1 to 25 of 71 Incident Response Jobs in the North of England

Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Role Purpose: To manage and service NCC Group clients within the Incident Response space. The Managing Consultant plays a critical role within the DFIR team of experienced consultants, delivering high‐quality incident response and proactive services to clients. The role involves leading and contributing to detailed technical analysis, managing incident response activities, and ensuring effective communication and coordination throughout an engagement. With a strong focus on technically supporting clients during live incidents, the Managing Consultant is also expected to contribute ...

Department: Cyber Services and Capabilities Employment Type: Full Time Location: NLD Rijswijk To manage and service NCC Group clients within the Digital Forensics and Incident Response space. The Principal DFIR Consultant plays a pivotal role within the team of seasoned analysts, actively participating in the analysis and response … collaboration, clear communication, and efficient workflow throughout technical engagements. Responding to emergency incidents, including mitigation and remediation activities. Maintaining composure and effectiveness in client incident‐management scenarios. Providing clients with high‐quality technical investigations. Collaborating in the identification, resolution, and documentation of security incidents. Conducting intelligence‐driven investigative analysis. ...

Senior Cyber Incident Responder Daily Rate: Inside IR35 Location: Sheffield Job Type: Hybrid (2-3 days on-site) Join our Cyber Defence Centre (CDC) as a Senior Cyber Incident Responder. This senior, business-facing role within Security Operations & Engineering focuses on end-to-end cyber incident management … coordination, and stakeholder engagement across complex environments. You will lead the response to high-severity cyber incidents, ensuring effective command, communication, and decision-making throughout the incident lifecycle. Day-to-day of the role: Incident Leadership & Management: Lead the coordination of high-severity cyber incidents from initiation ...

threat landscape. This is a high-impact position where you'll lead the security operations function end-to-end, driving improvements across threat detection, incident response, and overall security posture within a complex, evolving environment. The Role You'll take ownership of security operations, ensuring the business … capability. Key responsibilities include: Leading the day-to-day operations of the Security Operations function, including oversight of any outsourced SOC Managing the full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

devices. Provide hands-on technical leadership during rollout, configuration, and troubleshooting phases. Develop endpoint protection standards, policies, and security baselines. Collaborate with SOC, Incident Response, and IT Operations teams to enhance detection and response capabilities. Tune Falcon policies, detection rules, prevention strategies, and reporting dashboards. Provide technical … mentorship to engineering and security operations teams. Support threat hunting and incident investigations leveraging EDR telemetry. Ensure compliance with enterprise security policies and regulatory standards. Required Experience Strong background in Endpoint Security & Antimalware technologies . McAfee Endpoint Certified professional. Completed CrowdStrike Falcon training and pursuing Falcon certification. Proven experience ...

Group plc is seeking a DFIR Managing Consultant to lead incident response engagements and manage a team of DFIR consultants. The role requires extensive experience in incident response and digital forensics, providing critical guidance during complex situations. Key responsibilities include coordinating teams, delivering thorough investigations ...

Group is seeking a DFIR Managing Consultant in Manchester to lead incident response engagements. The role involves managing a team of skilled consultants, providing hands-on support during cyber incidents, and ensuring effective communication. Candidates should have extensive experience in incident response and digital forensics, strong ...

Group plc is seeking an Executive Principal Consultant to manage and service clients within the Digital Forensics and Incident Response space. The role involves leading a team in analyzing and responding to security incidents, conducting high-quality investigations, and mentoring team members. Candidates should have strong technical expertise … incident response, several years' experience in Digital Forensics, and the ability to communicate technical findings to non-technical audiences. The position provides full-time employment based in the United Kingdom. #J-18808-Ljbffr ...

Defender for Identity, Defender for Cloud Apps, etc.) and other monitoring tools to identify and respond to potential data loss or unauthorised data sharing Incident Triage & Response: Perform timely triage of security alerts to determine impact and urgency, investigating incidents using available tools and data Lead initial incident response actions (containment, remediation, communication) for confirmed security incidents, following established escalation procedures Ensuring that all incidents are promptly escalated to senior leadership or external partners, as appropriate Threat Analysis & Intelligence Integration: Analyse malicious activities to determine root cause and attack vectors by mapping observed attacker actions ...

Security: Drive the secure design and operation of critical technology platforms, collaborating with platform owners and engineering teams to embed security throughout the lifecycle. Incident Response & Threat Management: Provide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation ...

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...

compliance with security standards, and protecting both organisational and customer data. You will act as an important escalation point for security-related matters, including incident response, while supporting technical teams in maintaining a strong and compliant security posture. Key Responsibilities Review and analyse current security measures to identify … frameworks, and industry best practices Experience across infrastructure and networking environments, both on-premise and cloud-based Hands-on involvement in vulnerability management and incident response Familiarity with security monitoring tools such as firewalls, IDS/IPS, and extended detection solutions Experience working with SIEM, cloud security platforms ...

increase operational efficiency and reduce manual intervention;* Evaluate system designs and architectures for reliability, performance, security, and efficiency, ensuring best practices are followed;* Lead incident response efforts, conduct root cause analysis, and implement long-term solutions for complex issues;* Develop and maintain comprehensive runbooks and procedures for incident response and operational tasks;* Collaborate with cross-functional teams to review and provide feedback on technical designs, ensuring alignment with SRE principles;* Participate in on-call rotations and handle critical incidents with confidence and expertise;* Continuously improve documentation for systems and services, contributing to a knowledge-sharing culture ...

mapping Risk advisory and assurance Business resilience Data privacy and GDPR ISO 27001 assessments Supply chain assurance PCI 3DS, PCI P2PE, PCI SSF audits Incident response readiness and planning Card production and PIN audits Cyber maturity assessments Incident response planning Gold/Silver/Bronze tabletops ...

plus core services. LAN/WAN network security & patch management. VM management (VMware/Proxmox). Cyber Security & Firewall management. AWS cloud administration. IT Incident response & DR. What youll need: A minimum of 5+ years experience in IT Infrastructure/Networking/Service Delivery or equivalent roles. … patching, software deployment and lifecycle management). Working knowledge of identity and security controls (e.g., MFA, Conditional Access, RBAC/least privilege) and supporting incident response activities. Experience working within a Service Desk/ticketing environment, managing workload to SLAs and owning incidents/requests through to resolution. ...

Senior Consultant DFIR Department: Cyber Services and Capabilities Employment Type: Full Time Location: NLD Rijswijk Reporting To: Tim Libanon Description An independent Digital forensics & Incident response consultant that is able to handle small to medium client cases on its own and/or together with a more junior … cloud security; Strong nderstanding of forensic artefacts, security protocols, authentication, authorization, and attack paths; Capability in executing resilience assessments, digital forensic investigation and incident response Familiarity with PICERL framework. Familiarity with common cybersecurity tools (e.g., EDR, SIEM, firewalls, IDS/IPS, antivirus software); Ability to script or program ...

firm's technology environment which includes Microsoft Defender & Sentinel. Key Responsibilities: * Monitor security event identification via the third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support … maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows. * Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps). * Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews. * Support ...

effectively enforced and adhered to across the organisation. Hands-On DeliveryRemain hands-on in the day-to-day operation of cyber security, including: Incident response and investigation. Security tooling, monitoring, and vulnerability management. Supplier and third-party risk assessment. Lead and participate in cyber incident response ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

site) Join our Cyber Defence Centre (CDC) as a SOC Analyst. This is a crucial hands-on operational role within Security Operations, focused on incident detection, investigation, and response. You will play a pivotal role in ensuring effective monitoring, triage, and response to security events, while also driving … continuous improvement and detection engineering initiatives. Day-to-day of the role: Incident Detection & Response: Investigate and respond to security incidents and alerts escalated from Tier 1/Tier 2 SOC. Perform in-depth analysis and triage of security events, identifying threats and determining impact. Support high-severity ...

Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

role is within the Cyber Security Threat Intelligence team within NHS England National CSOC, part of CSOU. The CSOU function provides centralised monitoring and response across NHSE, and the system, which consists of Threat Operations, Protective Monitoring, Incident Management & response and DevOps. The Threat Intelligence function … raising issues to senior leadership. Act as a quality and audit layer for written Threat Intelligence products. Making Cyber Threat Intelligence (CTI) decisions within Incident Response scenarios and leading in-depth CTI investigations. Act as the escalation tier for cyber threat intelligence tasks within Cyber Security tooling including ...