101 to 125 of 277 Incident Response Jobs in London

Management Oversee daily IT operations, ensuring high availability, performance, and user satisfaction. Manage escalations and prioritisation of support issues. Monitor and report on key operational metrics (e.g. SLAs, uptime, incident response). Project Delivery Lead the transition of managed services infrastructure and service desk from MSP to in-house. Oversee the reset and rebuild of the Microsoft Azure … practices into operational and project workflows. Collaborate with relevant stakeholders to ensure compliance with policies, standards, and regulations (e.g. ISO27001, Cyber Essentials). Manage risk assessments, vulnerability management, and incident response processes. Stakeholder Engagement Act as a senior point of contact for internal stakeholders regarding IT operations and service delivery. Work closely with other business units to understand More ❯

globally coordinated security operations that protect the organisation's people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line with regional regulation and to support the management … ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the ever-changing threat landscape. Defining and monitoring KPIs for detection, response, and containment performance. Owning and managing key security controls, along with managing the vendors responsible for supporting CFC. Ensuring security controls are deployed, tuned, and monitored effectively across cloud … assets. Leading the organisation's global vulnerability management program, ensuring threat led and risk-based prioritization, along with collaboration with IT for timely remediation. Leading on and refining the incident response playbooks Support the Group CISO to define security maturity programme roadmaps, priorities and success metrics. As well as many more SecOps focused tasks. About you The ideal More ❯

globally coordinated security operations that protect the organisation’s people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line with regional regulation and to support the management … ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the ever-changing threat landscape. Defining and monitoring KPIs for detection, response, and containment performance. Owning and managing key security controls, along with managing the vendors responsible for supporting CFC. Ensuring security controls are deployed, tuned, and monitored effectively across cloud … assets. Leading the organisation’s global vulnerability management program, ensuring threat led and risk-based prioritization, along with collaboration with IT for timely remediation. Leading on and refining the incident response playbooks Support the Group CISO to define security maturity programme roadmaps, priorities and success metrics. As well as many more SecOps focused tasks. About you The ideal More ❯

globally coordinated security operations that protect the organisation’s people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line with regional regulation and to support the management … ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the ever-changing threat landscape. Defining and monitoring KPIs for detection, response, and containment performance. Owning and managing key security controls, along with managing the vendors responsible for supporting CFC. Ensuring security controls are deployed, tuned, and monitored effectively across cloud … assets. Leading the organisation’s global vulnerability management program, ensuring threat led and risk-based prioritization, along with collaboration with IT for timely remediation. Leading on and refining the incident response playbooks Support the Group CISO to define security maturity programme roadmaps, priorities and success metrics. As well as many more SecOps focused tasks. About you The ideal More ❯

globally coordinated security operations that protect the organisation's people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line with regional regulation and to support the management … ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the ever-changing threat landscape. Defining and monitoring KPIs for detection, response, and containment performance. Owning and managing key security controls, along with managing the vendors responsible for supporting CFC. Ensuring security controls are deployed, tuned, and monitored effectively across cloud … assets. Leading the organisation's global vulnerability management program, ensuring threat led and risk-based prioritization, along with collaboration with IT for timely remediation. Leading on and refining the incident response playbooks Support the Group CISO to define security maturity programme roadmaps, priorities and success metrics. As well as many more SecOps focused tasks. About you The ideal More ❯

Microsoft Sentinel and Azure , including automation using Sentinel playbooks . You'll also be expected to mentor internal analysts and drive cross-departmental engagement on cyber posture, compliance, and incident response readiness. Key Responsibilities: Act as the lead for cyber security across multiple projects and programmes Design and implement Sentinel playbooks to automate detection and response Lead More ❯

Microsoft Sentinel and Azure , including automation using Sentinel playbooks . You'll also be expected to mentor internal analysts and drive cross-departmental engagement on cyber posture, compliance, and incident response readiness. Key Responsibilities: Act as the lead for cyber security across multiple projects and programmes Design and implement Sentinel playbooks to automate detection and response Lead More ❯

days in the office, 2 days from home The Role: Support the delivery of robust information security and privacy practices across global operations. Conduct security risk assessments, support incident response, and contribute to audits and compliance initiatives. Maintain and enhance the firm’s ISMS and Business Continuity frameworks. Complete client cyber due diligence and collaborate closely with internal More ❯

days in the office, 2 days from home The Role: Support the delivery of robust information security and privacy practices across global operations. Conduct security risk assessments, support incident response, and contribute to audits and compliance initiatives. Maintain and enhance the firm’s ISMS and Business Continuity frameworks. Complete client cyber due diligence and collaborate closely with internal More ❯

known organisations. Youll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estatescontributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

You'll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estates-contributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

matters. Provide regular updates to senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain incident response plans More ❯

Overseeing DLP strategy to prevent unauthorised data access, use, or transfer involving continuously tune DLP tooling, policies and rules to align with emerging threats and business needs and coordinating incident response activities related to DLP alerts. Develop a company-wide security awareness and training program including tailoring training to address emerging risks, regulatory obligations, and role-specific responsibilities … From a strong background in information security frameworks, standards, and regulatory requirements including a strong understanding of enterprise IT and security architecture, cloud security, data protection, threat management, and incident response. Proficient in developing programme and project management reporting and documentation. Able to manage third-party vendors, MSSPs, and contract negotiations. Core Values Love what you do: We show More ❯

Citi's Cyber Intelligence Center (CIC) is a global team that delivers timely threat intelligence to technical teams and decision makers, in support of threat detection, preparation, and incident response activities. The Regional Lead will oversee the team's operations in the UK/EU time-zone, including oversight of regional staff, driving quality control, collaboration with other … partners. Direct experience in cyber threat intelligence is a necessity. This is a hybrid role with an in-office attendance component. Experience in fusion center operating environments or crisis response will be helpful. Responsibilities: Lead the regional co-ordination of a cyber threat intelligence function Support local leadership and business in their intelligence needs Provide intelligence support to adjacent More ❯

Strong understanding of regulatory frameworks (FCPA, GDPR, SOX, UK Bribery Act, etc.); Experience with digital forensics, e discovery tools, and data analytics in investigations; Familiarity with cybersecurity risks and incident response processes; Strong analytical and problem solving skills, with attention to detail; Excellent communication and report writing abilities; High level of integrity, discretion, and ability to handle confidential More ❯

Strong understanding of regulatory frameworks (FCPA, GDPR, SOX, UK Bribery Act, etc.); Experience with digital forensics, e discovery tools, and data analytics in investigations; Familiarity with cybersecurity risks and incident response processes; Strong analytical and problem solving skills, with attention to detail; Excellent communication and report writing abilities; High level of integrity, discretion, and ability to handle confidential More ❯

Technical Leadership & Delivery Support Act as a technical mentor for development teams, ensuring best practices in cloud solution implementation. Oversee cloud security controls, including access management, threat detection, and incident response strategies. Troubleshoot and resolve complex cloud infrastructure and application architecture challenges. Your Profile Essential skills/knowledge/experience: Cloud Expertise: Extensive hands-on experience with AWS … Due to a high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion. Application Process Join us and do more of what matters. Apply online now. Seniority level Seniority level More ❯

ISO27001, ISO27701, ISO42001, NIST 800-53 Experience in internal enterprise or external customer-facing environment as a security technical lead Experience in Security operations such as vulnerability management, security incident response, and large-scale compliance implementations. PREFERRED QUALIFICATIONS Deep experience in Cloud Security architecture design, build, deploy and maintenance Deep experience implementing and managing compliance frameworks including DORA More ❯

include): Operating Systems: Proficiency on Windows, Linux, and Unix environments. Database Management: Knowledge of SQL, Oracle, and other database management systems. Cybersecurity: Experience with vulnerability assessments, penetration testing, and incident response. IT Governance: Knowledge of ITIL, ISO 27001, and other IT governance frameworks. Software Development: Understanding of SDLC, DevOps practices, and application security. Data Analytics: Proficiency in data analytics More ❯

expert in operating within an enterprise security program and developing a security model in the AWS cloud - identity and access management, logging and monitoring, infrastructure security, data protection, and incident response. Delivery - As a consultant you will often go on-site to customers to deliver projects proving the use of AWS services and security technology to support information security More ❯

Senior SOC & Incident Response Engineer DGH Recruitment are currently recruiting on behalf of a leading client in the Professional Services industry who require a Senior SOC & Incident Response Engineer to join the firm in London. This candidate will develop and integrate an Incident Response (IR)/SOC security infrastructure to monitor the Firm's … on prem and cloud environments. Responsibilities: * Drive and improve continuous monitoring and incident response, serving as a senior resource in our SOC and Incident Response processes. * Configure and integrate platforms, tools, service providers, and solutions into our IR/SOC systems, make recommendations as needed. * Ensure integration of input from the Firm's deployed suite of … SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA, DNS Security, and cloud security posture management. * Ensure the Firms Incident Response and security monitoring systems adhere to security best practices and baselines to ensure a secure configuration of platforms and resources. Required Skills: * 8+ years of hands-on More ❯

Security Analyst, Security Operations and Incident Response Meta is seeking a Security Analyst to join the Global Security Operations and Incident Response team. The Analyst will serve on the front lines of Meta's Security team and will lead and support security investigations across the company's global infrastructure as well as respond to escalations from … closely with technical teams, with a broad set of skills to tackle the panoply of unique security challenges that we encounter at Meta scale. Security Analyst, Security Operations and Incident Response Responsibilities Investigate and respond to external and internal cybersecurity threats in a timely manner while communicating clearly and proactively until remediation. Act as an escalation point for … high quality and accurate reports for a wide range of stakeholders. Collaborate with Security Engineers and cross-functional teams to investigate and remediate large scale security incidents. Support security incident root cause analysis, identify control gaps, and recommend mitigation strategies. Collaborate with cross-functional teams to drive improvements to security tools, policies and processes. Improve the effectiveness and efficiency More ❯

Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world's most prestigious law firms is seeking a Senior Incident Response & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a key role in the operation and … enhancement of a 24/7 SOC , handling incident response and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement … Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal More ❯

Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world’s most prestigious law firms is seeking a Senior Incident Response & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a key role in the operation and … enhancement of a 24/7 SOC , handling incident response and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement … Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal More ❯

environment. This fully onsite role (5 days per week) offers exposure to cutting-edge security challenges across multiple domains. This is an opportunity to deep-dive into security engineering, incident response, and automation in a high-impact role. If you're a technically strong, hands-on engineer looking for broad exposure and real security challenges, we want to … hear from you! Responsibilities Owning security projects end to end - from design to execution Engineering, automating, and securing infrastructure, networks, and cloud environments Hands-on engagement in Incident Response, security assessments, and remediation Working across networking, firewalls, and security (Palo Alto, Fortinet, all major cloud providers) Building and automating with Terraform, Ansible, Golang, Python, HashiCorp Leveraging offensive security More ❯