23 of 23 Remote Incident Response Jobs in Manchester

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information risks for policing. It supports … the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security incidents within the NMC, along … with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident Response Planning, Cyber Incident More ❯

to hear from you. This is more than just a security role, it's a chance to: Contribute to the design and implementation of security controls, tools, monitoring, and incident response processes. Work with modern cloud technologies, especially Microsoft Azure, to secure scalable microservices and infrastructure. Help shape and implement security best practices, threat detection, and incident response strategies. What you'll be doing Designing and implementing security controls & tooling across our hybrid-based infrastructure, with a focus on Microsoft Azure. Monitoring and responding to threats using tools like SIEM and XDR, ensuring rapid detection and resolution of security incidents. Collaborating in an Agile environment with multiple teams to embed security best practices throughout the … business. Conducting regular vulnerability assessments, supporting patch management, and improving our overall security posture. Creating and maintaining clear, concise documentation for security processes, configurations, and incident response procedures. Participating in the Information Security on-call rota. What you'll bring: 2+ years of hands-on cybersecurity experience, with a focus on cloud environments such as Microsoft Azure. A More ❯

DCC is looking for a Lead Cyber Security Operations Analystto play a key leadership role in shaping and advancing our Security Operations Centre (SOC). You'll drive our incident response strategy, lead major investigations, develop cutting-edge detection content, and help grow a highly capable security team through training and exercises. This is a critical role in … capabilities and foster collaboration across the smart metering community. Translate threat trends into actionable insights and drive improvements across the organisation. Evaluate and recommend tools that enhance detection and response capabilities. Conduct forensic investigations and perform root cause analysis of security incidents. What are we looking for? Proven experience in incident response and leading investigations in complex More ❯

strengthening security posture, delivering against the cybersecurity strategy and ensuring alignment with the Cyber Governance Code of Practice. The role will include security audits, issue investigations, cross-functional cyber incident planning and ensuring cybersecurity practices extend across the Supply Chain. This is a fast paced role, where the successful candidate will lead cybersecurity governance, risk management, and compliance initiatives … within an enterprise environment. Managing incident response frameworks, including cross-functional planning and coordination. They will have excellent interpersonal skills and ability to build and maintain relationships with key stakeholders. This role is based at any of our UK site (Hamilton, Manchester, Sheffield, Salisbury or Cardiff) with hybrid working as an option. On occasion you will be required … risk assessments and investigations, identifying vulnerabilities and proposing remediation strategies. They will develop and enforce cybersecurity policies aligned with regulatory frameworks and best practices, and lead cross-functional cyber incident planning sessions, collaborating with key business units to improve response readiness. They will provide expert recommendations on security improvements, infrastructure hardening and threat mitigation strategies. The successful candidate More ❯

sit at the heart of our engineering operations, bringing together SRE principles and modern platform engineering practices. This includes combining principles of SRE - such as service-level reliability, observability, incident response - with platform engineering practices like GitOps, Infrastructure as Code, DevSecOps automation, and self-service enablement, to help development teams ship faster, safer, and more cost-efficiently. What … you'll be doing: Designing and operating highly reliable, scalable, and secure Azure-based platforms Applying SRE principles like SLOs, observability, and incident management to drive service reliability Building Infrastructure as Code using Terraform (v1.7+) and GitOps workflows Enabling teams through platform tools, reusable Terraform modules, and self-service infrastructure Enhancing CI/CD pipelines (Azure DevOps, YAML-based … services (SQL, Cosmos DB, ADF, Functions, Logic Apps, etc.) Improving monitoring and alerting with Datadog, Grafana, ELK, and proactive failure detection Participating in the on-call rota and leading incident response workflows and blameless postmortems Coaching engineers, upskilling teams, and contributing to a culture of continuous improvement Driving cost awareness through FinOps practices and automated budget controls What More ❯

to the setup and ongoing enhancement of the Security Operations Center (SOC). Investigating security incidents and implementing effective countermeasures. Utilizing SOC tools such as SIEM, vulnerability scanners, and incident response solutions. Performing threat hunting by analyzing and assessing security events on central platforms. Documenting incidents thoroughly in ticketing and SIEM systems, and generating detailed reports. Monitoring systems … of offensive security concepts. Experience with programming languages such as Python and SQL. Minimum C1 level in German with good knowledge of English. Desirable skills: Experience working with Sophos. Incident response experience. Experience with malware analysis. Company benefits: Attractive salary. Strong progression plans. Excellent training opportunities and personal development. Opportunity to attain certifications. Work alongside an inclusive team More ❯

Proactively work with business units and global functions in InfoSec to support internal and external audits and ensure their success, Support other InfoSec teams and local IT teams during incident management and incident response activities, Liaise with Data Protection Officers for the implementation of data protection processes and controls, and during any data privacy issue, Contribute to More ❯

implement remediation plans, drive remediation efforts and identify improvements in the vulnerability management program. Monitor and track the status of identified vulnerabilities and ensure timely resolution. Security Monitoring and Incident Response Leverage Microsoft Defender EDR/XDR and other security tools to monitor, analyse, and respond to security threats. Investigate suspicious activity and determine if incidents have occurred. … Contain and mitigate security incidents to prevent further impact. Develop, implement, and optimise security automation processes to improve detection, response, and mitigation efforts Security Compliance & Governance Ensure security configurations align with compliance frameworks such as ISO 27001, Cyber Essentials Plus, and regulatory requirements Skills and experience Essential 3yrs+ with current IT Security Analyst experience. Proven experience with M365 security More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

our Information Security team and exposure to our wider IT teams. You will build knowledge in the following areas: Risk Management, Policy and Compliance, Security Certifications,Supplier Due Diligence, Incident Response and Awareness, and Security Awareness, as well as working on ongoing projects. WHAT IS THE SCOPE OF THE ROLE? The following list is not exhaustive but gives More ❯

our Information Security team and exposure to our wider IT teams. You will build knowledge in the following areas: Risk Management, Policy and Compliance, Security Certifications, Supplier Due Diligence, Incident Response and Awareness, and Security Awareness, as well as working on ongoing projects. What is the scope of the role? The following list is not exhaustive but gives More ❯

an enthusiastic, passionate,and collaborative team? Join our Risk & Assurance Team As Softcat's business continues to grow and evolve, so have the risks and the regulatory landscape. In response, Softcat Plc has recognised the need to further strengthen its Risk Management and Internal Controls and has created a second line Risk and Assurance function to strengthen the overall … current, comprehensive, and aligned with industry standards and audit expectations. Reviewing effectiveness of first line functions in testing and validation of key IT controls (e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO2 2301, NIST More ❯

with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First Responders assist with pro-active security operations, including both regularly scheduled security assessments as well as ad-hoc … security taskings Location Hybrid - Bristol or London Type Permanent, full-time Immediate Who we are looking for. The responsibilities of this role include: Initial triage and response to security alerts. Supporting customer cloud infrastructure & security posture. Monitoring and resolution of key security metrics. Identify emerging security trends. IOC creation based on emerging threats. Acting as a key part of … the cyber incident response team. Completion of proactive security reports. 24/7 Shift Work - 4 on 4 off pattern. This role will require working within a close-knit team to help build Stripe OLT as a global leader in cyber security - focused specifically on defensive domains. The role requires a self-starter, an ideal team player who More ❯

automation and RPA strategies aligned with value streams and business goals Collaborate with cross-functional teams, including change, engineering, and business leaders Ensure strong platform security, monitoring, compliance, and incident response Key Skills & Experience: Proven expertise in Azure architecture, including AKS, Cosmos DB, SQL Database, and Storage Experience with IaC tools (e.g. Terraform, ARM templates) Strong knowledge of More ❯

automation and RPA strategies aligned with value streams and business goals Collaborate with cross-functional teams, including change, engineering, and business leaders Ensure strong platform security, monitoring, compliance, and incident response Key Skills & Experience: Proven expertise in Azure architecture, including AKS, Cosmos DB, SQL Database, and Storage Experience with IaC tools (e.g. Terraform, ARM templates) Strong knowledge of More ❯

automation and RPA strategies aligned with value streams and business goals Collaborate with cross-functional teams, including change, engineering, and business leaders Ensure strong platform security, monitoring, compliance, and incident response Key Skills & Experience: Proven expertise in Azure architecture, including AKS, Cosmos DB, SQL Database, and Storage Experience with IaC tools (e.g. Terraform, ARM templates) Strong knowledge of More ❯

as Terraform, Ansible. Monitor, troubleshoot, and optimize systems, networks, and application performance across hybrid environments. Collaborate with security, development, and operations teams to enforce DevSecOps best practices. Participate in incident response, root cause analysis, and implement long-term fixes. Maintain and document configurations, processes, and network topologies. Required Qualifications Extensive hands-on experience with F5 load balancers expertise. More ❯

resolutions are within SLA. Build and nurture strong relationships both internally and externally to enhance service delivery for our customers. Complete and document Root Cause Analyses (RCAs) and Post Incident Reviews (PIRs), recommending improvements where necessary. Contribute to ITSM-driven initiatives, collaborating as a chapter to implement positive changes. Create and maintain Knowledge Base articles for team sustainability and … API testing tools Experience in unit testing with a focus on continual improvement in API monitoring and performance A mindset geared towards optimisation and automation, especially in alerting and incident response processes Strong documentation skills to ensure key processes and learnings are shared across the team Solid understanding of ITIL v4 (certification required) Exposure to Agile methodologies A More ❯

resolutions are within SLA. Build and nurture strong relationships both internally and externally to enhance service delivery for our customers. Complete and document Root Cause Analyses (RCAs) and Post Incident Reviews (PIRs), recommending improvements where necessary. Contribute to ITSM-driven initiatives, collaborating as a chapter to implement positive changes. Create and maintain Knowledge Base articles for team sustainability and … API testing tools Experience in unit testing with a focus on continual improvement in API monitoring and performance A mindset geared towards optimisation and automation, especially in alerting and incident response processes Strong documentation skills to ensure key processes and learnings are shared across the team Solid understanding of ITIL v4 (certification required) Exposure to Agile methodologies A More ❯

and runbooks What you bring: The ideal candidate for this IT Service Continuity Lead role will bring a strong background in IT continuity planning, disaster recovery, risk management, and incident response. Your expertise in designing and testing robust IT service continuity plans that align with business priorities will be essential. You should have a thorough understanding of BIA and More ❯

and availability of our security infrastructure. What You'll Be Doing * Managing Hardware Security Modules (HSMs)and cryptographic infrastructure* Creating, storing, and retiring encryption keyssecurely across multiple platforms* Supporting incident and change managementprocesses* Collaborating with application, infrastructure, and support teams* Ensuring compliance with security standards and audit requirements* Contributing to project deliveryand continuous improvement initiatives What We're Looking … work under pressure* Excellent communication and stakeholder management skills Nice to Have * ITIL Foundation certification* Security or project management certifications* Experience with tools like JIRA, Confluence, SharePoint* Background in incident responseand risk management Benefits * Salary up to £41,000 depending on experience* Pension of 12%* Private medical* Discretionary bonus Please Note: This is a permanent role for UK residents More ❯