26 to 50 of 277 Incident Response Jobs in London

Job Summary: The Security Operations Lead is responsible for our security monitoring and incident response capabilities within the Square Enix Cyber Security team (covering Europe and North America). The primary goals of the role are the timely detection of security incidents, effective response and the continuous improvement of our preventative and detective controls. This role will … across Square Enix. Day to day you will be performing in-depth analysis and investigation of security alerts, game/brand related security events as well as leading the response to incidents. You will be responsible for maintaining and optimising our security operations tools and processes. Additionally you will be testing the effectiveness of our preventative and detective controls … platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with key More ❯

role in deploying Microsoft security solutions and supporting client audits, assessments, and vulnerability remediation efforts. Responsibilities include: Delivering Microsoft security technologies including Defender XDR, Sentinel, and Endpoint Detection andamp; Response Supporting Cyber Essentials and Cyber Essentials Plus audits and assessments Acting as an escalation point for cyber incidents, security alerts, and engineering tasks Conducting vulnerability remediation and assessments (infrastructure … tools (e.g., Mimecast, Egress) Understanding of Azure Firewall and Defender for Cloud/Cloud Apps Experience conducting offensive security/web application assessments Strong understanding of threat detection and incident response Certifications (any of the following highly desirable): SC-200: Microsoft Certified - Security Operations Analyst Associate SC-300: Microsoft Certified - Identity and Access Administrator Associate AZ-500: Microsoft More ❯

key role in deploying Microsoft security solutions and supporting client audits, assessments, and vulnerability remediation efforts. Responsibilities include: Delivering Microsoft security technologies including Defender XDR, Sentinel, and Endpoint Detection & Response Supporting Cyber Essentials and Cyber Essentials Plus audits and assessments Acting as an escalation point for cyber incidents, security alerts, and engineering tasks Conducting vulnerability remediation and assessments (infrastructure … tools (e.g., Mimecast, Egress) Understanding of Azure Firewall and Defender for Cloud/Cloud Apps Experience conducting offensive security/web application assessments Strong understanding of threat detection and incident response Certifications (any of the following highly desirable): SC-200: Microsoft Certified - Security Operations Analyst Associate SC-300: Microsoft Certified - Identity and Access Administrator Associate AZ-500: Microsoft More ❯

key role in deploying Microsoft security solutions and supporting client audits, assessments, and vulnerability remediation efforts. Responsibilities include: Delivering Microsoft security technologies including Defender XDR, Sentinel, and Endpoint Detection & Response Supporting Cyber Essentials and Cyber Essentials Plus audits and assessments Acting as an escalation point for cyber incidents, security alerts, and engineering tasks Conducting vulnerability remediation and assessments (infrastructure … tools (e.g., Mimecast, Egress) Understanding of Azure Firewall and Defender for Cloud/Cloud Apps Experience conducting offensive security/web application assessments Strong understanding of threat detection and incident response Certifications (any of the following highly desirable): SC-200: Microsoft Certified - Security Operations Analyst Associate SC-300: Microsoft Certified - Identity and Access Administrator Associate AZ-500: Microsoft More ❯

and GDPR. Expertise in Microsoft 365, SharePoint, Azure architecture, security, and Entra. Proficiency in security tools and technologies, including firewalls, identity management, and layered security stacks. Experience in incident response and forensic analysis. Excellent problem-solving, analytical, and communication skills. Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) are advantageous. Benefits: Opportunity to contribute to a growing MSP with More ❯

adoption of IT Service Management (ITSM) processes across all teams, ensuring standardized, efficient, and effective service delivery. Establish SRE-based operational metrics, including SLOs, SLIs, and error budgets. Oversee incident response, problem resolution, and root cause analysis with AI-driven remediation. Ensure high availability, performance, and security compliance for all enterprise services. Develop a follow-the-sun operational … support model, ensuring 24x7 resilience and uptime across all of BCG. Optimize incident, change, and capacity management, ensuring alignment with ITIL best practices and automated workflows. Lead Service Asset and Configuration Management (SACM), ensuring accurate and real-time management of software and IT assets within the CMDB. Drive continuous enhancements to the CMDB, improving visibility, compliance, and lifecycle management More ❯

ensuring operational resilience is maintained. In collaboration with GT, manage security systems, including firewalls, intrusion detection/prevention systems, and antivirus software. In collaboration with GT, Develop and test incident response plans and coordinate responses to security incidents and breaches Raise awareness of cybersecurity issues among bank London employees; conduct annual training/workshops to educate staff on More ❯

the firms cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will be responsible for maintaining the identity More ❯

integral to responding to and managing cybersecurity threats and incidents throughout their lifecycle - from Preparation to Identification, Containment, Eradication, Recovery, and Lessons Learned - collaborating with a global team of incident responders. You will apply your comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address security incidents across our endpoints, network, and cloud infrastructure. In … this role, you will be responsible for prevention, detection, response, and remediation activities, ensuring that information assets and technologies are adequately protected by leveraging various technologies such as Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more. You will also leverage your collaboration and … communication skills to work effectively with all relevant stakeholders in multicultural and global environments. Responsibilities - Report to Director to facilitate all phases in the incident response lifecycle - Be involved in various incident prevention projects to improve Security posture Preparation: - Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc. - Take part in self More ❯

and guidelines to ensure compliance and reduce risks. Promote awareness of security policies and practices across the organization. Security Operations Oversee day-to-day security operations, including threat monitoring, incident response, and vulnerability management. Coordinate and manage security incident response processes and reporting. Team Management Build, lead, and develop a high-performing information security team. Provide More ❯

risks, coordinate remediation strategies, and enhance executive-level reporting. Key Responsibilities: Define and enforce security best practices across cloud environments (Azure, AWS) Lead cloud security risk assessments, audits, and incident response efforts Integrate security into CI/CD pipelines and DevOps operations Manage and interpret insights from cloud-native security tools (e.g., GuardDuty, Azure Defender) Ensure compliance with … in technical cyber roles (SOC, security engineering, threat analysis) Minimum 3-5 years working in cloud environments Deep knowledge of Microsoft Azure (and ideally AWS) Expertise in vulnerability management, incident response, and cyber risk triage Strong understanding of cloud security principles and the shared responsibility model Familiarity with frameworks like MITRE ATT&CK and Zero Trust architectures Confident More ❯

with group-wide security goals. - Contribute to the broader security roadmap across Storio Group. Execution & Delivery - Own and deliver the Security Operations backlog and KPIs. - Maintain and enhance our incident case management and response processes. - Coordinate incident response planning and simulation exercises with senior leaders and the board. - Manage external and internal audit and due diligence … activities. Threat Detection & Response - Implement and maintain robust threat detection and response capabilities across cloud, on-premise, and factory systems. -Drive continuous improvement of our vulnerability management program. - Conduct threat intelligence analysis and report on emerging trends and risks. Collaboration & Mentorship - Build trusted relationships with technology partners, vendors, and internal teams. - Collaborate closely with product and engineering teams … Security Operations function. What You'll Bring Professional Experience - Extensive experience in cybersecurity or related roles, ideally within a large, consumer-focused organisation. - Proven track record in security operations, incident response, and vulnerability management. - Experience managing enterprise-grade security platforms and working across diverse environments (cloud, hybrid, manufacturing). - Hands-on expertise with EDR, SOAR tooling, and SASE More ❯

enhance detection capabilities. Design and deliver insider risk awareness initiatives, highlighting emerging trends and fostering a culture of security, accountability, and vigilance. Identify and implement improvements to detection and response processes based on lessons learned and evolving threat landscapes. Collaborate with internal partners on threat detection and response initiatives to strengthen organizational resilience. Qualifications Bachelor's degree in … and other monitoring technologies. Strong understanding of insider risk frameworks, regulatory and privacy requirements, and relevant laws. Familiarity with SOC or Fusion Centre operations, including threat monitoring, intrusion detection, incident response, and analysis. In-depth knowledge of the cyber threat landscape, including adversary tactics, campaigns, and the intersection of insider and external threats. Demonstrated ability to analyze anomalies More ❯

the firms cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do Security Architecture Strategy & Governance Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the More ❯

firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes. What you will do Security Architecture Strategy & Governance Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the More ❯

strategies. Your responsibilities will include maintaining detailed documentation on security architecture, patterns, and practices, advising on critical aspects such as data protection, identity and access management, network security, and incident response within Azure. Staying abreast of the latest Azure security capabilities, threats, vulnerabilities, and industry trends will be essential. You will also support audit, compliance, and regulatory requirements More ❯

products. The CSOC team will regularly survey the TikTok networks for signs of a breach, malware, or unauthorized access. Additionally, the CSOC team is responsible for developing and maintaining incident response plans, playbooks and procedures. Finally, the CSOC team will be responsible for data collection and analysis of Incident Response data. The CSOC analyzes disparate data … and other enrichment to identify incidents and drive appropriate responses to contain and minimize impact and restore normal operations. The analysis is used to ensure a consistent and coordinated response to ongoing threats ensuring TikTok can continue to operate safely and securely. In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization … and responding to threats targeting TikTok's US operations and infrastructure. You'll be based in our Cyber Security Operations Center in London, UK. Duties and Responsibilities: - Participate in incident response activities. - Conduct technical analysis and assessments of security-related incidents, including malware analysis, packet-level analysis, and system-level forensic analysis. - Collect and analyze disk & memory images More ❯

security data, detect anomalies, and respond effectively to incidents. * Oversee vulnerability assessments and penetration testing to ensure robust security measures are maintained. * Contribute to the development and execution of incident response plans, ensuring prompt action to contain and remediate security incidents. * Maintain accurate incident logs and reports to support post-incident analysis and continuous improvement. * Provide … with a strong focus on security information and event management systems, including Microsoft Sentinel. * In-depth knowledge of security monitoring techniques and integration technologies. * Demonstrated ability to execute robust incident response processes. * Strong communication skills, with the ability to educate and support staff on security protocols. * Experience working collaboratively with technical and non-technical teams to improve security More ❯

automation, cloud technology, and fast-paced problem-solving—and want your work to have a real impact—this could be the perfect role for you. Key Responsibilities Lead security incident response and threat detection efforts, prioritising the protection of customer data and experience Build automated detection and remediation workflows using SOAR, SIEM, and scripting (Python, SQL) Apply deep … facing and payment systems into the security monitoring platform Perform threat hunting and detection engineering to identify and address emerging risks Support security audits, compliance (PCI-DSS), and post-incident reviews Mentor junior team members and contribute to a culture of continuous improvement Participate in the on-call rotation to ensure fast, effective incident response during critical … events Key requirements: Proven Experience: 4+ years in Security Operations or Incident Response, ideally in ecommerce, retail, or fintech environments Technical Depth: Hands-on expertise with SIEM, SOAR, EDR, automation tools, Python, SQL, and cloud-native security tooling Cloud Security: Strong knowledge of AWS and Azure, especially services like WAF, Shield, IAM, and API Gateway Forensic Skills: Experience More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

ISO 27001, and Cyber Essentials audits - including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM - including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes environments, ensuring scalable and secure architecture - Work closely … CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor’s degree in Cybersecurity, Computer Science … roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption More ❯

ISO 27001, and Cyber Essentials audits – including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM – including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes environments, ensuring scalable and secure architecture - Work closely … CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor’s degree in Cybersecurity, Computer Science … roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption More ❯

senior leadership updated on security posture and key metrics. Build relationships with security leaders in similar firms to stay ahead of threats and trends. Ensure compliance through audits and incident response exercises. Collaborate with tech teams to ensure secure software and infrastructure. Manage third-party security vendors and track their performance. Run regular training to promote cybersecurity awareness More ❯

Remote Job type: Contract Position Overview: Rapidly growing FinTech company seeking an accomplished Cybersecurity Operations View job & apply Location: Greater London Job type: Permanent Financial Service firm seeks an Incident Response Manager to join their CIRT team. This role plays View job & apply Location: Frankfurt Salary: 120,000 + Benefits Job type: Permanent Sector: Banking, Asset Management & Funds … Bank's Vulnerability Management controls and providing security input for vulnerabilities which threaten the organisation. Experience Understanding of vulnerability lifecycles, standards and ratings Risk assessing findings to determine appropriate response with a proactive approach to recording, management and escalation of risks Increasing the quality of vulnerability reporting automation to reduce manual effort Advanced analytical and problem-solving techniques with More ❯

management tool expertise (Tenable, Qualys) Email security solutions Knowledge (Mimecast, Egress) A Working understanding of Microsoft 365 Cloud Technologies and their threat landscape Familiarity with SOC operations, threat detection, incident response, and security analytics As a Cyber security Engineer you should have one or more of SC-200 - Microsoft Certified: Security Operations Analyst Associate SC-300 - Microsoft Certified More ❯