1 to 25 of 38 Remote/Hybrid Incident Response Jobs in the South East

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

enterprise clients.* Full-time, permanent role focused on securing client infrastructures across network, cloud, and endpoint environments.* Hands-on position covering security design, incident response, vulnerability management, and client consultancy.* Hybrid working model with strong benefits, development pathways, and exposure to complex, real-world security challenges.* To apply … Security Engineer, you'll play a key role in securing client IT environments by designing, implementing, and managing robust security solutions. You'll lead incident response activities, conduct vulnerability assessments, and proactively identify risks across network, cloud, and endpoint systems. You'll work directly with clients to understand ...

cloud environment. This is not a traditional SOC role focused on alert handling . The position sits at the senior technical level and combines incident leadership, detection engineering, threat hunting and automation. You’ll have genuine ownership of security operations maturity rather than working in a ticket-driven environment. … senior technical point of escalation within the SOC, leading complex investigations and driving continuous improvement across tooling, detection capability and response processes. Typical responsibilities include: Leading complex security incidents end-to-end including investigation, containment, forensics and root cause analysis. Designing, tuning and improving detection across SIEM ...

responsible for the leadership, governance and performance of Security Operations Centre capabilities supporting a secure defence programme. The role ensures effective monitoring, detection and response across classified environments, working closely with incident response and threat teams. Key Responsibilities Own SOC operating model, processes and performance management Ensure … effective monitoring and detection across secure environments Oversee SOC analysts, tooling and service providers where applicable Drive continuous improvement of detection use cases and response workflows Coordinate closely with incident response and vulnerability teams Provide senior-level reporting on security posture and operational effectiveness Ensure SOC activities ...

Clearance Hybrid work model OUTSIDE IR35 Job Requirements Spec: - end-to-end technical leadership, architecture, and delivery oversight of Network Detection & Response (NDR) and Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility … improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders to align technical designs with security strategy, operating models, and business needs. - definition of the target architecture for Darktrace NDR and Microsoft Defender ...

operational needs Translate SOC analyst pain points, workflows, and use cases into actionable product features and user stories Design and validate alert prioritization algorithms, incident triage workflows, and automated playbook logic based on operational experience Collaborate with product managers to shape product strategy, roadmap priorities, and feature definitions Conduct … experience as a SOC Analyst, Senior SOC Analyst, or SOC Team Lead Deep understanding of end-to-end SOC operations including alert triage, incident response, threat hunting, and case management Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack Strong knowledge of threat ...

leads the organisation's cyber security strategy, ensuring strong resilience, compliance, and protection of information assets. You will oversee operations, governance, risk management, and incident response while guiding a high-performing security & infrastructure team. Client Details Our client is a respected not-for-profit UK organisation with … regulatory requirements. Conduct security risk assessments, maintain governance frameworks, and ensure robust oversight. Set, enforce, and update security policies, standards, and technical controls. Lead incident response, including investigation, coordination, remediation, and reporting. Manage supplier assurance, third-party risk, and security obligations within contracts. Plan and support external audits ...

implementing technical protocols to owning security compliance to championing best security practice to the business. The Role Design and implement security solutions Contribute to Incident response and Disaster Recovery programs Partner with IT and wider business to align processes with best practice Ensure compliance with security policies, procedures … frameworks Lead and participate in incident response and disaster recovery programs Skills and Experience Strong knowledge of IT infrastructure and security tools Proven understanding of desktop and server operating systems Experience with SIEM, endpoint protection, identity management and cloud security tools Understanding of cloud security and compliance (CISSP ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

maintaining, and improving core security controls across network, cloud, and endpoint environments. You will play a key part in strengthening defensive capabilities and supporting incident response activities. You can work remotely but there are also multiple offices for the employees. Client Details A UK-based not for profit … modernising cyber security and cloud infrastructure. Description Manage and enhance security tooling including endpoint protection, content filtering, email security, and vulnerability scanning. Deliver technical incident analysis and response, supporting containment, remediation, and service improvement. Configure and support firewalls, networks, Microsoft security platforms, and cloud security controls. Conduct technical ...

maintaining, and improving core security controls across network, cloud, and endpoint environments. You will play a key part in strengthening defensive capabilities and supporting incident response activities. You can work remotely but there are also multiple offices for the employees. Client Details A UK-based not for profit … modernising cyber security and cloud infrastructure. Description Manage and enhance security tooling including endpoint protection, content filtering, email security, and vulnerability scanning. Deliver technical incident analysis and response, supporting containment, remediation, and service improvement. Configure and support firewalls, networks, Microsoft security platforms, and cloud security controls. Conduct technical ...

align IT priorities. Conduct regular service reviews and provide reporting ahead of key meetings, demonstrating performance against KPIs, SLAs and contractual obligations. Risk & Incident Management Develop and maintain risk management strategies to minimise service disruption. Lead incident response and ensure timely resolution, minimal business impact and clear ...

principles Risk management methodologies Experience working within cloud security shared responsibility models Working knowledge of Identity and Access Management (IAM) Experience supporting security monitoring, incident response, and investigations Strong communication skills with the ability to engage both technical and non-technical stakeholders Desirable/Preferred Experience Experience working ...

Support Security Teams Assist other Group Security teams by providing vulnerability-specific intelligence. Contribute to building a shared knowledge repository for all teams. 9. Incident Support Assist in analysing and resolving security incidents, focusing on vulnerability-related aspects. Use post-incident reviews to pre-empt vulnerabilities and improve … communication skills for reporting and stakeholder engagement. Ability to collaborate with cross-functional teams, including SOC, IT, and external vendors. Problem-Solving Experience in incident response and remediation strategies for vulnerabilities. Creative thinking for implementing counterintuitive solutions (e.g., gamification, predictive analytics). Leadership and Mentorship Proven ability ...

building a shared knowledge repository for all teams. 9.Incident Support oAssist in analysing and resolving security incidents, focusing on vulnerability-related aspects. oUse post-incident reviews to pre-empt vulnerabilities and improve resilience. Technical Expertise: oStrong understanding of vulnerability management processes, tools, and frameworks (e.g., Rapid7, Nessus, Qualys, OpenVAS … communication skills for reporting and stakeholder engagement. oAbility to collaborate with cross-functional teams, including SOC, IT, and external vendors. Problem-Solving: oExperience in incident response and remediation strategies for vulnerabilities. oCreative thinking for implementing counterintuitive solutions (e.g., gamification, predictive analytics). Leadership and Mentorship: oProven ability ...

internal teams to enhance system reliability, resilience, and security Manage hybrid networking, IAM, firewalls, and VPNs Participate in an on-call rota and support incident response when required Produce clear technical documentation and contribute to operational best practice Skills & Experience Required Essential: 5+ years experience in a DevOps ...

risk , drive security governance , and embed a security-first culture across the organisation. You'll also act as the key contact for information assurance, incident response, supplier security , and regulatory compliance . What you'll do: Own and maintain the ISMS in line with ISO 27001 standards. Lead … audits, risk assessments, and incident response. Oversee supplier assurance and security governance. Promote cyber awareness and staff training. Support ongoing compliance with GDPR and regulatory frameworks. What we're looking for: Proven experience managing an enterprise ISMS and ISO 27001 audits. Strong knowledge of cyber threats, cloud security (Azure ...

platform technologies, guiding architectural decisions and mentoring engineers. Evaluating and adopting new technologies to strengthen platform innovation and long-term scalability. Supporting governance, incident response, and strategic platform planning across hybrid environments. Main Skills Needed Proven background in platform engineering, DevOps, or infrastructure development. Hands-on experience with ...

Build and operate observability stacks (metrics, logging, tracing) Define and monitor SLOs/SLAs for latency, availability, and reliability Create runbooks, playbooks, and incident response processes for production systems Security & Best Practices Implement best practices around secrets management, access control, and network security Support secure, multi-tenant environments ...

Pharmaceuticals/Life Sciences Chemicals Soft Skills Strong stakeholder communication with engineering and plant teams Ability to work independently within isolated OT environments Calm, incident-response mindset focused on safety and uptime Preferred Qualifications Oracle OCP/OCM Microsoft Certified: Database Administrator Knowledge of IEC 62443, NIST ...

Cyber Security policies under the SIRO. Lead ISO 27001 recertification, internal audits, and remediation. Work with infrastructure/product teams on data security and incident handling. Oversee playbooks and ensure measurable risk reduction. Digital Clinical Safety Collaborate with IT, Clinical, Legal, HR, SIRO, and Caldicott Guardian. Maintain the Digital … Cyber Security policies under the SIRO. Lead ISO 27001 recertification, internal audits, and remediation. Work with infrastructure/product teams on data security and incident handling. Oversee playbooks and ensure measurable risk reduction. Digital Clinical Safety Collaborate with IT, Clinical, Legal, HR, SIRO, and Caldicott Guardian. Maintain the Digital ...

Enhancing observability using Prometheus, Grafana, and related monitoring stacks Implementing and running chaos engineering practices using tools such as Gremlin, Litmus, or similar Improving incident response, on-call processes, and overall platform resilience Collaborating with engineering teams to strengthen CI/CD pipelines and cloud-native architectures What ...

teams and service providers. Manage vendor selection and negotiate contracts for security services. Coordinate global cyber insurance policies and establish standardised security protocols. Lead incident response efforts for cyber events and oversee breach management. Stay informed on emerging cyber threats and provide actionable recommendations. Drive certification initiatives such ...