26 to 50 of 101 Incident Response Jobs in London

Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise … Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain

improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability

improve scalability and reduce manual intervention. * Operational Security, SRE & Assurance: * Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. * Embed security telemetry and observability to enable proactive threat detection and automated response. * Apply SRE principles to improve reliability, performance, and maintainability

industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets to meet good security

industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets to meet good security

global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will

client and regulatory requirements. Our integrated approach combines secure by design principles relying on Identity and Access Management, Technical Assurance, continuous monitoring and incident response through Security Operations, and proactive risk management through GRC. Working closely with the Markets Innovation Group (MIG) and Fuse, the firms legal tech

bottlenecks using advanced problem-solving and performance tuning techniques. Conduct capacity planning and implement solutions to ensure systems can support current and future workloads Incident Response & Troubleshooting Respond swiftly to production incidents, ensuring minimal downtime and quick restoration of services. Perform root cause analysis and postmortems, implementing lessons … dashboards. Improve observability of services, ensuring issues are identified and addressed before impacting users. Continuously refine monitoring practices to reduce alert fatigue and improve response times. Automation & Tooling Develop automation to eliminate manual, repetitive tasks and improve operational efficiency. Write clear, maintainable, and well-tested code to support automation

. Proficient in Azure Monitor, Log Analytics, Application Insights, cost management and optimisation, resource tagging strategies, and maintaining platform availability through proactive monitoring and incident response. Infrastructure as Code (Terraform) - Strong working knowledge of Terraform for provisioning and managing Azure infrastructure including writing and maintaining Terraform modules for Azure … high availability architectures using Availability Zones, Azure Load Balancer, Azure Application Gateway, VM Scale Sets, and conducting DR tests to ensure business continuity. Collaboration & Incident Response - Strong team player with experience working across DevOps, infrastructure, security, and development teams. Skilled in incident management and managing status dashboards

cyber defence function. This position is suited to someone with a strong technical security background who can drive strategy, uplift security maturity, and oversee incident response activities. You will be responsible for safeguarding the business's infrastructure, digital assets, and data by shaping security processes, managing risk … recognised security frameworks. Key Responsibilities Lead and develop a team of cyber security engineers, providing technical and strategic direction. Oversee security operations including monitoring, incident management, and threat response. Conduct assessments across the IT estate to identify risks and emerging threats. Manage security events from detection through to remediation

GDPR, and other frameworks. Deliver security awareness training and embed a culture of compliance. Support day-to-day security operations, including monitoring, incident response, and threat analysis. What We're Looking For Experience: 3-5 years in information security or compliance roles. ISO 27001 Mastery: Proven track record

GDPR, and other frameworks. Deliver security awareness training and embed a culture of compliance. Support day-to-day security operations, including monitoring, incident response, and threat analysis. What We're Looking For Experience: 3-5 years in information security or compliance roles. ISO 27001 Mastery: Proven track record

base articles in line with best practices * Automate security tasks and toolchains using scripting (PowerShell, Batch, etc.) * Collaborate with external SOC teams * Prepare post-incident reports and root cause analyses * Manage end-user device (EUD) security via MS Intune, Sophos and NinjaOne * Schedule and assess vulnerability scans on critical … driven changes * Produce weekly security operations reports * Manage Cisco Umbrella web filtering and SSL inspection policies Requirements: * Previous hands-on experience in SecOps or Incident Response * Recognised Security certifications such as Security+, CEH, or Microsoft security certifications * Strong knowledge of Microsoft Windows OS security and hardening * Working PowerShell

base articles in line with best practices * Automate security tasks and toolchains using scripting (PowerShell, Batch, etc.) * Collaborate with external SOC teams * Prepare post-incident reports and root cause analyses * Manage end-user device (EUD) security via MS Intune, Sophos and NinjaOne * Schedule and assess vulnerability scans on critical … driven changes * Produce weekly security operations reports * Manage Cisco Umbrella web filtering and SSL inspection policies Requirements: * Previous hands-on experience in SecOps or Incident Response * Recognised Security certifications such as Security+, CEH, or Microsoft security certifications * Strong knowledge of Microsoft Windows OS security and hardening * Working PowerShell

including Data Protection Impact Assessments. Manage compliance and supplier security controls. Oversee penetration testing and manage vulnerability fixes. Develop and test the company's incident response plan. Support the secure implementation of new AI-driven tools. Lead, coach, and support a small technical team. Requirements 2+ years

applied operationally within complex organisations Risk Assessment: Skilled in identifying, assessing, and mitigating cyber security risks. Proficiency in using security assessment tools and methodologies. Incident Response: Ability to lead investigations into security incidents and provide post-incident reviews Education Essential A Master's degree in Cyber Security … managing security and compliance within Microsoft environments, particularly using Microsoft security tools and cloud services (e.g., Azure, Microsoft 365). Experience leading security audits, incident management, and staff training initiatives. Desirable Experience of implementing and supporting security control frameworks, such as ISO27001. Knowledge and experience of cyber security maturity

mature security function responsible for global operational security across IT infrastructure and business applications – including privileged access management, threat protection, threat detection and incident management. Working closely with the IT Security Manager, you will help ensure security services are delivered effectively and that core controls remain fully operational … with technologies such as SIEM, PAM, Endpoint Protection, EDR, IPS/IDS, MFA, Encryption and Next Gen Firewalls Experience supporting cyber security event triage, incident response and recovery Strong knowledge of operational security management and tooling This role offers the chance to work in a highly regulated, security

other engineers. Monitoring and Operational Excellence: Implement and manage monitoring, logging, and alerting solutions (e.g., Prometheus, Grafana, Stackdriver) to ensure high availability and proactive incident response for all hybrid infrastructure. Required Skills & Qualifications Experience: 5+ years of experience in a DevOps, SRE, or Platform Engineering role. GCVE Expertise

strategy and roadmap Lead enterprise security governance and represent security at senior/board level Own policies, frameworks, compliance, DPIAs, and operating models Oversee incident response, vulnerability management, SOC integration, and threat monitoring Secure hybrid platforms (Azure, AWS, Nutanix, SD-WAN, Zero Trust, CASB, SASE) Lead risk assessments

GDPR, BCBS 239, FFIEC 101, 3402, CHAP. Working experience and/or knowledge of Security domains including Access management, Threat management, Incident response and recovery, Data protection, Vulnerability management, Monitoring and logging, Physical security, and Security risk management and governance. Working experience and/or knowledge of cloud

senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain … incident response plans and procedures. Requirements: Proven experience as a Digital Operations Manager, IT Manager, Support Manager, or similar role. Strong leadership and team management skills with the ability to mentor and inspire a diverse team. Excellent understanding of IT infrastructure, application support, and digital operations. Demonstrated experience

open standards (e.g. OpenAPI, AsyncAPI, CloudEvents, OpenTelemetry) to maximise interoperability and transparency. Drive adoption of operational excellence practices: observability, monitoring, alerting, incident response, and post-incident reviews. Promote a “you build it, you run it” culture where engineers take ownership of the services they develop, balancing delivery

architecture on major projects. Strong technical knowledge of Azure and AWS security services, controls, and architectures. Deep understanding of IAM, networking, encryption, monitoring, and incident response in cloud environments. Familiarity with cloud-native security tooling (Purview, MS Defender, AWS Security Hub, GuardDuty, etc.). Strong understanding of Identity

Analyzer) to reduce exposure and prevent repeat issues. Produce clear remediation guidance, runbooks, and reporting dashboards for both technical and non-technical stakeholders. Support incident response and post-remediation validation where high-risk findings are exploited or trending. kills & Experience AWS/Cloud Security Deep, hands

complex cybersecurity concepts into clear, actionable guidance. Assess client cyber risks and recommend practical mitigation strategies. Draft policies and procedures to enhance resilience and incident response. Evaluate vulnerabilities in systems, networks, and supply chains. Manage projects and coordinate team efforts to deliver high-quality outcomes. Prepare detailed client reports