1 to 25 of 50 Remote Incident Response Jobs in the South East

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … s network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will: Lead the response to escalated and high-severity cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and … enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform More ❯

role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior … and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments … upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and More ❯

Cyber outsourcing and managed services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through a powerful mix of Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a world class Security Advisory function. As a Senior SOC Analyst, you will take a … role in identifying, investigating and responding to cyber threats across varied client environments. You will mentor junior analysts, lead complex incidents and help evolve the SOC’s detection and response capabilities. This is an opportunity to make a genuine impact, with the freedom to innovate and the support to grow into roles such as SOC Lead, Threat Hunter, Security … Engineer or Incident Responder. Why This Role Stands Out Join a $1B global IT and Cyber Defence provider that invests heavily in people and technology Work with cutting edge platforms such as Microsoft Sentinel, Defender, Elastic and Palo Alto Be part of a collaborative culture that values curiosity and continuous learning Clear progression into leadership or specialist technical roles More ❯

escalation role within a dedicated Security Operations Centre, working at the forefront of protecting high-value national assets. The successful candidate will act as a technical authority for advanced incident response, threat hunting, and security engineering, with a strong focus on the Microsoft security stack. Key Responsibilities Serve as the primary escalation point for complex incidents and lead … on incident response. Conduct in-depth threat hunting, forensic investigations, and root cause analysis. Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender. Provide mentorship and guidance to junior SOC analysts, enhancing team capability. Collaborate with IT and OT teams to address unique security requirements across CNI environments. Drive improvements in SOC operations … automation, and incident response processes. Monitor evolving threats and integrate threat intelligence into daily operations. Ensure adherence to industry standards and compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for More ❯

role, requiring collaboration across IT, legal, procurement, and operational teams. You will act as the primary point of contact for all matters related to information assurance, supplier security assurance, incident response, and regulatory compliance. Scope IT Security Operations Collaborate closely with IT SecOps team members to ensure security controls remain effective. Where gaps are identified, implement appropriate mitigation … measures and lead the response to security incidents in a timely and coordinated manner. Compliance & Security Coordinate ISO 27001 certification audits and maintain ongoing compliance on behalf of the IT & Digital function. Actively support and contribute to health and safety, environmental sustainability, business continuity, and information security initiatives, ensuring we meet our obligations to customers and regulatory standards Delivery … and supports business objectives. Risk Management: Identify, evaluate, and mitigate information security risks across systems, suppliers, and processes. Maintain visibility over key cyber risks and report to senior leadership. Incident Response: Lead the response to security incidents, including forensic analysis, reporting, and remediation. Coordinate with law enforcement and external partners where necessary. Supplier Assurance: Conduct security reviews More ❯

variety of stakeholders to ensure, the Leidos CSOC, a Defensive Cyber Security capability, can support a customers Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating their risk of Cyber Attack. The successful candidate will be able to demonstrate experience from a CSOC background or be able to demonstrate sufficient transferable Cyber Security … reactive analysis, articulating emerging trends to leadership and staff. Use data collected from Cyber Defence tools firewalls, IDS, network traffic, UEBA (User Entity Behaviour Analysis), Security Orchestration and Automated Response (SOAR) etc. to analyse events that occur within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security Information Event Monitoring … SIEM), End Point Protection (EPP), End Point Detection and Response (EDR), XDR (Extended DR), Web Application Firewall (WAF), and Firewalls. Proactively detect suspicious activity, vulnerabilities, and security misconfigurations before they can be exploited by adversaries impacting Confidentiality, Integrity and Availability which could lead to a Cyber Security Incident. Inspection and correlation of logs from multiple sources to identify repeating More ❯

and Web Application) • Mobile phone/Application Penetration Testing (Android/iPhone/iPad) • Computer and Network Forensics (including e-Discovery) • Delivery of Enterprise Wide Security Programs • Operational Security (Incident Response) • Infrastructure Security and Risk assessments • Network Security (border control devices) • Social Engineering • Good client facing skills. • Drive and ambition to provide support the UK business development executives. … Advanced Certified Ethical Hacker • EnCE - EnCase Certified Examiner http://www.encase.com • CWSP - Certified Wireless Security Professional • PWB - Offensive Security : Penetration Testing with Back|Track • SANS GCIH - GIAC Certified Incident Handler • Major involvement in Network & Web Application vulnerability assessment and penetration tests utilising the OWASP and OSSTMM open standards and other standards. • Lead IT Security Assessment, Incident Response More ❯

and best practice across all regions. Key Responsibilities Lead the design and implementation of secure authentication, authorisation, and data protection frameworks. Manage and enhance Data Loss Prevention (DLP) systems, incident response, and risk management processes. Oversee cloud security architecture across Azure, O365, and iManage Cloud environments. Collaborate with global IT, compliance, and risk teams to deliver a consistent … You Minimum 5 years’ experience in information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. Why Join? You’ll be More ❯

a mission-critical role at the heart of our cyber security strategy. As Operational Security Manager, you'll take ownership of our security operations, overseeing threat intelligence, vulnerability management, incident response and the performance of our outsourced 24/7 SOC. You'll work closely with internal technology teams to embed security into every aspect of our infrastructure … and change lifecycle, ensuring our defences are proactive, responsive and resilient. From playbook rehearsals to live incident recovery, you'll be the calm in the storm, guiding teams through complex challenges with clarity and confidence. What you'll need to succeed You're a seasoned security professional with hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise … network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. Certifications such as CISSP, CEH, CREST or GIAC CIH are part of your toolkit, and your technical depth is matched by your ability to mentor, collaborate and communicate. You thrive in dynamic environments, bring structure to ambiguity and have More ❯

to end IT outsourcing and managed services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through capabilities including Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a consulting led Security Advisory practice. As a Senior Security Engineer, you will be responsible … Out • Join a $1B global IT and Cyber Defence provider investing heavily in people, platforms and innovation • Shape and enhance the SOC’s technical foundations, influencing how detection and response evolves • Work with cutting edge tools across Microsoft, Elastic, Palo Alto, Splunk and other leading technologies • Hybrid working, flexible hours and a culture built on trust, growth and inclusion … and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts to improve visibility, telemetry and response efficiency • Engineering secure log ingestion pipelines across hybrid cloud and on prem environments • Supporting onboarding of new clients into the SOC to ensure correct configuration and data flow • Contributing More ❯

teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response More ❯

teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response More ❯

Advisory - Expertise in leading the adoption of industry cyber frameworks (e.g., NIST, ISO) and providing high-level advisory to boards, executives, and stakeholders on emerging threats and compliance posture. Incident Oversight & Resilience - Executive capability to govern cyber incident response strategies, ensuring the organisation's preparedness, crisis management, and post-incident assurance processes. Security Governance Principles - Deep More ❯

risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFCs security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role … CRISC, CEH, CompTIA Security+, or equivalent experience. Experience working in healthcare, charity, or public sector environments. Familiarity with NCSC CAF and NHS DSPT frameworks. Experience working with SOCs and incident response partners. Please apply with your updated CV ensuring that any gaps in employment are explained. At this point, may we take this opportunity to thank you for More ❯

all offices and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes … would be pleased to share further details. Due to the high volume of applications, we are not able to respond to all enquiries. If you have not received a response within 72 hours, please assume you have not been shortlisted at this stage, however thank you for taking the time to apply. Ryder Reid Legal is a recruitment specialist. More ❯

availability using DataDog. Troubleshoot application, API, and infrastructure issues across multiple environments (mainly on Azure). Collaborate with development, DevOps, and product teams to resolve complex technical issues. Manage incident response and provide root cause analysis (RCA) for platform outages. Automate repetitive support tasks using scripting (Python, Bash, PowerShell). Maintain documentation of processes, troubleshooting steps, and known … enabling effective communication across international teams. Excellent problem-solving, analytical, and communication skills. Ability to work in a fast-paced, collaborative environment. Preferred Skills (Good to Have) ITIL or incident management framework knowledge. Experience with API troubleshooting and integrations. Exposure to databases (SQL/NoSQL). Security awareness (authentication, encryption, access control). Familiarity with Infrastructure as Code (Terraform More ❯

role, you’ll manage cyber risk , drive security governance , and embed a security-first culture across the organisation. You’ll also act as the key contact for information assurance, incident response, supplier security , and regulatory compliance . What you’ll do: Own and maintain the ISMS in line with ISO 27001 standards. Lead audits, risk assessments, and incident … experience managing an enterprise ISMS and ISO 27001 audits. Strong knowledge of cyber threats, cloud security (Azure, M365), and GDPR. Hands-on experience in vulnerability management, supplier assurance, and incident response. Excellent communication and stakeholder management skills. Benefits: Competitive salary with bonus scheme Very generous holiday allowance Hybrid working – 3 days per week in Reading Plus a great range More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

/mentor the team. Lead the implementation, optimisation, and management of cutting-edge security tools like CrowdStrike, Palo Alto, and Mimecast. Take ownership of our cyber defence posture from incident response and vulnerability management to WAFs, DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and help us on our journey to ISO 27001 certification. What You More ❯

Implement and support security controls, particularly within Azure cloud environments. Evaluate and deploy best-in-class application security tools. Mentor teams and deliver tailored security awareness programmes. Assist with incident response, security training, and supplier/client security assessments. What We’re Looking For Essential Skills & Experience: Proven experience in application security engineering. Strong knowledge of security tools More ❯

client’s Information Security programme with creativity and cost-effectiveness Manage a small, dedicated team and oversee budgets Develop and maintain security policies, standards, and procedures Drive risk assessments, incident response, and internal reporting Champion security awareness through training for all staff Recommend and implement cutting-edge security technologies Communicate security goals clearly across diverse teams What we More ❯

and evolve Terraform modules for automated, consistent, and version-controlled deployments. Security & Access Management: Administer Conditional Access Policies, manage application registrations, and enforce secure identity and access practices. Monitoring & Incident Response: Configure and manage tools like Azure Monitor and Log Analytics to proactively detect and resolve issues. Compliance & Documentation: Maintain accurate technical documentation and ensure adherence to security More ❯

risks are mitigated and compliance maintained. Support internal and external audits to meet frameworks such as Cyber Essentials Plus, ISO 27001, and CIS. Drive improvements in tooling, automation, and incident response processes. Collaborate across departments — from IT teams to engineers — embedding best practice in every area. Mentor colleagues and promote a culture of continual security improvement. Main Skills More ❯

with relevant standards including ISO 27001, NIST-CSF and Cyber Essentials Plus Lead on policies, controls and risk mitigation in collaboration with technical and operational teams Provide assurance over incident response capabilities and governance, ensuring effective escalation procedures Ensure compliance with all relevant regulatory requirements such as GDPR, NIS and the UK Data Protection Act Act as the More ❯

ll Do Cybersecurity Operations: Work alongside the security team to monitor, analyse, and respond to security incidents. You'll help investigate alerts and play a key role in our incident response process. Security Tooling: Use and manage security tools, with a focus on Data Loss Prevention (DLP) technologies. You will assist in configuring, tuning, and maintaining these tools More ❯