1 to 25 of 293 Incident Response Jobs in the UK

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible … collaborating with organisation stakeholders in developing, updating, and enhancing a comprehensive set of tactical and operational cyber incident response documents, including the Incident Response Plan, Communication Plan, Incident Response Playbooks, and Containment & Eradication procedures. This engagement is focused on delivering high-quality, actionable documentation ...

experience Are you early in your cyber career but ready to step into a client-facing, people-focused role where you can put your incident response skills to work, develop your GRC knowledge, and learn how organisations really build and run their security programmes? We're looking … relevant operational controls. Conducting maturity assessments, gap analyses, and producing prioritised action plans. Supporting and sometimes facilitating workshops, discovery sessions, stakeholder interviews, and incident response tabletop exercises. Producing clear, high-quality reports, summaries, and client-ready deliverables under gentle guidance. Assisting with policy development, risk processes, audit readiness ...

Incident Response Analyst – London (Hybrid) – Excellent Permanent Package – Financial Services We are looking for a skilled Incident Response Analyst to join our Security Operations team. This role focuses on responding to cyber security incidents while supporting proactive threat intelligence efforts. You will play a key part … posture through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools ...

Senior Security Engineer (Incident Response SIEM SOAR AWS) Remote UK to £115k Are you a tech savvy Senior Security Engineer with strong Incident Response experience? You could be progressing your career in a senior, hands-on Senior Security Engineer role as part of a friendly … strengthening EDR/XDR and DLP configurations, defining new automatic detections of security events in the SIEM, improving automatic security alerts triage and Incident Response playbooks, defining the runbooks to be used during Incident Response and leading the execution of Table Top Exercises (TTX) with different ...

Cyber Incident Response Manager is needed for a high-impact contract where cyber security isnt just talked about its actively evolving. Youll step into a critical role helping a financially regulated environment strengthen how it detects, responds to, and manages cyber threats. This is a hands-on leadership … frameworks, and operational governance A role where operational improvements you deliver will have immediate impact What youll be getting stuck into as a Cyber Incident Response Manager Leading day-to-day security operations while helping shape the SOC roadmap Overseeing cyber incident response, detection monitoring, triage ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

Title: Cyber Investigation and Forensic Response Manager/Senior Manager Location: UK Level: Manager & Senior Manager Salary: Competitive Salary & Package (Dependent on Experience) Travel: Expected travel across UK and EMEA Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years … fastest growing areas of the business with significant growth plans through additional recruitment and acquisitions. Our global Cyber Investigation and Forensic Response (CIFR) practice is rapidly expanding in order to uniquely deliver around the clock incident response services to our expanding portfolio of enterprise customers. The sheer ...

business opportunities. Managing and completing Requests for Proposals (RFPs) and Requests for Information (RFIs). Work closely with internal teams – including the Cybersecurity Incident Response Team (CSIRT) and Security Operations Center (SOC) teams – to scope and design managed security solutions that meet customer needs. Define technical requirements … architectures for services such as 24x7 SOC monitoring, incident response workflows, identity management solutions, cloud security (SASE), and threat protection services. Translate customer needs into detailed technical proposals, statements of work, and solution diagrams/documentation. Develop and validate pricing for proposed solutions. Work with internal finance ...

safeguarding our digital assets and ensuring the resilience of our information systems. You will contribute to a secure environment by applying your expertise in incident response, risk management, and security guidelines. Key Accountabilities: Vulnerability & Exposure Management Leading efforts to identify, prioritise, and track vulnerabilities across cloud … materials, and briefings to enhance security maturity Offering excellent customer service by supporting various business units through best-practice guidance and responsive problem-solving Incident Response & Assurance Leading and participating in incident investigations to identify root causes and implement effective solutions Providing expert consulting on secure design ...

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point … working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines ...

modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into the Head … SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation - and will play ...

Remote - £70,000 - £95,000 + Bonus Opus is partnered with a major UK enterprise undergoing significant investment in its cyber defence and incident response capability. They are looking for highly experienced DFIR Specialists to join their growing security function. This role is fully remote within … suited to professionals who thrive in complex, large‐scale environments where digital forensics and incident response are critical to business resilience. Key Responsibilities Lead and support end‐to‐end incident response, from initial triage through containment, eradication, and recovery. Conduct digital forensic investigations across endpoints, servers ...

CYBER SECURITY OPERATIONS MANAGER - CHESTER (HYBRID) KEY POINTS Senior operational security leadership role Lead Security Operations, Incident Response & Vulnerability Management Hybrid working - minimum 2 days per week onsite in the Chester Area Competitive salary ABOUT THE CLIENT We're working with a well-established UK organisation recognised … responsible for leading the day-to-day operational security activities that protect the organisation's systems and data. You'll manage security monitoring, incident response, and vulnerability management processes, ensuring they remain effective, efficient, and aligned with industry best practice. A key part of the role will ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … internal Security Operations team, overseeing daily operational activities and performance Define and implement the strategy and operational roadmap for security monitoring, detection, and response Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts ...

Incident and Vulnerability Manager This role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part of a wider … intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities. Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPOs protection, detection, and response capabilities. if you have strong relevant expertise ...

leadership role for someone who can strengthen security operations, improve service performance, and help shape a modern, resilient SOC capability. You'll work across incident response, detection, governance, and operational improvement, while partnering closely with internal teams and external security providers. My client is looking for someone … cyber defence operations in an enterprise environment, with strong experience across incident response, detection and response maturity, and MSSP oversight. Exposure to Microsoft Sentinel and the wider Microsoft security stack would be particularly relevant. You'll be joining an environment where cyber security is taken seriously, with ...

Remote | Contract (Inside IR35) | 6+ Months | Rate (TBC) We are seeking a Network Security SMEto support our client in strengthening their contain-to-eradicate incident response capability. This role is focused on enabling rapid, controlled network isolation and eradication during high-impact security and operational incidents … regulated environment. This is a hands-on senior role requiring proven experience in enterprise-scale containment and incident response within security-critical environments. It is a contract position (Inside IR35) which is intially 6 months but likely to extend. The rate ...

build the reliability, observability and infrastructure foundations that allow a fast-moving engineering team to ship safely. You’ll: Own production reliability, monitoring, alerting, incident response and post-incident learning Build and evolve the Infrastructure as Code (Terraform on GCP) Implement observability across the stack: metrics, logs … traces, dashboards Improve deployment pipelines and release processes Design secure-by-default infrastructure Shape the company’s incident response culture and processes Introduce tooling to monitor AI-native systems and non-deterministic agents You’ll be defining what “good” reliability looks like from day one. ⚙️ Tech Snapshot ...

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

Head of IT Security to build and lead a multi-disciplinary security function that protects the entire organisation. From setting strategy to refining incident response, your impact will be felt across the business. The Role As the Head of IT you will build and lead a multi-disciplinary … security function that protects the entire organisation. From setting strategy to refining incident response, you will strengthen how to defend, detect, and respond, and be a leader who's ready to take the security function to the next level. This is a role for a visionary, a builder ...

targeting. Drawing on deep experience in how datadriven products work, you'll guide teams through complex devicelevel data flows, assess realworld impacts, and lead incident response when risks surface. Alongside this, you'll help build and evolve a practical privacy toolkit-patterns, guardrails, and automated checks-that teams … with delivery teams - review technical designs, implementations, and onboarding of new tools, SDKs, vendors, and platforms, challenging approaches where privacy risks emerge. Lead privacy incident response - act as the onpoint SME during incidents, supporting rootcause analysis, impact assessment, and remediation. Raise capability across teams - coach engineers and product ...

energy assets, and millions of customers. Your responsibilities: (Up to 10, Avoid repetition) Design and own the architecture for ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence … platforms, and OT/ICS systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability and incident response. Shape the roadmap and best practices for our ServiceNow platform across multiple business units. Champion platform governance, scalability, reuse, and alignment with ServiceNow ...

transformation of our global Security Operations Center. Reporting to the Chief Security Officer, you will architect and scale a next-generation SOC advancing incident response, integrating cutting-edge threat intelligence, and strengthening the systems that protect and sustain our digital operations. This is an opportunity to build something … senior escalation point for complex security incidents and coordinate cross-functional responses. Threat and Vulnerability Management Integrate advanced threat intelligence into detection and response workflows to identify emerging threats proactively. Develop an automated, risk-based vulnerability management programme to reduce attack surface. Collaborate with intelligence-sharing communities to enhance ...