1 to 25 of 123 Remote/Hybrid Incident Response Jobs in the UK

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible … collaborating with organisation stakeholders in developing, updating, and enhancing a comprehensive set of tactical and operational cyber incident response documents, including the Incident Response Plan, Communication Plan, Incident Response Playbooks, and Containment & Eradication procedures. This engagement is focused on delivering high-quality, actionable documentation ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

interface between customer stakeholders and a global Security Operations Centre, ensuring the smooth delivery of 24/7 security monitoring and incident response services. This is a senior leadership role responsible for overseeing SOC operations, coordinating offshore analysts, improving detection and response capabilities, and ensuring strong governance … daily SOC operations supporting a global 24×7 security monitoring capability Guide SOC analysts (L1–L3) and threat hunters to ensure efficient investigation and response Monitor operational performance and ensure adherence to SLAs and response timelines Drive continuous improvement across SOC processes, procedures, and workflows Incident Response ...

safeguarding our digital assets and ensuring the resilience of our information systems. You will contribute to a secure environment by applying your expertise in incident response, risk management, and security guidelines. Key Accountabilities: Vulnerability & Exposure Management Leading efforts to identify, prioritise, and track vulnerabilities across cloud … materials, and briefings to enhance security maturity Offering excellent customer service by supporting various business units through best-practice guidance and responsive problem-solving Incident Response & Assurance Leading and participating in incident investigations to identify root causes and implement effective solutions Providing expert consulting on secure design ...

modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into the Head … SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation - and will play ...

Remote - £70,000 - £95,000 + Bonus Opus is partnered with a major UK enterprise undergoing significant investment in its cyber defence and incident response capability. They are looking for highly experienced DFIR Specialists to join their growing security function. This role is fully remote within … suited to professionals who thrive in complex, large‐scale environments where digital forensics and incident response are critical to business resilience. Key Responsibilities Lead and support end‐to‐end incident response, from initial triage through containment, eradication, and recovery. Conduct digital forensic investigations across endpoints, servers ...

CYBER SECURITY OPERATIONS MANAGER - CHESTER (HYBRID) KEY POINTS Senior operational security leadership role Lead Security Operations, Incident Response & Vulnerability Management Hybrid working - minimum 2 days per week onsite in the Chester Area Competitive salary ABOUT THE CLIENT We're working with a well-established UK organisation recognised … responsible for leading the day-to-day operational security activities that protect the organisation's systems and data. You'll manage security monitoring, incident response, and vulnerability management processes, ensuring they remain effective, efficient, and aligned with industry best practice. A key part of the role will ...

Incident and Vulnerability Manager This role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part of a wider … intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities. Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPOs protection, detection, and response capabilities. if you have strong relevant expertise ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … daily operational activities and performance. Define and implement the strategy and operational roadmap for security monitoring, detection, and response. Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts during high-severity security events ...

build integrated, automated security workflows that support modern security operations. Key Responsibilities Define and own the ServiceNow SecOps architecture across modules including Security Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence, and Configuration Compliance . Design and deliver integrations between ServiceNow and cybersecurity tools such as SIEM … SOAR, EDR platforms, threat intelligence feeds, and CMDB. Collaborate with cybersecurity, IT operations, and engineering teams to design secure workflows for incident response, vulnerability management, and risk mitigation . Lead platform strategy and define the roadmap for ServiceNow SecOps capabilities across the organisation. Ensure solutions are scalable, secure ...

security environment. The successful consultant will play a key role in strengthening the organisation’s security operations capability, helping to modernise threat detection, automate response workflows, and improve visibility across the security ecosystem. Key Responsibilities Lead the implementation and configuration of Palo Alto XSIAM within an enterprise SOC environment … Design and optimise full-spectrum XDR capabilities, improving detection and response across endpoints, networks, and cloud workloads Integrate SIEM and security telemetry sources into XSIAM to create a unified security operations platform Develop and maintain automation workflows and playbooks to streamline incident response and reduce manual ...

This is an initial 6 month contract paying up to £600 per day Outside IR35. The role focuses on supporting security operations monitoring and incident response activities within a large enterprise environment. This role allows remote working with occasional travel to London when required. The successful SOC Analyst … cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams to improve detection capabilities Experience within financial services, fintech or other regulated environments would ...

energy assets, and millions of customers. Your responsibilities: (Up to 10, Avoid repetition) Design and own the architecture for ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence … platforms, and OT/ICS systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability and incident response. Shape the roadmap and best practices for our ServiceNow platform across multiple business units. Champion platform governance, scalability, reuse, and alignment with ServiceNow ...

transformation of our global Security Operations Center. Reporting to the Chief Security Officer, you will architect and scale a next-generation SOC advancing incident response, integrating cutting-edge threat intelligence, and strengthening the systems that protect and sustain our digital operations. This is an opportunity to build something … senior escalation point for complex security incidents and coordinate cross-functional responses. Threat and Vulnerability Management Integrate advanced threat intelligence into detection and response workflows to identify emerging threats proactively. Develop an automated, risk-based vulnerability management programme to reduce attack surface. Collaborate with intelligence-sharing communities to enhance ...

endpoint, email, identity, network, cloud and application layers. Manage and integrate a broad ecosystem of third-party cyber security platforms, including managed detection and response services, email security gateways, vulnerability management tools, privileged access management and threat intelligence services. Lead and support cyber security incident response activities … including investigation, containment, remediation and post incident review. Oversee security monitoring, alerting and response processes, working closely with managed service providers where applicable. Conduct and coordinate vulnerability assessment and remediation activities across infrastructure, endpoints, applications and cloud services. Support regulatory, client and internal audits (e.g. ISO 27001), including ...

centralised SRE model, you'll partner closely with product and engineering teams while maintaining horizontal responsibility for production health, resilience, and scalability.You'll lead incident response, define reliability standards, influence architectural decisions, and build automation that elevates deployment safety and operational efficiency. This is a hands-on, senior … risks and drive long-term preventative improvements* Define and refine SLIs, SLOs, and error budgets aligned to customer and business outcomes* Lead high-severity incident response, post-incident reviews, and remediation planningArchitecture & Resilience* Influence system architecture to improve scalability, availability, and failure isolation* Design multi-region ...

risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley, we’ve been … forefront of cyber insurance management and breach response activities for business clients in the US, UK, and Europe since 2017. As Beazley Security, the company will have an expanded scope, leveraging nearly two decades of cyber incident experience, a strong services division, and a business strategy focused ...

Join our leading consulting firm's Technology & Transformation practice as a Technical Incident Responder (permanent or FTC, hybrid working). Help clients manage cyber risks through proactive and reactive incident response, network forensics, and threat eviction within a UK Cyber team delivering cutting-edge resilience services. What … Lead cyber incident response engagements, supervising technical/non-technical teams and managing incidents. Perform network forensics to detect malicious activity using traffic analysis. Conduct forensic/memory analysis on Windows/Unix/Linux for host-based threats. Deliver proactive IR advisory, including response process creation ...

enterprise-wide security strategy, and ensure resilience across all technology environments during a time of rapid change. You'll oversee governance, architecture, operations, and incident response, while working closely with senior leadership to safeguard critical systems, data, and digital services. Acting as a trusted advisor, you'll translate … drive a global information security strategy aligned to organisational priorities and risk appetite. Lead multidisciplinary teams spanning governance, risk, compliance, architecture, operations, and incident response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat ...

/LLM tools , including Copilot, Azure OpenAI, and agentic systems-ensuring proper guardrails, risk assessments, and data protection. Participate in cloud monitoring, detection & incident response , working with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labeling, access control … governance controls using Microsoft Purview. Practically skilled in AI security , including risk identification, secure integration patterns, and AI governance models. Experience with cloud monitoring, incident response, SIEM/XDR operations. Ability to translate complex security risks into clear business language and actionable recommendations. Desirable Skills Experience with secure ...

client environments and act as a trusted security advisor. What you’ll be doing: Designing and implementing security solutions (firewalls, endpoint, cloud security) Leading incident response and remediation activities Conducting vulnerability assessments & penetration testing Implementing security monitoring, reporting & best practices Advising clients on Cyber Essentials, CE+, GDPR … similar environment Firewall experience (Palo Alto, Fortinet) EDR/endpoint protection (Microsoft Defender, Sophos, Bitdefender) Network & cloud security knowledge (Azure, AWS, VPNs, VLANs, DNS) Incident response & vulnerability management experience Cyber Essentials/CE+ knowledge or certification Confident communicator, comfortable in client-facing scenarios What’s on offer: Hybrid ...

environments Review and shape technical designs to ensure security patterns and principles are applied correctly Support and enhance core cyber processes including vulnerability management, incident response, monitoring, IAM, endpoint security and network protection Work closely with technology teams to embed security into change and project initiatives Assess risk … Strong knowledge of security architecture principles and secure design patterns Experience with Azure, Microsoft Defender, M365 security tooling and firewalls Understanding of vulnerability management, incident response, endpoint protection and identity & access management Familiarity with frameworks such as NIST, ISO27001, OWASP, MITRE, CIS Benchmarks Experience operating within a regulated ...

safeguarding of the organisation's information assets by identifying risks, monitoring security controls, and ensuring best-practice governance. The role also contributes to incident response, third-party oversight, and ongoing security improvements. It is a hybrid role with 40% working from home. You can choose to work … Perform due-diligence reviews of third-party suppliers and support ongoing monitoring of external security risks. Profile Experience in information security, risk assessment, and incident response within a regulated or structured environment. Familiarity with security monitoring tools, vulnerability management, and supporting audit activities. Understanding of security frameworks such ...

Implement monitoring, logging, and alerting using Azure Monitor, Application Insights, and Log Analytics Design and support identity and access management controls across environments Support incident response, recovery processes, and operational resilience Design backup and recovery strategies, ensuring RTO/RPO requirements are met Develop scripts and automation tools … Microsoft Fabric deployments Experience with identity and access management in Azure environments Understanding of backup and recovery design including RTO/RPO Experience supporting incident response and recovery Strong problem-solving and troubleshooting skills Experience working collaboratively with engineering teams, security teams, and third-party partners Working Style ...

approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures … risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring ...