1 to 25 of 29 Remote/Hybrid Incident Response Jobs in the South East

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible … collaborating with organisation stakeholders in developing, updating, and enhancing a comprehensive set of tactical and operational cyber incident response documents, including the Incident Response Plan, Communication Plan, Incident Response Playbooks, and Containment & Eradication procedures. This engagement is focused on delivering high-quality, actionable documentation ...

work will include proactive security monitoring across our hybrid cloud and on premises environment, triaging and investigating alerts, and supporting coordinated incident response activities. You will operate our vulnerability management processes, translate threat intelligence into actionable defences, and contribute to the improvement of detection content and security controls. … contribute to several high impact initiatives including: Establishing a more mature, risk based vulnerability management lifecycle and reducing exposure windows across critical systems Enhancing incident response readiness through improved playbooks, scenario testing, and lessons learned processes Uplifting monitoring coverage and the effectiveness of SIEM/EDR/ ...

This is an initial 6 month contract paying up to £600 per day Outside IR35. The role focuses on supporting security operations monitoring and incident response activities within a large enterprise environment. This role allows remote working with occasional travel to London when required. The successful SOC Analyst … cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams to improve detection capabilities Experience within financial services, fintech or other regulated environments would ...

centralised SRE model, you'll partner closely with product and engineering teams while maintaining horizontal responsibility for production health, resilience, and scalability.You'll lead incident response, define reliability standards, influence architectural decisions, and build automation that elevates deployment safety and operational efficiency. This is a hands-on, senior … risks and drive long-term preventative improvements* Define and refine SLIs, SLOs, and error budgets aligned to customer and business outcomes* Lead high-severity incident response, post-incident reviews, and remediation planningArchitecture & Resilience* Influence system architecture to improve scalability, availability, and failure isolation* Design multi-region ...

dashboards, alerts, and log data to identify suspicious or malicious activity. Alert Triage: Perform initial investigation and prioritisation of security alerts, escalating where necessary. Incident Response (L1): Assist in incident investigation, gather relevant evidence, and support escalation to senior analysts or IR teams. Threat Detection: Support detection … Exposure to SIEM tools (e.g., Sumo Logic, Microsoft Sentinel) Familiarity with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Basic understanding of: Security operations Incident response lifecycle Networking fundamentals (TCP/IP, DNS, etc.) Strong analytical and problem-solving skills Good communication skills (written and verbal) Ability ...

fast-paced, shift-based environment. Key Responsibilities Advanced Security Monitoring: Analyse SIEM alerts, logs, and security events to identify and respond to complex threats. Incident Response: Lead investigations, perform deep analysis, determine impact, and coordinate response activities. Threat Detection & Analysis: Develop and refine detection rules … experience with SIEM platforms (e.g., Microsoft Sentinel, Sumo Logic) Hands-on experience with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Solid understanding of: Incident response lifecycle Threat detection methodologies Networking protocols (TCP/IP, DNS, HTTP/S) Experience analysing logs from multiple sources (endpoints, network, cloud ...

develop their technical skills and gain deeper exposure to modern Microsoft security tooling. You’ll work alongside experienced cyber professionals investigating security alerts, supporting incident response, and helping improve detection capability across client environments. Responsibilities Monitor and investigate alerts within a SIEM environment Analyse logs and identify potential … security incidents Triage alerts and escalate incidents where required Assist with incident investigation and reporting Support the development and tuning of detection rules Collaborate with senior analysts and engineers on security operations Key Skills & Experience 1–2 years’ experience in a SOC Analyst or security monitoring role Experience working ...

Risk Management: Own and manage the security risk management program, including advanced risk assessments, vendor risk reviews, third-party due diligence, and mitigation planning. Incident Response & Improvement: Collaborate on incident coordination, response, root cause analysis, and driving continuous improvement initiatives. Stakeholder Communication: Deliver clear, data-driven ...

mitigation activities Oversee security architecture to ensure alignment with wider technology strategy Drive continuous improvement through security assessments, testing, and reporting Ensure effective incident detection, response, and recovery capabilities Lead vulnerability management and remediation across all technology environments Oversee third-party security testing, including penetration testing and phishing … delivering cyber security strategies Strong understanding of security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud and hybrid security environments Ability to communicate complex technical ...

Leading cyber risk management, governance forums and assurance activity across IT&D, ensuring risks are identified, assessed and clearly reported to senior stakeholders. Overseeing incident preparedness and live response, including coordination with suppliers, IT operations and information governance. Providing expert direction on security technologies, control effectiveness, logging/… technical) across IT&D, information governance and key suppliers Measurable improvements in vulnerability management, logging/monitoring coverage and supplier assurance Significant uplift in incident response maturity, including documentation of playbooks, interfaces and recovery expectations. This role is central to strengthening the resilience of essential public services. ...

escalation point across 1st, 2nd, and 3rd line support Managing and improving cloud platforms, SaaS tools, and network environments Leading troubleshooting and incident response for complex technical issues Overseeing onboarding/offboarding, device management, and access controls Driving automation and reducing manual processes Improving IT processes, documentation ...

where your expertise will directly influence how threats are detected and mitigated at scale. Relevant job titles: Threat Detection Engineer, Cyber Threat Engineer, Detection & Response Engineer, Security Detection Engineer Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role … Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer,Detection & Response Engineer,SIEM Engineer,Security Detection Engineer,Threat Hunting Engineer,Security Automation Engineer,SOC Engineer,Incident Response Engineer,Cloud Security Engineer,Network Security Engineer ...

where your expertise will directly influence how threats are detected and mitigated at scale. Relevant job titles: Threat Detection Engineer, Cyber Threat Engineer, Detection & Response Engineer, Security Detection Engineer Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role … Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer,Detection & Response Engineer,SIEM Engineer,Security Detection Engineer,Threat Hunting Engineer,Security Automation Engineer,SOC Engineer,Incident Response Engineer,Cloud Security Engineer,Network Security Engineer ...

wants to lead technology service operations and ensure consistent, reliable performance across systems and platforms? In this role, you'll take ownership of incident management, service governance, and operational excellence, helping to deliver a seamless technology experience across the organisation. What you'll do: Lead incident and problem … management, driving effective technical response and resolution. Manage SLAs, service performance dashboards, and continuous improvement initiatives. Oversee cyber security incident response and vulnerability remediation. Coordinate service desk triage and out-of-hours support coverage. Partner with key stakeholders across Product, Engineering, and Compliance to support audit readiness ...

seamless and high-quality experience for end users. Take accountability of the on-call rota , ensuring appropriate coverage, managing participation, and leading rapid incident response to maintain service availability. Continuously assess and improve team processes and procedures , fostering a culture of innovation and engineering excellence to optimise performance … team that consistently meets objectives and drives continuous improvement. Regularly conducts performance reporting and analysis , tracking key metrics such as system availability, uptime, and response times to inform decision-making and improvement initiatives. What you’ll need to succeed Essential: Experience in a leadership role , including mentoring, developing team ...

acting as a subject matter expert Advise and collaborate with stakeholders across the business on maintaining secure business systems Contribute to production support and incident response activities as required Maintain up-to-date product security documentation Desired Qualifications and Experience Degree in cybersecurity, computer science, engineering or related ...

logs to determine root cause. Monitor live production environments and proactively respond to performance degradation, monitoring alerts, and service disruptions. Participate in incident response and contribute to reducing Mean Time to Resolution (MTTR). Collaborate with development, operations, and infrastructure teams to implement scalable, reliable solutions. Design … Azure CLI, ARM/Bicep, Terraform, or similar). Experience with performance tuning, capacity planning, and resource optimization. Experience working in SLA-driven or incident-managed environments. Ability to work directly with end users of varying technical proficiency and translate technical issues into understandable terms. Experience leveraging AI-assisted ...

work closely with internal teams to make sure actions are completed Help strengthen cloud and endpoint security controls across the Microsoft environment Support incident response activity and security investigations Maintain and improve security configurations across Microsoft 365 and related platforms Contribute to identity and access management, including least ...

scripts and tools using Python to streamline development operational tasks. Implement and manage alerts automation using Datadog or similar monitoring tools to ensure proactive incident response. Deploy and manage containerised applications using Docker and orchestrate environments. Monitor system performance, identify bottlenecks, and implement solutions for high availability and scalability. ...

security and IT risk strategy Lead and develop a team of information security and technology risk specialists Oversee cyber security operations, including security tooling, incident response, and vulnerability management Maintain and manage the IT risk framework and risk register Ensure alignment with regulatory requirements and industry frameworks (e.g. ...

security and IT risk strategy Lead and develop a team of information security and technology risk specialists Oversee cyber security operations, including security tooling, incident response, and vulnerability management Maintain and manage the IT risk framework and risk register Ensure alignment with regulatory requirements and industry frameworks (e.g. ...

practice across all client systems. Key responsibilities: Design, implement, and maintain security solutions including firewalls, endpoint protection, and cloud security services Lead and support incident response, investigation, containment, and remediation Conduct vulnerability assessments and risk reviews, recommending and deploying improvements Implement and manage security monitoring and reporting tools ...

including Conditional Access and MFA Implement and maintain Privileged Identity Management (PIM/PAM) and secure access policies Conduct proactive threat hunting and support incident response activities Secure cloud applications and endpoints, ensuring alignment with security best practices Support eDiscovery, audit and data governance requirements using Microsoft Purview ...

observability tools Understanding of cloud cost management and resource optimisation principles Comfort with troubleshooting and supporting development teams Understanding of service reliability and incident response practices ** Please note that we are unfortunately unable to provide visa sponsorship for this position. Applicants must have the right to work ...

monitoring of complex systems. Key Responsibilities Monitor and maintain SOC tools, controls, and platforms Investigate, resolve, or escalate security incidents Support analysts with incident response and threat investigations Analyse logs and system data to improve detection and alerting Develop and maintain detection rules and SOC procedures Support integration ...