1 to 25 of 113 Incident Response Jobs in the North of England

Incident Response Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an Incident Response Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100/+44 204 520 2575 with the subject line: “Application Support Request”. Role: Cyber Incident Response Consultant Job Type: Permanent Location: Bradford , Hybrid (3 days On-site) Are you looking to leverage your skills in threat detection, response, and coordination? We have … an exciting opportunity for you - Cyber Incident Response Consultant! Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands … and thought leadership. Gain access to endless learning opportunities. Lead a team and their technical growth. Lead projects and inspire both colleagues and stakeholders. The Role As a Cyber Incident Response Consultant, you will be working with the existing security team to support the customer with monitoring alerts and threats received. You will also be responsible for front More ❯

and services are always reliable, available, and performing at their best. What will yo u be doing? As an SRE, you'll be instrumental in implementing automation, monitoring, and incident response strategies to minimize downtime and optimize our operations. You'll collaborate closely with our development, infrastructure, and security teams, balancing exciting new feature delivery with rock-solid … management practices. System Reliability and Availability Ensure system uptime: Monitor and maintain the availability and reliability of critical systems and services, meeting all uptime SLAs (Service Level Agreements). Incident management: Quickly respond to incidents, investigate root causes, and ensure effective postmortems and continuous improvement processes are in place. Failure detection and response: Proactively identify potential failures or … potential risks in a timely manner, minimizing impact on our players. Metrics collection: Define and track key metrics (e.g., uptime, latency, request rates) to measure system health and performance. Incident Response Incident resolution: Work quickly to resolve incidents, minimize downtime, and restore service as fast as possible. Post-incident analysis: After resolving incidents, perform root cause More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information risks for policing. It supports … the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security incidents within the NMC, along … with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident Response Planning, Cyber Incident More ❯

such as CrowdStrike Falcon, RoboShadow, Microsoft Defender, ThreatLocker Evaluate and onboard new security technologies; liaise with vendors Lead technical onboarding of cyber tools for both internal and client deployments Incident Response & Threat Management: Develop and own incident response playbooks Act as the lead escalation point for live security incidents Analyse alerts, threat intelligence, and forensic data … of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incident response experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts for clients More ❯

such as CrowdStrike Falcon, RoboShadow, Microsoft Defender, ThreatLocker Evaluate and onboard new security technologies; liaise with vendors Lead technical onboarding of cyber tools for both internal and client deployments Incident Response & Threat Management: Develop and own incident response playbooks Act as the lead escalation point for live security incidents Analyse alerts, threat intelligence, and forensic data … of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incident response experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts for clients More ❯

Director of Cyber Security - NIST CSF, Risk Management, Incident Response - Dublin - £150,000 + 40% bonus A leading international gaming and entertainment company are searching for a Director of Cyber Security to drive their Group cyber security strategy and build resilience across their global operations. The Director of Cyber Security's responsibilities will be: Lead implementation of Group … implementing technology security policies and NIST CSF standards. Strengthen cyber governance and risk management, providing timely and accurate risk reporting to senior management and risk committees. Lead Security Monitoring & Incident Response teams, ensuring robust processes across critical business systems. Oversee Platforms & Services Security teams, ensuring assets comply with NIST CSF v2 and Group policies. Manage SEC reporting requirements … experienced cyber security leader looking to drive strategic transformation at a global entertainment company with operations across multiple markets? Please apply! Director of Cyber Security - NIST CSF, Risk Management, Incident Response - Dublin (mostly remote) - £150,000 + 40% bonus Burns Sheehan Ltd will consider applications based only on skills and ability and will not discriminate on any grounds. More ❯

enable holistic analysis at a global level • Establish performance benchmarks, conduct analyses, and prepare reports on all key CMRS goals and metrics • Develop and maintain standard operating procedures, emergency response procedures, and preventive maintenance programs. Ensure standardization and consistency with best-in-class operating practices. • Engage, coach, train, and influence business partners to be an extension of Loss Prevention … on the appropriate escalation path • Effectively address product loss mitigation, physical security considerations, potential and actual work place violence incidents per policy as well as conduct testing of the incident response plans • Reviewing incident reports, documenting periodic trend summaries, and providing updates and recommended actions to management. • Take calculated risks and challenge current practices to develop and … enable holistic analysis at a global level • Establish performance benchmarks, conduct analyses, and prepare reports on all key CMRS goals and metrics • Develop and maintain standard operating procedures, emergency response procedures, and preventive maintenance programs. Ensure standardization and consistency with best-in-class operating practices. • Engage, coach, train, and influence business partners to be an extension of Loss Prevention More ❯

We are looking for a highly skilled Senior Information Security Engineer with deep expertise in security tooling across both on-premise and cloud environments. You will lead threat detection, incident response, and security architecture efforts within a hybrid environment. This is a highly technical engineering role, where you'll be hands-on developing and maintaining our security operations … maintain advanced security configurations across the Microsoft Defender suite (Cloud, Endpoint and Identity), Microsoft Sentinel, Purview and Azure infrastructure (including RBAC, PIM, NSGs and identity protections). Lead security incident detection, investigation, and response activities alongside the SOC. Lead the implementation and tuning of Microsoft Sentinel: build KQL queries, implement custom rules, conduct threat hunting, workbooks, design and … Management (PIM). Specific knowledge of AWS security stack would be beneficial including GuardDuty, CloudWatch and SecurityHub Familiarity with industry frameworks: MITRE ATT&CK, NIST, CIS, PCI-DSS. Excellent incident response, problem-solving, and communication skills. Preferred Certifications: Microsoft Certified: Cybersecurity Architect Expert (SC-100) Microsoft Certified: Security Operations Analyst Associate (SC-200) Microsoft Certified: Azure Security Engineer More ❯

This role offers a chance to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly, and monthly monitoring of systems … Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity principles. Excellent communication skills, with … impact in a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

This role offers a chance to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly, and monthly monitoring of systems … Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity principles. Excellent communication skills, with … impact in a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

This role offers a chance to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly, and monthly monitoring of systems … Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity principles. Excellent communication skills, with … impact in a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

Encryption : Protect data at rest, in transit, and in use through encryption and tokenization. Network Security : Design secure network architectures, implement IDS/IPS, firewalls, and VPNs. Security Monitoring & Incident Response : Build monitoring solutions, develop incident response strategies. Compliance & Governance : Ensure adherence to regulations, conduct audits, and establish security frameworks. Secure DevOps & Automation : Incorporate security into … Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and communication skills Relevant cybersecurity certifications (CISSP, CISM, CEH, etc.) Requirements Bachelor's degree More ❯

architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party risks by assessing supplier compliance, contributing to incident response processes when issues arise, preparing insightful metrics for leadership teams. Collaborate with teams across the business to identify, assess, and track risk mitigation activities through to completion. … where necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate … include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST More ❯

our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations Centre (SOC) capabilities … policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. Incident Response: You'll actively monitor for security incidents and jump into action with our incident response teams to contain, investigate, and prevent future security hiccups. Defining More ❯

DCC is looking for a Lead Cyber Security Operations Analystto play a key leadership role in shaping and advancing our Security Operations Centre (SOC). You'll drive our incident response strategy, lead major investigations, develop cutting-edge detection content, and help grow a highly capable security team through training and exercises. This is a critical role in … capabilities and foster collaboration across the smart metering community. Translate threat trends into actionable insights and drive improvements across the organisation. Evaluate and recommend tools that enhance detection and response capabilities. Conduct forensic investigations and perform root cause analysis of security incidents. What are we looking for? Proven experience in incident response and leading investigations in complex More ❯

strengthening security posture, delivering against the cybersecurity strategy and ensuring alignment with the Cyber Governance Code of Practice. The role will include security audits, issue investigations, cross-functional cyber incident planning and ensuring cybersecurity practices extend across the Supply Chain. This is a fast paced role, where the successful candidate will lead cybersecurity governance, risk management, and compliance initiatives … within an enterprise environment. Managing incident response frameworks, including cross-functional planning and coordination. They will have excellent interpersonal skills and ability to build and maintain relationships with key stakeholders. This role is based at any of our UK site (Hamilton, Manchester, Sheffield, Salisbury or Cardiff) with hybrid working as an option. On occasion you will be required … risk assessments and investigations, identifying vulnerabilities and proposing remediation strategies. They will develop and enforce cybersecurity policies aligned with regulatory frameworks and best practices, and lead cross-functional cyber incident planning sessions, collaborating with key business units to improve response readiness. They will provide expert recommendations on security improvements, infrastructure hardening and threat mitigation strategies. The successful candidate More ❯

strengthening security posture, delivering against the cybersecurity strategy and ensuring alignment with the Cyber Governance Code of Practice. The role will include security audits, issue investigations, cross-functional cyber incident planning and ensuring cybersecurity practices extend across the Supply Chain. This is a fast paced role, where the successful candidate will lead cybersecurity governance, risk management, and compliance initiatives … within an enterprise environment. Managing incident response frameworks, including cross-functional planning and coordination. They will have excellent interpersonal skills and ability to build and maintain relationships with key stakeholders. This role is based at any of our UK site (Hamilton, Manchester, Sheffield, Salisbury or Cardiff) with hybrid working as an option. On occasion you will be required … risk assessments and investigations, identifying vulnerabilities and proposing remediation strategies. They will develop and enforce cybersecurity policies aligned with regulatory frameworks and best practices, and lead cross-functional cyber incident planning sessions, collaborating with key business units to improve response readiness. They will provide expert recommendations on security improvements, infrastructure hardening and threat mitigation strategies. The successful candidate More ❯

businesses maintain secure and competitive operations. Key Responsibilities: Support cybersecurity stack administration for SME and hospitality clients using tools including CrowdStrike Falcon, RoboShadow, Microsoft Defender, and ThreatLocker Assist with incident response playbook development and execution, analysing alerts and threat intelligence for effective remediation Contribute to client compliance guidance across Cyber Essentials/CE+, ISO 27001, and PCI DSS … familiarity with security tools including CrowdStrike Falcon, Microsoft Defender, Conditional Access, and MFA Understanding of compliance frameworks such as Cyber Essentials Plus, ISO 27001, and PCI DSS Interest in incident response and real-world security investigations Foundational knowledge of identity security, patch management, and user awareness training Strong written and verbal communication skills with ability to simplify complex More ❯

seasoned SOC professional looking to make a tangible impact. Apply now to join a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune analytic rules, workbooks, and automation playbooks in Sentinel. … Perform deep-dive analysis of malware, phishing, and lateral movement techniques. Collaborate with engineering teams to optimise Microsoft security tool integrations. Maintain and enhance incident response procedures and documentation. Skills/Must have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with … Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. Experience working with SOAR platforms and building automated workflows. Benefits: View to Extension Salary: Up to £575 Per Day More ❯

and introduction of new products and services. Collaborate with Care Systems Support and Service Desk for seamless end-to-end service. Act as a conduit and escalation point for incident and security management. Manage the Configuration Management Database (CMDB) and ensure application/infrastructure interdependencies are understood. Perform daily tasks to keep applications running effectively. Manage obsolescence and maintain … relevant registers. Ensure security and compliance of technology products with Enterprise Policy. Lead incident response, communicate with stakeholders, and conduct root cause analysis. Identify and implement service automation options. Conduct regular business continuity tests. Drive continuous improvement at product and service levels. Ensure thorough testing and quality standards for product changes and updates. Manage release processes and develop … adaptability to technology trends. Proficiency in systems administration, troubleshooting, and IT infrastructure support. Experience in change management and maintaining a change log. Familiarity with monitoring tools, security protocols, and incident response. Strong communication skills and ability to work with cross-functional teams. Knowledge of continuous improvement methods. Results-oriented with a focus on adding value. Clear decision-making approach More ❯

behind the curtain, ensuring our critical systems are always reliable, available, and performing like a dream . We're talking about implementing smart automation, sharp monitoring, and super-speedy incident response strategies to keep everything running smoothly. You'll be working hand-in-hand with our dev, infra, and security teams, making sure we balance exciting new features … be the guardian of our uptime, making sure our critical systems are always available and hitting those all-important SLAs . You'll also be leading the charge on incident management , getting to the bottom of any issues and making sure we learn from them. Monitoring & Alerting Maestro: Setting up and maintaining top-notch monitoring systems (like Dynatrace ) will … craft alerting systems that give us a heads-up before problems even get a chance to impact our players, and you'll define key metrics to measure system health. Incident Response Ace: When things get a bit wobbly, you'll be on the front lines, resolving incidents fast to minimize downtime. After the dust settles, you'll lead More ❯

hierarchy or titles. It's about impact, curiosity and partnering to build something that scales well and feels right. You'll be hands on with architecture, tooling, policy and incident response. You'll enable teams to move quickly and securely, bringing clarity to complex problems and designing systems that work long after you're done with them. What you … ll be doing Collaborating with your teammates to take ownership of security across the business from hardening and monitoring to governance and incident response Designing and evolving secure architectures using defence in depth and threat modelling principles across cloud, networks and endpoints Driving vulnerability management and scaling tooling such as CSPM, SIEM, IAM and endpoint protection to manage … security and data privacy, helping ensure we remain audit ready Building lightweight processes that make it easy for teams to do the secure thing by default Sharing ownership of incident response including triage, coordination and postmortem analysis Partnering with engineers and product teams to embed secure thinking into design and delivery Keeping pace with emerging threats and contributing More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks -from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯