trusted relationships with industry and intelligence communities. Provide SME-level advice and challenge … other platforms to manage workflows and document intelligence findings. About You We’re looking for someone with a strong technical background in threat intelligence, incident response, or threat hunting, ideally within enterprise or global environments. You’ll be confident in analysing complex threats and communicating your findings clearly ...

Azure Implement and enforce best practices in Identity & Access Management to ensure secure configurations Collaborate with the Security Operations Centre (SOC) on detection, response, and incident management activities Maintain and optimise email security solutions such as Mimecast and Material Security, including threat mitigation and authentication protocols Manage endpoint … controls with standards such as ISO 27001, PCI-DSS and SOC2, contributing to audits and compliance efforts Investigate security incidents, supporting forensic analysis and incident reporting Monitor emerging security trends, recommend improvements, and implement innovative solutions to stay ahead of evolving threats Required Skills: Strong working knowledge of industry ...

strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams. Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning. Drive automation at scale: CI/CD strategy, test frameworks, progressive ...

analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience against threats. ...