1 to 25 of 29 Incident Response Jobs in the Midlands

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. As … the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We … looking for someone Midlands based who can be on site in Warwickshire 1 day a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

Principal Cyber Security Incident Response Analyst £60,000 - £70,000 Full Time/Permanent West Midlands/Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. … As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire … on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network More ❯

Cyber Incident Manager £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Manager to join a large nationally recognised brand head quartered in the West Midlands. As the Cyber Incident Manager you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We are ideally looking for someone … Midlands based who can be on site in Warwickshire 1 day a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships with required stakeholders. More ❯

an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC … activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports … to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients More ❯

are seeking an experienced SOC Manager to lead and enhance a Security Operations Centre (SOC) for a major client in the technology sector. You will be responsible for improving incident response, strengthening threat detection, and overseeing the performance and development of the SOC team. Key Responsibilities: Establish SOC goals and priorities, including improving incident response, reducing … false positives, and enhancing threat detection. Lead incident response efforts and coordinate resolution with internal and external stakeholders. Analyse incident trends to identify vulnerabilities and inform security strategy. Act as the primary point of contact for security incidents. Manage end-to-end security incident investigations and reporting. Mentor SOC analysts and ensure adherence to operational best … knowledge of Authentication, Endpoint Security, Firewalls, DLP, IAM, PKI, EDR, SOAR, and related SOC technologies. Experience with SIEM platforms such as Google Chronicle, Splunk ES, or QRadar. Expertise in incident management, intrusion analysis, and security device configuration. Experience with log source integration, parser writing, and correlation rule development. SOC automation and cloud operations experience (e.g., AWS). Excellent leadership More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role is based on site for the first 3 months followed by a hybrid working arrangement. Key Responsibilities Develop More ❯

an experienced SOC Engineer to support a high-profile critical national infrastructure project. This role is ideal for professionals with a strong background in security operations, threat detection, and incident response, who thrive in fast-paced environments and understand the importance of protecting sensitive systems. This is a remote-first opportunity, with occasional travel to the customer site … SIEM use cases, dashboards, and alerting mechanisms. Respond to security incidents, conduct root cause analysis, and provide remediation recommendations. Collaborate with engineering and infrastructure teams to improve detection and response capabilities. Maintain documentation for incident handling, playbooks, and operational procedures. Support compliance efforts and contribute to audit readiness. Stay current with emerging threats, vulnerabilities, and security technologies. Required … Skills & Experience Proven experience in a SOC or similar security operations role. Strong knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar). Familiarity with threat intelligence, malware analysis, and incident response frameworks. Understanding of network protocols, Windows/Linux systems, and cloud environments. Excellent analytical, communication, and problem-solving skills. Active SC Clearance or eligibility to obtain it. More ❯

challenge? This role puts you at the front line of cyber resilience in the Defence & Security space. You’ll lead a high-performing SOC, taking ownership of daily operations, incident response and mentoring analysts while shaping detection and response capability. What you’ll do: ✅ Lead SOC operations & incident response ✅ Act as escalation point for complex … SOAR detection/playbooks ✅ Mentor analysts & drive continuous improvement ✅ Support proactive threat hunting & compliance What you’ll bring: ✔ 3+ years’ SOC/security operations experience ✔ Strong knowledge of detection, response & threat analysis ✔ Hands-on with SIEM, SOAR & endpoint tools ✔ Problem-solving mindset & clear communicator ✔ Certs like GCIA, GCIH, CEH or CySA+ are a plus This is a chance to More ❯

cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯

security measures, and monitoring network activity. Key responsibilities include: Monitor Networks and Systems: Continuously monitor the organisation’s networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits to ensure that systems and networks … Stay updated on the latest intelligence, including hackers’ methodologies, to anticipate security breaches. Reporting: Prepare reports that document security breaches and the extent of the damage caused. Cyber Security Incident Response: Work with the IT Manager to maintain and update cyber incident response plans and procedures. Conduct Security Attack Simulations: Undertake security assessments such as Phishing More ❯

can lead engagements, provide authoritative advice, and help shape our cyber security services. You will work primarily in Audit & Assurance and Risk & Compliance, with the opportunity to contribute to Incident Response where needed. There will also be opportunities to define and lead other areas of cyber security. What youll be doing Lead and deliver client engagements across governance … deliverables , audit reports, risk assessments, control mappings, and remediation roadmaps. Stay ahead of the curve , m onitor emerging threats, regulations and standards, and translate these into actionable guidance. Support incident response activities where required , providing expertise during investigations and post-incident reviews. Mentor and develop colleagues, sharing knowledge and contributing to the growth of our cyber practice. … Harborough) and client site visits as needed. Professional development , s upport for CPD, including maintaining Chartered status and relevant certifications. Varied engagements , opportunities to work across multiple domains, including incident response. Package Between £50,000 - £70,000, subject to experience 3% Pension contributions 25 days holiday + Bank holidays Option to purchase an additional 5 days holiday Home based More ❯

role in strengthening our clients' security operations. This is a hands-on, strategic position within the Technical Operations team, where you'll set the direction for security practices, guide incident response, and support the growth of the wider team. Your responsibilities: Lead on security incidents, managing investigations through to resolution Design, implement, and maintain robust security controls across … infrastructure and applications Drive the creation and execution of incident response plans, ensuring continuous improvements Integrate security practices seamlessly into the DevOps pipeline Manage and optimise monitoring tools to provide real-time threat visibility Carry out regular threat and vulnerability assessments, applying effective remediation strategies Coach and mentor colleagues, keeping the team ahead of evolving risks and technologies More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture, protocols, and change management processes. Lead incident response and remediation for cyber events detected by OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols, including experience managing configuration changes. Experience working within incident response frameworks-from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews, particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture, protocols, and change management processes. Lead incident response and remediation for cyber events detected by OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols, including experience managing configuration changes. Experience working within incident response frameworks-from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews, particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

and mitigating potential risks. You will oversee information security, compliance, and risk management practices based on industry-accepted information security and risk management frameworks, whilst establishing and maintaining an incident response plan, including incident detection, response, investigation, and resolution, to minimise the impact of security incidents. What you'll need to succeed Demonstrable experience of implementing More ❯

environments. Lead audits, vulnerability assessments, and improvement programmes to continuously strengthen our cyber security and resilience posture. Support programme initiatives to ensure secure operations across manufacturing and plant facilities. Incident Management & Response Act as the primary lead for industrial cyber incidents, ensuring rapid identification, response, and resolution. Maintain and refine incident response protocols, ensuring business More ❯

to drive process improvements. - A good understanding of regulatory landscape (CSSF, DORA, EBA, NIS2, SOC 2) - Experience with cloud platforms risk management, cloud security, and compliance, including IAM, cloud incident response, and resilience testing. - Master's degree or equivalent. Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. More ❯

Splunk architecture, data ingestion, alerting, and dashboarding, along with experience migrating workloads to Elasticsearch. In addition to migration duties, the candidate will maintain and enhance existing Splunk infrastructure, provide incident support, manage upgrades, and ensure observability platforms remain secure and performant. This role demands a technically strong individual with excellent stakeholder communication and problem-solving skills. Key Responsibilities: Migration … Collaborate with Elastic teams to configure alerting and monitoring using Kibana, Elasticsearch Watcher, or third-party tools. Ensure migration plans include validation, rollback procedures, and knowledge transfer. Platform Operations & Incident Response: Maintain Splunk infrastructure in both Production and Non-Production environments. Support Splunk SRE and Application teams in incident investigation and resolution. Proactively monitor system health and More ❯

principles, communicating widely with other stakeholders. Support the GovAssure process by coordinating the collection of evidence, and the submission of GovAssure returns to Cabinet Office. Assist, where necessary, with incident response processes to identify architectural issues and solutions. Proactively engage with internal and external partners, stakeholders and peers to develop your knowledge and inform your decisions. You will … for the following Success Profile elements: Experience Your CV and your 500-word personal statement will be used to assess your suitability for the role. Technical Your 250-word response will demonstrate your technical skills against the listed Technical criteria. Stage 2 - Interviews If invited to interview Behaviour, Experience and Technical based questioning will be used. Please note candidates More ❯

Overview Monitor and manage IT security infrastructure Conduct vulnerability assessments and penetration tests Lead incident response and mitigation Implement security policies and procedures Ensure compliance with GDPR, ISO27001 Work with SIEM tools for threat detection Manage access controls and firewalls Oversee employee security awareness programs Respond to emerging cyber threats Document incidents and reports Collaborate with IT teams More ❯

and maintain cloud infrastructure across public and hybrid environments, using Infrastructure-as-Code tools. The role also involves monitoring for performance, availability, and security, as well as assisting with incident response and troubleshooting. Collaboration is key, and you ll work with engineers and architects to create reusable templates, drive automation, and support cost optimisation. This is a great More ❯

and maintain cloud infrastructure across public and hybrid environments, using Infrastructure-as-Code tools. The role also involves monitoring for performance, availability, and security, as well as assisting with incident response and troubleshooting. Collaboration is key, and you’ll work with engineers and architects to create reusable templates, drive automation, and support cost optimisation. This is a great More ❯

FortiGate Manage VPNs, IPSEC tunnels, and certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/IP, VLAN, VXLAN, EVPN, VPC More ❯

FortiGate Manage VPNs, IPSEC tunnels, and certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/IP, VLAN, VXLAN, EVPN, VPC More ❯

to implement alerting and monitoring using Kibana and Elasticsearch Watcher or third-party tools. Assess existing Splunk configurations, including dashboards, alerts, saved searches, data models and recreate in Kibana. Incident Response Ensure the smooth functioning of Splunk platform across BT maintaining the Splunk’s infrastructure in Production & Non-Production environments. To support Splunk SRE & Application teams in investigating More ❯