1 to 25 of 361 Incident Response Jobs in the UK

Principal Consultant - Incident Response Salary: Up to £85,000 + cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering proactive incident readiness engagements. You will work closely with organisations to strengthen their preparedness. This includes reviewing and developing incident response plans, facilitating tabletop exercises, running simulated attack scenarios ...

Incident Response Manager Hybrid We are partnering with a leading global financial services organisation to appoint a Incident Response Manager to join their high-profile Cyber Threat Centre (CTC). This is a critical leadership role at the forefront of defending against sophisticated cyber adversaries, including … nation states and organised criminal groups. As the central hub for Computer Network Operations, the CTC drives incident response, threat hunting, intelligence, and insider threat detection across the organisation. This role offers the opportunity to shape strategy, lead a globally distributed team, and work with cutting-edge technologies ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Cyber Incident Response Analyst London - Onsite 2/3 days a week ASAP Start - November 26 £300 per day - Inside of IR35 We are looking for a Cyber Incident Response Analyst to join a small, highly visible cyber security team and step in for an existing … another project for the next 6-9 months. This role sits on the "Respond" side of Cyber Security, focusing on end-to-end cyber incident management, stakeholder communications, and clear reporting. With increased workload driven by the client merger, this is a key role supporting the organisation's security ...

Title Level 3 Security Analyst – Incident Response & Vulnerability Management Department Service Delivery/Security Reporting To Security Lead/Service Delivery Manager Operates under the direction of the Incident Manager during security incidents Location UK (Hybrid) Office in Cardiff 1-2 days per week, regular client site … travel. Working Pattern Monday to Friday with participation in the on-call Security and Major Incident rota as required Role Purpose The Level 3 Security Analyst is responsible for the technical investigation, containment, remediation, and resolution of IT security incidents and vulnerabilities across a complex, multi-site customer estate ...

Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio. While you will lead and mentor a team, this is not a purely … schedules, handovers, and on-call rotations Act as the primary escalation point for security incidents and analyst queries Ensure high-quality triage, investigation, and response aligned to SOC processes Drive team development through training, coaching, and technical mentoring Ensure accurate and timely case management (HALO) and delivery against SLAs ...

lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance … manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … daily operational activities and performance. Define and implement the strategy and operational roadmap for security monitoring, detection, and response. Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts during high-severity security events ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

agreed service catalogue. You will integrate Threat Intelligence into core cyber security functions, including threat management, threat modelling, vulnerability management, and cyber incident response, supporting rapid response to emerging and zero-day threats. The role will also contribute to the ongoing maturation of the Threat Defence … provided. Essential Experience: Proven experience delivering a Threat Intelligence function and working closely with Information Security teams, including SOC, CIRT/CERT/CSIRC, incident response, and cyber defence operations. Demonstrable experience supporting the development and delivery of cyber defence strategies, including threat management, metrics, reporting, and intelligence ...

client relationship teams with security assurance materials and briefings Build and maintain trust with enterprise clients through transparency, responsiveness, and credible security governance Incident Response Own the group's incident response plan and ensure it is tested, maintained, and ready to activate Lead or co‐ordinate … response to security incidents, acting as the central point of communication to leadership and relevant stakeholders Conduct post‐incident reviews and drive learning back into policies and controls Risk & Governance Reporting Report regularly to the board Risk Committee on the current security posture, identified risks, and the programme ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do Support SOC Manager to deliver the followingSIEM … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...

such as QRadar, Microsoft Sentinel and LogRhythm, identifying and responding to threats, investigating and triaging incidents, and escalating where appropriate. You'll contribute to incident response activities, trend analysis, reporting, rule tuning and continual service improvement, while working within a structured incident response lifecycle. This … call requirement. What this role is and is not This role is: A hands-on SOC analyst position focused on live monitoring, investigation and response An onsite role within a 24/7 secure operations environment A role suited to individuals who enjoy operational security, teamwork and threat monitoring ...

threat landscape. This is a high-impact position where you'll lead the security operations function end-to-end, driving improvements across threat detection, incident response, and overall security posture within a complex, evolving environment. The Role You'll take ownership of security operations, ensuring the business … capability. Key responsibilities include: · Leading the day-to-day operations of the Security Operations function, including oversight of any outsourced SOC · Managing the full incident response lifecycle (detection through to recovery and post-incident review) · Overseeing threat detection, vulnerability management, and cyber defence capabilities · Driving improvements across ...

evolve the position based on their strengths and expertise. The successful candidate will play a key role in strengthening security posture through SIEM ownership, incident response, and system hardening, directly contributing to Europe's technological sovereignty. The Role The IT Security Specialist will: Design, build, and operate … centralised SIEM platform to aggregate and analyse security logs across infrastructure, networks, and applications Own security log analysis, vulnerability management, and incident investigation, including defining baselines and developing alerting rules for critical events Lead incident response efforts, using log correlation and analysis to investigate and resolve security ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

business performance. Based in Hertfordshire (hybrid), you'll lead end-to-end service management across IT, logistics, fulfilment, and customer operations - owning major incident response, service performance, and continuous improvement at scale. Key responsibilities Lead end-to-end IT service management (incident, problem, change, release, configuration) aligned … ITIL 4 Own major incident management (P1/P2), acting as the senior escalation point with clear executive communication Drive root cause analysis and continuous improvement using service metrics (MTTR, trends, backlog) Oversee IT service delivery, 24/7 support operations, and ITSM tooling Coordinate cyber incident response ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

Lead SOC Analyst, the position will act as the escalation point for complex security incidents, driving investigations, guiding junior analysts, and ensuring effective response and remediation across critical systems. Whats on Offer Salary: £55,000 £65,000 25% shift allowance on top of base salary Structured shift pattern … days and nights (3 days on/4 days off rotation) Exposure to highly secure, cutting-edge infrastructure environments Opportunity to work on advanced incident response and threat analysis Career progression within a specialist cyber security function What You Need To be successful in this role, candidates should ...