26 to 50 of 200 Incident Response Jobs in London

across Azure cloud, VMware infrastructure and Cisco Meraki networking. This is an operational cyber security role focused on cloud security, infrastructure hardening, vulnerability remediation, incident response, DR testing and cyber resilience. Key Skills & Experience: • Azure security, Entra ID, Conditional Access, RBAC and Azure Policy • VMware vSphere, vCenter … ESXi • Cisco Meraki, VLANs, VPNs, firewall rules and network segmentation • Security monitoring, incident response and vulnerability management • Sophos MDR or similar MDR/SIEM tooling • Windows/Linux hardening and secure configuration • Disaster Recovery and Business Continuity testing • PowerShell, KQL or Python desirable • Microsoft Defender, Sentinel ...

security policies, standards and procedures. Leading security awareness and training programmes that improve behaviours and strengthen Moneybox’s security culture. Owning Moneybox’s security incident response framework, ensuring the business is prepared to identify, contain, respond to and recover from security incidents effectively. Overseeing vulnerability management, including scanning … operational efficiency. Experience managing security risk in cloud‐based environments, ideally including Azure. Strong understanding of third‐party security risk management. Experience with incident response planning, testing and improvement. Experience reporting security risks, controls and metrics to senior management. Strong communication skills, with the ability to translate technical ...

Vault), and security integration into the delivery pipeline as a first-class concern Identify and address tooling gaps across monitoring, alerting, observability, and incident response; own the on-call process, runbooks, escalation paths, and post-incident reviews People Management & Team Leadership Directly manage 4/5 DevOps … diverse perspectives are constructively managed Delivery & Cross-Functional Collaboration Act as the primary point of contact for DevOps matters in cross-functional planning, incident response, and infrastructure governance Collaborate closely with the Engineering Manager, Core Platform to ensure platform reliability, deployment pipelines, and infrastructure tooling meet backend SLAs ...

play a key role in a growing SecOps function protecting a modern Microsoft and cloud environment. This is a highly technical role focused on incident response, SIEM optimisation, vulnerability management, and security engineering, helping drive a Zero Trust journey and supporting ISO 27001 & CIS controls. What … doing Lead and support incident response, threat monitoring and root-cause analysis Tune and optimise SIEM & CrowdStrike EDR for maximum effectiveness Drive vulnerability management, remediation and risk reduction Secure cloud and infrastructure across Intune, Entra ID, Palo Alto, Cisco ISE, Mimecast and more Implement key security controls including ...

infrastructure. You will be a trusted guardian of our cryptographic foundations, participating in Key Ceremonies to ensure the highest level of root-level security. Incident Response & Research: Support the Information Security team and participate in incident response and post-mortem activities. What skills are essential ...

infrastructure and applications. You will design, implement, and maintain monitoring solutions to provide visibility into system health and performance, proactively detect anomalies, and reduce incident response time. Our Engineering Team The CMG engineering team consists of domain experts who work collaboratively within a culture of cross‐domain knowledge … implement SLOs, SLIs, and error budgets to measure system reliability. Develop and optimize dashboards, alerts, and reports for system performance and business metrics. Alerting & Incident Management Design actionable alerting strategies to minimize noise and improve MTTR. Integrate alerting systems with Jira. Establish and refine runbooks for on‐call teams ...

initial contract) Location: SW1A 2AH, City of Westminster, England, United Kingdom Remote type: Remote Start date: As soon as possible Head of SOC/Incident Response – LA International Senior leadership within public sector and Defence cybersecurity. Coordinating and integrating public sector/defence digital services. Leverage … public benefit and strengthen digital infrastructure. Manage incident response with knowledge of NIST, ISO 27001, etc. Recruit, mentor, and influence SOC teams. Duration: 6 months Location: Fully remote (with occasional onsite meetings 1–2x per month) Start date: As soon as possible SOC Solutions & Cyber Advisory Lead ...

firm's technology environment which includes Microsoft Defender & Sentinel. Key Responsibilities: * Monitor security event identification via the third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support … maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows. * Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps). * Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews. * Support ...

growth and innovation. You’ll define and lead our security strategy, establish governance and compliance frameworks, strengthen cloud and third‐party security, and drive incident response and resilience planning across the organisation. About You Experience & Expertise 10+ years’ experience in information security, including leadership‐level responsibility Proven experience … building and scaling security and privacy programmes within growing organisations Strong hands‐on knowledge of GDPR, PCI‐DSS, incident response, and resilience planning Experience working within cloud‐first environments, ideally AWS Strong understanding of security within e‐commerce, fintech, or customer‐data‐led businesses Comfortable operating as both ...

secure, reliable, and scalable delivery of Retail platforms and applications. Oversee delivery planning, execution, and risk management, including ownership of P1 and P2 incident response and resolution. Build and develop engineering capability through strong leadership of Engineering Managers and senior engineers. Promote consistent engineering standards across automation, DevOps … technical design decisions to ensure solutions are scalable, secure, and maintainable. Act as an escalation point for major incidents, coordinating resolution and leading post‐incident reviews. Work with Engineering Managers to track delivery progress, dependencies, and risks. Coach and mentor engineering leaders, supporting capability and leadership development. Represent Retail ...

secure, reliable, and scalable delivery of Retail platforms and applications. Oversee delivery planning, execution, and risk management, including ownership of P1 and P2 incident response and resolution. Build and develop engineering capability through strong leadership of Engineering Managers and senior engineers. Promote consistent engineering standards across automation, DevOps … technical design decisions to ensure solutions are scalable, secure, and maintainable. Act as an escalation point for major incidents, coordinating resolution and leading post‐incident reviews. Work with Engineering Managers to track delivery progress, dependencies, and risks. Coach and mentor engineering leaders, supporting capability and leadership development. Represent Retail ...

analysts, and acting as a trusted advisor to clients and internal stakeholders. The role blends offensive attacker‐mindset insight with deep defensive detection and response expertise, making it a key differentiator for both service delivery and pre‐sales engagements. Key Responsibilities Threat Hunting Programme Development Design and establish … requirements Clear success metrics and measurable outcomes Define and embed how threat hunting integrates with: SIEM detections and detection engineering SOC operations and workflows Incident response processes Intelligence‐led prioritisation and use‐case development Ensure hunting outputs directly inform continuous service improvement Hands‐On Threat Hunting & Intelligence Conduct ...

pipeline health, compute utilisation, and deployment status. Collaborate with data engineering to ensure upstream data quality and pipeline reliability for ML feature inputs. Develop incident response procedures and runbooks for ML system failures. Infrastructure & Cost Optimisation Manage and optimise AWS compute resources (Batch, EC2, or similar) used … control workflows. Familiarity with SQL and data warehousing platforms (Snowflake preferred). Experience implementing monitoring, logging, and alerting for production systems. Strong debugging and incident response skills for complex distributed systems. Preferred Qualifications Experience deploying models to edge or embedded devices. Background in healthcare, medical devices, or clinical ...

execution of cyber security across a global environment. This is a high-impact role reporting to the CTO, with responsibility for security operations, risk, incident response, and overall security maturity across the business. Key Responsibilities Lead global IT and product security Own risk management, SOC, and incident response Drive security strategy, governance, and awareness Deliver key programmes (cloud, identity, vulnerability management) Engage at C-suite level , translating risk into business decisions Build and lead a high-performing security team What We're Looking For Proven leadership in enterprise cyber security environments Strong background across multiple ...

Clyde UK Services Company is seeking a Legal Director for their Cyber Department in London. This role involves leading complex cyber incident responses and advising clients on data breaches and regulatory obligations. The ideal candidate will have significant experience in cyber incident response and a background ...

safe, controllable execution. Build evaluation frameworks, feedback loops, and testing for deterministic and non‐deterministic systems. Operate agents in production (AgentOps): logging, monitoring, alerting, incident response, and continuous improvement. Contribute to production infrastructure standards including CI/CD, environment separation, secrets management, and security fundamentals. Must Haves 5+ … ownership across design, implementation, deployment, and operations. Solid understanding of cloud‐native infrastructure and production operations (CI/CD, environment separation, secrets, monitoring, incident response). Nice to Haves Experience with Camunda, BPMN, DMN, or other workflow/orchestration platforms. Experience building reusable internal platforms, shared services ...

standards Act as the on-site technology point of contact Troubleshoot and resolve connectivity issues (Wi‐Fi, wired, endpoint, VPN, DHCP/DNS) Coordinate incident response with technical teams Maintain awareness of service performance Communicate clearly with both technical and non‐technical stakeholders Balance customer expectations with operational … hospitality or similar) Strong understanding of enterprise IT and networking fundamentals (Wi‐Fi, TCP/IP, DHCP, DNS, VPNs, endpoints, service delivery) Experience coordinating incident response in high‐pressure environments Ability to manage multiple stakeholders Clear communication with technical and non‐technical audiences A calm, structured approach during ...

working. Experience with leveraging AI for AppSec and CloudSec. AWS Certified Security – Speciality or equivalent practical AWS security experience. Terraform or CloudFormation expertise. Incident‐management or incident‐response experience. Experience with Splunk or similar logging/SIEM platforms. Experience with security metrics, dashboards or reporting that helped ...

scripts and custom code to support and enhance our operational toolset.* - Support and optimize CI/CD pipelines to improve deployment speed and reliability.* Incident Management & Collaboration:* - Participate in an on-call rotation to troubleshoot and mitigate production incidents.* - Lead post-incident reviews and root cause analyses … tool development to streamline operational tasks and improve efficiency.* Documentation & Standards: Create and maintain comprehensive documentation for configurations, standard operating procedures (SOPs), and incident response protocols.* Communication & Stakeholder Management: Communicate effectively with technical and non-technical stakeholders, including senior management, regarding incident status, resolution plans, and identity ...

relationships with outsourced 24/7 SOC/MDR providers Monitor performance against SLAs and ensure proactive threat detection across cloud environments Manage security incident escalations and coordinate response activities across internal and external teams Drive value and accountability from third-party security partners Governance, Risk & Compliance … tools and data classification platforms Good understanding of cloud security (Azure/AWS) and identity protocols (OIDC, SAML, MFA/Entra ID) Experience coordinating incident response across multiple stakeholders, including external forensic teams Strong commercial awareness with the ability to link security decisions to business outcomes Excellent communication ...

Incident and Resilience Manager (DORA) MUST HAVE PAYMENTS Experience! UK Remote | Permanent Hiring a Incident Manager with strong DORA experience to lead operational resilience, major incident management and recovery planning within a regulated financial services environment. Key experience:* MUST DORA/Operational Resilience * Major Incident Management … Recovery* Financial Services/FinTech* ISO 22301/ISO 27001/NIST* Stakeholder & Regulatory Management This role will lead DORA implementation, resilience testing, ICT incident response, third-party risk and enterprise recovery planning across the business. High-impact role with strong visibility and ownership. Apply now for immediate ...

analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience against threats. ...

reviews and monitoring KPIs Ensure compliance with IT security policy standards, including encryption, secure disposal, build hardening, monitoring, patching and access controls Lead security incident response and contribute to major incident management control Ensure effective communications outside of the IT team Production of an appropriate IT infrastructure ...

vulnerability and patch evidence, metrics and control narratives. Identify and implement automation and continuous improvement opportunities across vulnerability and patch management workflows. Collaborate with Incident Response, Threat Intelligence and Corporate Security teams to respond to actively exploited vulnerabilities and emerging threat trends. Experience Strong working knowledge of Ivanti ...

collaboratively with IT, engineering, and business teams to ensure security is integrated into all stages of development and operations. Threat Management: Implement threat detection, incident response, and resilience strategies, including monitoring and analysis of security events and alerts. Regulatory Compliance: Ensure that the organization meets all regulatory ...