101 to 125 of 180 Incident Response Jobs in London

landing zones. Lead the development of CI/CD pipelines and automated infrastructure delivery. Promote strong observability, monitoring and alerting practices. Take part in incident response, root cause analysis and platform stability improvements. Balance build-and-run responsibilities with a focus on long-term platform health. ...

landing zones. Lead the development of CI/CD pipelines and automated infrastructure delivery. Promote strong observability, monitoring and alerting practices. Take part in incident response, root cause analysis and platform stability improvements. Balance build-and-run responsibilities with a focus on long-term platform health. ...

global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will ...

CrowdStrike Falcon SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows … Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 6+ years ...

assurance, supporting business objectives while reducing cyber and data protection risk. As the Senior Information Security Analyst you will lead security architecture decisions, oversee incident response and vulnerability management, support secure digital transformation, and provide clear, risk-based advice to stakeholders and senior leadership. The position operates with … hybrid environments Microsoft 365 & Cloud Security Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps) Microsoft Sentinel (SIEM): log ingestion, alert tuning, detection rules, incident workflows Intune & Endpoint Management: device compliance, MDM/MAM, BYOD enforcement Endpoint, Infrastructure & Asset Security Network, DNS & Access Security DNSFilter: DNS-layer protection, malicious ...

CrowdStrike , this role is key to maximising both investment and capability. You'll act as the senior technical lead-optimising tooling, strengthening detection and response, and upskilling the internal team. This is a hands-on, high-impact role suited to someone who can hit the ground running and elevate … Security Leadership: Own deployment, configuration, and optimisation of CrowdStrike Falcon SIEM Optimisation: Partner with the SOC to enhance Splunk dashboards, alerts, and data models Incident Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry ...

compliance activities. Define policies, guardrails and security standards across the organisation. Identify gaps and build business cases for investment and improvement. Operational Security & Incident Response Act as the lead during security incidents or breaches, coordinating response and communication. Work with internal teams and external SOC providers ...

Cybersecurity & IT Security*** Oversee the design and implementation of cybersecurity architecture and controls.* Ensure protection of IT infrastructure, cloud environments, and sensitive data.* Lead incident response, threat intelligence, and vulnerability management programs.* Maintain compliance with global standards (e.g., ISO 27001, NIST, GDPR, HIPAA).**Governance, Risk & Compliance*** Develop … .* Conduct risk assessments, internal audits, and third-party security evaluations.* Report regularly to senior leadership on risk mitigation and compliance status.**Investigations & Incident Management*** Establish and lead an internal investigations function to address security breaches, misconduct, and regulatory violations.* Build and manage a team of investigators and analysts ...

teams and articulating technical issues to non-technical stakeholders. · Strong analytical, organisational, and communication skills. · ITIL Foundation (at a minimum); experience with ITIL principles, incident/problem/change management, and reporting frameworks. · Resilient under pressure and adept at prioritisation. · Familiarity with ITSM tooling. · Eligibility for or existing … experience · Operational delivery in cybersecurity sub-sector · Confidence in uncomfortable and unexpected verbal and in-person communications with clients. · Experience working with security monitoring, incident response, SOC, SIEM/XDR solutions. · Experience using PowerBI What You’ll Bring · A client-first mindset with a commitment to operational excellence. ...

base articles in line with best practices Automate security tasks and toolchains using scripting (PowerShell, Batch, etc.) Collaborate with external SOC teams Prepare post-incident reports and root cause analyses Manage end-user device (EUD) security via MS Intune, Sophos and NinjaOne Schedule and assess vulnerability scans on critical … driven changes Produce weekly security operations reports Manage Cisco Umbrella web filtering and SSL inspection policies Requirements: Previous hands-on experience in SecOps or Incident Response Recognised Security certifications such as Security+, CEH, or Microsoft security certifications Strong knowledge of Microsoft Windows OS security and hardening Working PowerShell ...

Support ISO 27001 compliance and broader security frameworks Assist with third-party risk assessments and penetration testing Contribute to security policies, controls, and incident response Promote security awareness across the business Experience: 5+ years in cybersecurity or security operations Strong experience with Microsoft security stack (Defender, Sentinel, Entra ...

agentic AI infrastructure – Deploy and manage generative AI toolkits, model serving endpoints and data governance for AI workloads Drive reliability and operations – Support incident response and root-cause analysis; improve observability through logging, metrics, and tracing; contribute to on-call processes proportionate to company stage Continuously improve contributor ...

maintenance of our CrowdStrike Falcon platform. SIEM Mastery: Collaborate with our SOC partner to architect and optimise Splunk dashboards, alerts, and data models. Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows … improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. Your Profile We are seeking a candidate who brings at least 5+ years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role. ...

subject matter expert on cybersecurity practices and emerging threats. Key Engagement Delivery Responsibilities: Develop and execute strategies to enhance the customer’s prevention, detection, response, and recovery measures. Lead and mentor a team of cybersecurity professionals, fostering a culture of continuous improvement and innovation. Conduct assessments and vulnerability analyses … identify and address potential threats and weaknesses. Collaborate with stakeholders to design and implement incident response and business continuity plans. Evaluate customer’s emerging threats and cybersecurity trends to adapt strategies and technologies. Validate that recommendations and deliverables meet compliance and regulatory expectations and industry standards and prepare ...

prem and cloud platforms Maintain clean documentation, standards, and operating procedures Governance, Audit & Operations Support access reviews, audit requests, and evidence production Contribute to incident response related to privileged access or credential exposure Help mature IAM and PAM processes through automation and continuous improvement Must Have’s Strong ...

pipelines and SDLC processes Define and support SLIs, SLOs, and alerting strategies in collaboration with engineering teams Promote best practices in instrumentation, monitoring, and incident response Work with network and platform teams to improve visibility across infrastructure and services Required Skills & Experience Proven experience in observability ...

Azure) Active Directory, Group Policy, Office 365 & SharePoint Microsoft Exchange Virtualisation (Hyper-V, VMware, WVD) Backup & Disaster Recovery solutions Cyber Security (MFA, EDR, AV, Incident Response) Networking (TCP/IP, DNS, DHCP, LAN/WAN) Windows & macOS environments Experience supporting mobile devices Strong troubleshooting and problem-solving ability ...

familiar with both Windows and Linux environment administration You're capable of producing high quality technical documentation suitable for use in design assurance, incident response and support You're collaborative and pragmatic with great communication skills Experience with any of the following would also be of benefit: Okta ...

Responsibilities: Lead and deliver cyber resilience transformation programmes, owning end-to-end engagement delivery (scope, quality, timeline, budget) and ensuring outcomes measurably improve preparedness, response, and recovery. Design, run, and continuously enhance cyber crisis simulations and tabletop exercises for executives and operational teams—ensuring scenarios reflect the current threat … intelligence and emerging attacker tactics into practical resilience improvements—linking likely threats to business impact, critical dependencies, and control or capability gaps. Integrate cyber response and recovery into wider enterprise resilience plans, including business continuity, IT disaster recovery, operational resilience, third-party resilience, and enterprise risk management—ensuring cyber ...

security tooling. You will act as the technical lead between the SOC and internal teams, transforming security data into actionable intelligence, optimising platforms, leading incident response, and mentoring the wider security function. Key Responsibilities Lead and manage the deployment, configuration, and optimisation of CrowdStrike Falcon Collaborate closely with … enhance Splunk dashboards, alerts, and detections Act as the technical escalation point for high-severity security incidents Develop automation and SOAR workflows to improve response effectiveness Conduct proactive threat hunting activities Mentor and upskill the internal security team across tools and threat analysis Skills & Experience Required 5+ years’ experience ...

times Monitoring security vulnerabilities and hacking threats in network and host systems Leading security operations (including Managed SOC), threat intelligence, detection, and response capabilities Defining KPIs and KRIs to measure security maturity and providing regular security reporting to Executive and Board level stakeholders. Managing and developing the information security … environments. Knowledge of AI/ML security risks and governance frameworks like ISO 42001 or NIST AI RMF. Experience leading security operations, incident response, and threat management. Ability to work collaboratively with the 2nd line of defence to ensure the Bank remains within risk appetite Ability to work ...

security policies and procedures to safeguard data and systems. Vulnerability Testing: Perform regular vulnerability testing and risk assessments to identify and mitigate security risks. Incident Response: Investigate security incidents and provide post-event analysis and recommendations. Security Tools Management: Manage and maintain firewalls, intrusion detection and prevention systems … controls and measures are well-documented and effective. Developing and implementing disaster recovery plans to ensure business continuity in the event of a security incident or data loss. Efficiently managing and mitigating the impact of security incidents to minimise downtime and operational disruption. Knowledge and experience:Technical Proficiency ...

remediate security findings from Defender, vulnerability tools, and audits Collaborate with Operations teams to drive timely remediation of vulnerabilities Implement monitoring, logging, and incident response capabilities across Azure environments Support regulatory and compliance initiatives (e.g., ISO 27001, NIST, CIS benchmarks) Provide technical leadership and guidance to engineering teams ...

CircleCI) 🔄 Operate and optimise Kubernetes environments (EKS primarily, GKE exposure a bonus) ☸️ Build and manage Infrastructure as Code using Terraform 🏗️ Champion reliability engineering: observability 👀, incident response 🚨, performance & cost optimisation 💡, and security best practices 🔐 Drive automation across environments and collaborate with cross-functional teams 🤝 ✅ What You’ll Bring Strong ...