1 to 25 of 176 Remote/Hybrid Incident Response Jobs in the UK

Incident Response Analyst Scottish Power HQ, Glasgow Flexible & Hybrid working pattern Negotiable rate, Inside IR35, PAYE and UMB options available Help us create a better future, quicker SP Energy Networks (SPEN) has kicked off an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations … deliver a cyber resilient business and the Incident Response Analyst is essential in achieving our goals. This role will be integrated into an active and ambitious global cyber security function, contributing to SPEN's cyber security purpose of delivering cyber resilient OT and IT, to enable a safe ...

Senior Cyber Incident Response Leader (Advisory & Consulting) 📍 UK-Wide (Multiple Office Locations) | 🏠 Hybrid Working | 💼 Permanent 🏢 Top Tier Big 4 Consultancy The Opportunity Cyber security is no longer optional, it’s a board-level priority. One of the world’s leading Big 4 consultancies is expanding its elite Cyber … practice and is looking for a senior Cyber Incident Response leader to drive both advisory and hands-on incident management engagements . You’ll join a high-performing team of 200+ cyber specialists, working with major global organisations to prepare for, respond to, and recover from sophisticated ...

Engineer Location: Knutsford/Hybrid 60% office-40% remote Duration: 30/11/2026 Role Description : We are seeking an experienced ServiceNow Security Incident Response (SIR) Engineer to design, implement, and optimise security incident response capabilities within the ServiceNow platform. This role will play … critical part in strengthening the organisation's cyber resilience by enabling effective detection, response, remediation, and reporting of security incidents across the enterprise. The ideal candidate will have strong hands-on experience with ServiceNow Security Operations (SecOps), particularly the SIR module, and will work closely with Cyber Security ...

week onsite Rate: up to £471.96 p/d Umbrella inside IR35 Role purpose/summary We are seeking an experienced ServiceNow Security Incident Response (SIR) Engineer to design, implement, and optimise security incident response capabilities within the ServiceNow platform. This role will play a critical … part in strengthening the organisation's cyber resilience by enabling effective detection, response, remediation, and reporting of security incidents across the enterprise. The ideal candidate will have strong hands-on experience with ServiceNow Security Operations (SecOps), particularly the SIR module, and will work closely with Cyber Security ...

Cyber Security Consultant (Cyber Incident Response Manager) - Inside IR35 - Remote with occasional travel to London or Gloucester - 3 Months initial contract with potential to extend. We're supporting a major, ZERO CARBON energy organisation at the forefront of building a secure and resilient energy future in the appointment … Cyber Incident Response Manager. This is a high-impact role focused on evolving and optimising an already established cyber incident management capability. You'll take ownership of the strategy, maturity, and continuous improvement of the organisation's incident response and crisis management function-ensuring ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Title Level 3 Security Analyst – Incident Response & Vulnerability Management Department Service Delivery/Security Reporting To Security Lead/Service Delivery Manager Operates under the direction of the Incident Manager during security incidents Location UK (Hybrid) Office in Cardiff 1-2 days per week, regular client site … travel. Working Pattern Monday to Friday with participation in the on-call Security and Major Incident rota as required Role Purpose The Level 3 Security Analyst is responsible for the technical investigation, containment, remediation, and resolution of IT security incidents and vulnerabilities across a complex, multi-site customer estate ...

supportive and collaborative environment with ongoing opportunities to develop your technical expertise and progress your career within cyber security. Key Responsibilities Security Monitoring & Incident Response Monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus. Investigate cyber security incidents … including malware infections, phishing attacks, identity compromise, and unauthorised access attempts. Conduct incident triage, root cause analysis, containment, remediation, and recovery activities. Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

CYBER RESILIENCE ANALYST – CHESTER (HYBRID) KEY POINTS • Opportunity to own and evolve enterprise-wide cyber resilience strategy • Strong focus on Business Continuity, Incident Response & Disaster Recovery • Exposure to Azure (ASR), VMware, and Microsoft security tooling • Hybrid working – minimum 2 days onsite ABOUT THE CLIENT We’re supporting … recover from cyber incidents. You’ll be responsible for designing, maintaining, and continuously improving Business Continuity Plans (BCP), Disaster Recovery (DR) frameworks, and Incident Response processes. This includes mapping critical systems, defining RTO/RPO requirements, and validating recovery strategies across cloud and on-prem environments. From ...

CYBER RESILIENCE ANALYST – CHESTER (HYBRID) KEY POINTS • Opportunity to own and evolve enterprise-wide cyber resilience strategy • Strong focus on Business Continuity, Incident Response & Disaster Recovery • Exposure to Azure (ASR), VMware, and Microsoft security tooling • Hybrid working – minimum 2 days onsite ABOUT THE CLIENT We’re supporting … recover from cyber incidents. You’ll be responsible for designing, maintaining, and continuously improving Business Continuity Plans (BCP), Disaster Recovery (DR) frameworks, and Incident Response processes. This includes mapping critical systems, defining RTO/RPO requirements, and validating recovery strategies across cloud and on-prem environments. From ...

lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance … manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do Support SOC Manager to deliver the followingSIEM … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...

evolve the position based on their strengths and expertise. The successful candidate will play a key role in strengthening security posture through SIEM ownership, incident response, and system hardening, directly contributing to Europe's technological sovereignty. The Role The IT Security Specialist will: Design, build, and operate … centralised SIEM platform to aggregate and analyse security logs across infrastructure, networks, and applications Own security log analysis, vulnerability management, and incident investigation, including defining baselines and developing alerting rules for critical events Lead incident response efforts, using log correlation and analysis to investigate and resolve security ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

strong security posture across mission-critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities of the Security Operations Shift Lead Lead investigations into escalated … security incidents, assessing attack vectors, scope, and business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium- and high-severity incident response activities, producing detailed ...

Trust's critical systems and information assets. You will be a senior technical specialistwith CISSP certification, workinghands-onacross: Cyber security architecture,implementation and monitoring. Incident response and operational cyber resilience. Vulnerability management and cyber risk reduction. Supporting compliance with NHS and national cyber security standards. The base … applications. Design, implement, and maintain technical security controls to protect systems, data, and system boundaries from cyber attack, malware, ransomware, and insider threats. Support incident response activities, including investigation, containment, remediation, and reporting of information security incidents and data breaches. Lead and support vulnerability management, working with Infrastructure ...

clients—from fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth … cyber threats across varied environments. You will support and mentor junior analysts, lead complex investigations, and contribute to the ongoing development of detection and response capabilities. This role is suited to a security professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership ...