1 to 25 of 823 Incident Response Jobs in the UK

Incident Response Specialist – Permanent | Hybrid We’re partnering with one of the UK’s leading organisations in the search for an Incident Response Specialist to join their dedicated CSIRT (Computer Security Incident Response Team). In this critical role, you’ll fully own the … Incident Response lifecycle—from investigation and deep forensics through containment and eradication. You'll work in an environment that invests heavily in advanced security technologies and fosters a proactive approach to cyber resilience through war-gaming, tabletop exercises, and continuous improvement initiatives. Key Responsibilities: Lead investigations into complex … cyber incidents, conducting in-depth forensic analysis to determine root cause and eliminate threats. Maintain and improve incident response and forensic tooling, ensuring high operational readiness. Coordinate and manage responses to high-severity incidents, working cross-functionally to reduce impact and restore normal operations. Organise and lead tabletop More ❯

Incident Response Specialist – Permanent | Hybrid We’re partnering with one of the UK’s leading organisations in the search for an Incident Response Specialist to join their dedicated CSIRT (Computer Security Incident Response Team). In this critical role, you’ll fully own the … Incident Response lifecycle—from investigation and deep forensics through containment and eradication. You'll work in an environment that invests heavily in advanced security technologies and fosters a proactive approach to cyber resilience through war-gaming, tabletop exercises, and continuous improvement initiatives. Key Responsibilities: Lead investigations into complex … cyber incidents, conducting in-depth forensic analysis to determine root cause and eliminate threats. Maintain and improve incident response and forensic tooling, ensuring high operational readiness. Coordinate and manage responses to high-severity incidents, working cross-functionally to reduce impact and restore normal operations. Organise and lead tabletop More ❯

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

A leading Commerce firm is looking for an Incident Response Lead to join their Cyber Defence team. This crucial role will support the team in enhancing its detection capabilities and modernising the incident response (IR) process across the organisation. The Incident Response Lead will … be responsible for managing the entire IR lifecycle, from initial triage through to remediation. Key Responsibilities: Manage end-to-end incident response (IR) processes, ensuring swift and effective resolution of security incidents. Develop and maintain incident response playbooks and runbooks. Analyse incident reports and provide … actionable insights. Engage with and manage stakeholders throughout the incident lifecycle. Lead the threat-hunting process, using frameworks like MITRE ATT&CK to proactively identify potential threats. Ideal Candidate: Extensive experience in all aspects of Incident Response, with hands-on involvement in P1 and P2 incidents (mainly More ❯

firm, including the central operations of finance, information technology, marketing, risk, legal, operations and human resources. What You'll Do As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying … analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service … Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. * Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. * Conduct proactive threat hunting to detect and neutralize emerging More ❯

Incident Response/eDiscovery Manager – | London Law Firm | Up to £100k + Package | Flexible/Remote A top London law firm is expanding its Digital Forensics & eDiscovery team and looking for an Incident Response/eDiscovery Manager to take on a growing number of Incident Response projects . If you have experience with Canopy (or similar breach response tools) and are confident with Relativity , this could be a great opportunity! What You’ll Be Doing: Supporting forensic investigations and data collection Managing eDiscovery workflows (EDRM) using Relativity Leading and assisting with Incident Response cases, including data breach reviews Working with clients and internal teams on high-profile matters Using Canopy (or similar tools) for breach response and data analysis What They’re Looking For: Experience in Incident Response, eDiscovery & Digital Forensics Strong working knowledge of Relativity (certifications More ❯

Cyber Incident Response Coordinator Location: Brussels, Belgium - Hybrid (30% on-site presence required) Contract Duration 6 months - June – December 2025 (with possible extension) Outside IR35 €500 - €525 Euros a day About the role We are seeking an experienced and proactive cybersecurity professional with experience in Cyber Incident Response. Exciting opportunity to join a dynamic international environment supporting enterprise-wide cyber incident management and response coordination. This role offers a unique opportunity to contribute to critical cybersecurity functions within a multinational CSIRT. Key Responsibilities: Support enterprise-wide cybersecurity incident response efforts, ensuring effective … coordination and communication across all stakeholders. Track, monitor, and follow up on cyber incident response tasks, decisions, and lines of effort in collaboration with the Cyber Incident Task Force. Assist in the development, refinement, and implementation of policies, frameworks, and procedures related to cyber incident management. More ❯

IT Service Providers and business stakeholders across the company to implement and optimise cyber security operations capabilities. Responsibilities Accountable for managing the Cyber Security Response team and the quality of third party services and deliverables, reviewing performance, and driving continuous improvement. Take the lead management responsibility for all cyber … security event monitoring and incident response services received from all partner organisations with particular focus on the company’s Manage Security Service relationship (MSS). Proactively manage the search for cyber threats that may go undetected in our environment that have evaded our automated security tools and defences. … Accountable for Cyber Security incident response management including the establishment, maintenance and improvement of cyber security incident response plans, procedures, and playbooks. Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis (RCA) for security More ❯

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

all levels of the client organization, generating results that allow our clients to thrive. What You'll Do Position Overview As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying … analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG's global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service … Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Security Engineer, Incident Response , AWS Corporate Security Job ID: Amazon Corporate Services Pty Ltd AWS is looking for a passionate Security Engineer, Incident Response who can lead the response to security issues across the largest cloud provider in the world. You must thrive in high … pressure situations, and think like both an attacker and defender, while working through the entire incident response lifecycle. You'll be working in a global team environment where clear and accurate communication, documentation, and collaboration on security issues is critical. In this role you'll be conducting security … monitoring and response activities for the Amazon internal network. We value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, detection and hunting, and emergent security intelligence. We don't expect More ❯

Cybersecurity Incident Response Lead Location: Hybrid - must live in comutable distance to Glasgow city centre (maybe a requirement to be on-site in an office at short notice). Excellent Cybersecurity Incident Response Lead opportunity to join a leading UK bank who continue to expand their … Cyber Security capabilities. You will be a sharp, decisive, and highly experienced Cybersecurity Incident Response Specialist looking to join a high-performing Detect & Respond Operations Team. You will thrive working under pressure, excel at solving complex problems, and have a knack for identifying and neutralising threats before they … resilience. Provide clear, concise briefings and reports to senior leadership, offering insight into incidents, risks, and ongoing threat landscapes. 💡 Your background: Proven experience leading incident response operations and cybersecurity investigations. Deep understanding of cyber attack vectors, threat actors, and red team/blue team methodologies. Strong analytical skills More ❯

London, England, United Kingdom Corporate Functions Add to Favorites Incident Response Engineer - Threat Analysis Description Apple is seeking a security professional to join its Information Security Response Organization, as part of the Threat Analysis and Incident Response function. A successful candidate will possess a proven … technical background, relevant Information Security experience with a strong focus in the Incident Response lifecycle. You will work with a global team of security professionals on a follow-the-sun model with a primary focus on the identification, containment, and mitigation of security incidents. This role is an … will have the opportunity to work on technology and processes with global reach! Minimum Qualifications Extensive experience in Information Security with a focus on Incident Response, Security Engineering, and/or Intrusion Detection Proficient understanding of incident response automation strategies, with demonstrated ability to implement them More ❯

Senior Security Engineer - Detection & Response - EU/UK Remote, UK We are on the lookout for a UK-based Senior Security Engineer to join our Security Operations & Response Team. This role is pivotal in enhancing Marqeta's ability to detect and respond to threats. You will contribute to … the design, documentation, and implementation of a security detection engineering program, participate in on-call rotations and incident response efforts, and collaborate with various teams to assess detection gaps across Marqeta. This role offers the opportunity to directly impact the program through strong technical contributions. The role reports … Work with team leadership to define and report metrics related to detection capabilities and effectiveness Participate in a 24x7x365 on-call rotation for alert response Be an active responder as part of the Cybersecurity Incident Response Team during declared incidents Contribute to automation and orchestration playbooks to More ❯

to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating, and responding to security … Security Operations Team collaborates closely with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what … you'll do: As a Senior Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and More ❯

a continuous, living threat management system throughout the duration of the contract, rather than a single point-in-time assessment. We’re expanding our Incident Response team and looking for a Incident Response Analyst to join us in tackling some of the most challenging cybersecurity threats. … a critical role in reducing the impact of cyberattacks and enchanting our clients security posture to prevent future attacks. Key responsibilities include: Conducting initial incident assessments and contribute to Incident Response management. Participate in live Incident Response operations including digital forensics. Perform security assessments, threat … etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding of incident response following NIST 800-61 guidelines incorporating containment, eradication and recovery phases. Experience with digital forensics and investigations, including evidence collection and chain More ❯

Cyber Threat Incident Manager - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat division. This … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Cyber Threat Incident Manager - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat division. This … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions … Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively … in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection. Familiarity with security event log analysis, alerts management, and incident response workflows. Cybersecurity Frameworks & Compliance: Knowledge of Cyber Essentials Plus and ISO 27001 compliance requirements. Ability to help maintain and audit compliance for More ❯

on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions … Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively … in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection. Familiarity with security event log analysis, alerts management, and incident response workflows. Cybersecurity Frameworks & Compliance: Knowledge of Cyber Essentials Plus and ISO 27001 compliance requirements. Ability to help maintain and audit compliance for More ❯

our expanding teams. As an Information Security Engineer with a focus on development and automation, you will serve as the engineering backbone of the Incident Response team. Your expertise in development and automation will play a critical role in enhancing security operations and incident response capabilities. … and implement automated processes for containment and remediation of affected assets, IOCs, and TTPs. Design and maintain automated workflows for efficient and effective security incident response. Collaborate with cross-functional teams to automate security-related tasks and processes, enhancing overall efficiency and accuracy. Leverage automation frameworks and scripting languages … to streamline security operations and improve incident handling capabilities. Produce detailed incident reports and security recommendations using automated reporting and analysis tools. Hold stakeholders accountable for implementing automated remediation actions and monitor their effectiveness. Provide training and guidance on leveraging automation tools for streamlined incident response More ❯