1 to 25 of 55 Remote Incident Response Jobs in the South East

Senior Cyber Incident Response InvestigatorFully UK RemoteDV Clearance or eligibility essential£80,000 + OT and On-Call earning £100,000+ Excellent opportunity for a candidate with Incident Response experience, DV Clearance or the ability to obtain it, and extensive experience with cyber forensic tools to join a business offering an entirely remote working position, the … key stakeholders within your client. This is a highly autonomous environment and you'll even set your own hours of work.The ideal candidate will have good experience within Cyber Response and have a wide range of experience with different cyber forensic tools. Candidates must be happy to travel to customer sites a few times a year, must be eligible … a wide and varied client base, remote working opportunities, and the chance to make a real difference to businesses across the UK and Europe! The Role: *Senior-Level Cyber Incident Response Investigator*Fully Remote*Helping businesses deal with real-time cyber-attacks remotely*Occasionally travelling to customer sites*£80,000 base + OT and On-all bumping total More ❯

leading Managed Security Services Provider (MSSP) . You’ll play a vital role in monitoring and analysing the global threat landscape, working closely with offensive cyber, detection engineering, and incident response teams to deliver actionable intelligence that protects our clients. ✨ What’s in it for you? Build expertise across multiple cyber domains — including offensive security, digital forensics, and … by delivering high-impact, actionable threat intelligence. 🔎 What you’ll be doing: Monitoring dark/deep web activity to identify threats, breaches, and IOCs. Performing OSINT investigations to support incident response, threat hunting, and attribution. Producing clear, actionable intelligence reports for technical and non-technical audiences. Collaborating with SOC, red team, and incident response functions. Analysing More ❯

leading Managed Security Services Provider (MSSP) . You’ll play a vital role in monitoring and analysing the global threat landscape, working closely with offensive cyber, detection engineering, and incident response teams to deliver actionable intelligence that protects our clients. ✨ What’s in it for you? Build expertise across multiple cyber domains — including offensive security, digital forensics, and … by delivering high-impact, actionable threat intelligence. 🔎 What you’ll be doing: Monitoring dark/deep web activity to identify threats, breaches, and IOCs. Performing OSINT investigations to support incident response, threat hunting, and attribution. Producing clear, actionable intelligence reports for technical and non-technical audiences. Collaborating with SOC, red team, and incident response functions. Analysing More ❯

Senior Incident Responder - SOC Analyst (L3) £71000 GBP Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Senior Incident Responder - SOC Analyst (L3) Location: UK-wide (hybrid/on-site as required) Salary: £71,000 + Bonus Clearance: Must be eligible for SC Clearance Our client is a global consulting and technology services firm, supporting public … and private sector organisations with complex digital and cyber transformation. They are building out their UK Security Practice and are seeking a Senior Incident Responder - SOC Analyst (L3) to lead investigations, manage escalations, and strengthen cyber resilience for mission-critical environments. The Role As a Senior Incident Responder, you'll be the escalation point for L1 and L2 … to containment and remediation. You'll drive root cause analysis, ensure runbooks and playbooks are followed, and directly engage with clients and delivery managers to provide expert guidance on incident handling. This is a hands-on technical leadership role that combines investigation, response, threat intelligence, and collaboration with stakeholders. You'll also support service improvement, tool optimisation, and More ❯

is a hands-on role where youll play a key part in strengthening the organisations cyber defence posture by collecting, analysing, and disseminating actionable intelligence. Youll work closely with incident response, security operations, vulnerability management, and leadership teams to anticipate threats, mitigate risks, and improve resilience. Key Responsibilities: Collect and analyse intelligence to address high-priority security requirements. … Produce and share actionable threat intelligence with stakeholders across security operations, incident response, and fraud prevention. Conduct dark web investigations and OSINT gathering to support requests for intelligence. Proactively identify internal and external threats, including insider threats, and escalate as appropriate. Support the running of a threat intelligence platform to structure and standardise cyber threat data. Write and … edge global security team. Your Profile: Strong background in technical investigations, OSINT, and dark web intelligence. At least 2 years of security experience, ideally with exposure to threat intelligence, incident detection, or response. Solid understanding of the threat intelligence lifecycle and common cyber threat groups. Strong analytical skills with the ability to turn complex data into actionable insights. Self More ❯

incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Location/WFH: You'll join the team in brand new Central London based offices three days a week with flexibility to work from … home the other two days. About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of More ❯

to our customers, employees, and clients. The Technology Operations Center provides assistance for the technology needs of employees. As the Senior Technology Operations Engineer you will support either the Incident Response Team or the Problem Management Team within the Technology Operations Center. You will manage and provide technology solutions for basic and complex issues for lines of business … and/or technology areas across the enterprise. As a Sr. Technology Operations Engineer you will work in a fast-paced environment and leverage your collaboration and incident correlation skills as well as your thorough understanding of operations of infrastructure technologies. Travelers Europe currently offers flexibility to employees who wish to work on a hybrid basis in accordance with … resolve of technological problems. Identify and tackle infrastructure root causes using the Root Cause Analysis (RCA) process. Remediate and improve resiliency of faulting systems. Improve troubleshooting documentation with the Incident Response Team. Provide input to develop and/or redesign solutions with partnership from application and engineering teams. Build, leverage, and maintain effective alliances across technical and business More ❯

to our customers, employees, and clients. The Technology Operations Center provides assistance for the technology needs of employees. As the Senior Technology Operations Engineer you will support either the Incident Response Team or the Problem Management Team within the Technology Operations Center. You will manage and provide technology solutions for basic and complex issues for lines of business … and/or technology areas across the enterprise. As a Sr. Technology Operations Engineer you will work in a fast-paced environment and leverage your collaboration and incident correlation skills as well as your thorough understanding of operations of infrastructure technologies. Travelers Europe currently offers flexibility to employees who wish to work on a hybrid basis in accordance with … resolve of technological problems. Identify and tackle infrastructure root causes using the Root Cause Analysis (RCA) process. Remediate and improve resiliency of faulting systems. Improve troubleshooting documentation with the Incident Response Team. Provide input to develop and/or redesign solutions with partnership from application and engineering teams. Build, leverage, and maintain effective alliances across technical and business More ❯

SOC Lead to take ownership of a high-performing Security Operations Centre working on critical defence and national security projects. You'll lead day-to-day SOC operations, drive incident response, and mentor analysts to strengthen detection and response capability against evolving threats. If you want to combine technical depth with leadership responsibility, this role offers both … for complex incidents and investigations Reviewing, tuning and enhancing detection rules, alerts and playbooks in SIEM/SOAR tools Providing mentorship and technical guidance to SOC analysts Driving post-incident reviews, root cause analysis and continuous improvement Conducting proactive threat hunting and supporting compliance/audit requirements Collaborating with wider IT/security teams to improve detection and response capability What you'll bring 3+ years' experience in a SOC or security operations role Strong knowledge of incident detection, response and threat analysis Hands-on experience with SIEM, SOAR and endpoint detection tools Excellent problem-solving, analytical and communication skills A degree in a relevant subject or equivalent experience Relevant certifications such as GCIA, GCIH, CEH More ❯

manage automated security tooling that prevents security issues before they occur Perform security-focused code reviews and support threat modelling exercises Champion cloud security principles across product engineering teams Incident Management & Monitoring: Lead incident response for security risks and issues raised by SOC teams Manage implementation of logging and SIEM integration for comprehensive monitoring Prioritise and oversee More ❯

in order to identify customer requirements. Ability to explain complex IT concepts to all levels of customer. Demonstrable ability to follow security operations, procedures, policies and activities. Experience managing incident response across an organization involving multiple business unit. A general understanding of data protection processes, policies and tools. Due to the volume of applications received for positions, it More ❯

cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incident response using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯

cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incident response using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯

cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incident response using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯

and stability of all IT systems and services. Key Responsibilities: Implement and enforce cybersecurity best practices (ISO 27001,CE+, CIS benchmarks), including endpoint protection, vulnerability scanning, penetration testing, and incident response planning. Ensure compliance with regulatory standards such as GDPR Ensure best security practice for Office 365, Exchange Online, and SharePoint administration. Administer firewalls, VPNs, and endpoint security More ❯

Records of Processing Activities (ROPA) using the One Trust privacy tool Support the handling of Data Subject Access Requests (DSARs) and ensure timely responses Help track data breach and incident reports, supporting incident response processes as needed Coordinate with internal teams to collect privacy-related documentation and evidence (e.g. Standard Operating Procedures) Assist with annual policy and More ❯

Records of Processing Activities (ROPA) using the One Trust privacy tool Support the handling of Data Subject Access Requests (DSARs) and ensure timely responses Help track data breach and incident reports, supporting incident response processes as needed Coordinate with internal teams to collect privacy-related documentation and evidence (e.g. Standard Operating Procedures) Assist with annual policy and More ❯

with day-to-day operations Managing Microsoft 365 security tools, firewalls, networks, Wi-Fi, and email security platforms Acting as the main contact for our outsourced SOC and overseeing incident response Running pen tests, vulnerability scans, and regular security assessments Owning governance, risk, and compliance activities (ISO 27001, Cyber Essentials) Delivering supplier risk assessments and secure onboarding processes More ❯

strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across the business. Actively contribute to incident response, security training, supplier reviews, and client security assurance Stay ahead of evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. More ❯

technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and More ❯

technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and More ❯

for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly situational reports. Collaborate with the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential More ❯

container, API, and web application security initiatives, including code reviews. Support threat modelling, vulnerability management, and penetration testing activities. Drive logging integration with SIEM tools, enabling SOC monitoring and incident response. Coach engineering teams on cloud security principles and manage audit-related actions. What You'll Bring Essential Skills: Deep expertise in Azure security controls and cloud-native security More ❯

and CyberArk vault management. Strong background in information security principles, access controls, and risk management. Proven ability to lead complex IAM projects and influence cross-functional stakeholders. Experience in incident response, decision-making under pressure, and stakeholder communication. Familiarity with regulatory frameworks and control environments (eg, ISO, NIST, GDPR). Preferred Qualifications CyberArk certifications (eg, Defender, Sentry, Guardian More ❯

performance of cloud services, delivering a seamless and high­ quality experience for end users. Take accountability of the on-call rota, ensuring appropriate coverage, managing participation, and leading rapid incident response to maintain service availability Continuously assess and improve team processes and procedures, fostering a culture of innovation and engineering excellence to optimise performance and minimise downtime. Act More ❯