1 to 25 of 296 Remote Incident Response Jobs in the UK

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

A leading Commerce firm is looking for an Incident Response Lead to join their Cyber Defence team. This crucial role will support the team in enhancing its detection capabilities and modernising the incident response (IR) process across the organisation. The Incident Response Lead will … be responsible for managing the entire IR lifecycle, from initial triage through to remediation. Key Responsibilities: Manage end-to-end incident response (IR) processes, ensuring swift and effective resolution of security incidents. Develop and maintain incident response playbooks and runbooks. Analyse incident reports and provide … actionable insights. Engage with and manage stakeholders throughout the incident lifecycle. Lead the threat-hunting process, using frameworks like MITRE ATT&CK to proactively identify potential threats. Ideal Candidate: Extensive experience in all aspects of Incident Response, with hands-on involvement in P1 and P2 incidents (mainly More ❯

Incident Response/eDiscovery Manager – | London Law Firm | Up to £100k + Package | Flexible/Remote A top London law firm is expanding its Digital Forensics & eDiscovery team and looking for an Incident Response/eDiscovery Manager to take on a growing number of Incident Response projects . If you have experience with Canopy (or similar breach response tools) and are confident with Relativity , this could be a great opportunity! What You’ll Be Doing: Supporting forensic investigations and data collection Managing eDiscovery workflows (EDRM) using Relativity Leading and assisting with Incident Response cases, including data breach reviews Working with clients and internal teams on high-profile matters Using Canopy (or similar tools) for breach response and data analysis What They’re Looking For: Experience in Incident Response, eDiscovery & Digital Forensics Strong working knowledge of Relativity (certifications More ❯

Cyber Incident Response Coordinator Location: Brussels, Belgium - Hybrid (30% on-site presence required) Contract Duration 6 months - June – December 2025 (with possible extension) Outside IR35 €500 - €525 Euros a day About the role We are seeking an experienced and proactive cybersecurity professional with experience in Cyber Incident Response. Exciting opportunity to join a dynamic international environment supporting enterprise-wide cyber incident management and response coordination. This role offers a unique opportunity to contribute to critical cybersecurity functions within a multinational CSIRT. Key Responsibilities: Support enterprise-wide cybersecurity incident response efforts, ensuring effective … coordination and communication across all stakeholders. Track, monitor, and follow up on cyber incident response tasks, decisions, and lines of effort in collaboration with the Cyber Incident Task Force. Assist in the development, refinement, and implementation of policies, frameworks, and procedures related to cyber incident management. More ❯

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Cybersecurity Incident Response Lead Location: Hybrid - must live in comutable distance to Glasgow city centre (maybe a requirement to be on-site in an office at short notice). Excellent Cybersecurity Incident Response Lead opportunity to join a leading UK bank who continue to expand their … Cyber Security capabilities. You will be a sharp, decisive, and highly experienced Cybersecurity Incident Response Specialist looking to join a high-performing Detect & Respond Operations Team. You will thrive working under pressure, excel at solving complex problems, and have a knack for identifying and neutralising threats before they … resilience. Provide clear, concise briefings and reports to senior leadership, offering insight into incidents, risks, and ongoing threat landscapes. 💡 Your background: Proven experience leading incident response operations and cybersecurity investigations. Deep understanding of cyber attack vectors, threat actors, and red team/blue team methodologies. Strong analytical skills More ❯

Senior Security Engineer - Detection & Response - EU/UK Remote, UK We are on the lookout for a UK-based Senior Security Engineer to join our Security Operations & Response Team. This role is pivotal in enhancing Marqeta's ability to detect and respond to threats. You will contribute to … the design, documentation, and implementation of a security detection engineering program, participate in on-call rotations and incident response efforts, and collaborate with various teams to assess detection gaps across Marqeta. This role offers the opportunity to directly impact the program through strong technical contributions. The role reports … Work with team leadership to define and report metrics related to detection capabilities and effectiveness Participate in a 24x7x365 on-call rotation for alert response Be an active responder as part of the Cybersecurity Incident Response Team during declared incidents Contribute to automation and orchestration playbooks to More ❯

Cyber Threat Incident Manager - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat division. This … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Cyber Threat Incident Manager - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat division. This … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions … Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively … in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection. Familiarity with security event log analysis, alerts management, and incident response workflows. Cybersecurity Frameworks & Compliance: Knowledge of Cyber Essentials Plus and ISO 27001 compliance requirements. Ability to help maintain and audit compliance for More ❯

on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions … Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively … in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection. Familiarity with security event log analysis, alerts management, and incident response workflows. Cybersecurity Frameworks & Compliance: Knowledge of Cyber Essentials Plus and ISO 27001 compliance requirements. Ability to help maintain and audit compliance for More ❯

the best that you can be within the Cyber world. To be successful in this role, you will need some experience/knowledge of incident response and digital forensics. Main responsibilities: Help manage and o-ordinate cyber security incidents Digital forensics of relevant incident data Maintain a … current view of the cyber threat advising clients on the threat landscape Help assess client incident response capability maturity Liaise with clients on delivery, implementation and sales issues Benefits: Flexible salary packages based off experience Hybrid working: 3 days a week Life Assurance – 4x salary Dental Insurance, Private … leave plus bank holidays – option to buy Education assistance Requirements: Understanding of the cyber security threat landscape Knowledge/experience of digital forensics and incident response Experience dealing with cyber security incidents Experience being part of an incident response team Eligible for security clearance For more More ❯

escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Centre (CFC) according to Experian's Incident Response Plan. This team member will join a new, growing team of specialized, advanced responders to support escalations of complex or prioritized matters … from Experian's existing 24x7 security monitoring and response functions responsible for responding to and analysing security incidents involving threats targeting Experian information assets. These threats may include phishing, malware, network attacks, suspicious activity. Also, you will involve working with end-users, partners, technical support teams, and management to … in on-call schedule or work outside of normal work hours to manage cybersecurity incidents. You will report to the CFC Senior Director of Incident Management and Security Operations. Main Responsibilities include:- Conduct advanced incident response activities to investigate and contain complex and larger-scale cybersecurity matters More ❯

of cybersecurity within the organisation. You'll help build and implement the SOC within IT operations, conduct daily operations of the internal SOC including incident monitoring, analysis, and response, implement SOC procedures and best practice to ensure efficient and effective incident response, and support major incident response efforts and lead on incident response efforts including containment, investigation, analysis, and reporting of security incidents. Your profile Experience as a SOC Analyst in an enterprise scale organisation; managing security operations incidents and events Hands-on knowledge and experience of security operations and incident response planning; Cellebrite, Magnet Domain Tools Knowledge of cybersecurity principles and frameworks; ISO27001, NIST, GDPR etc. Knowledge and experience with MS Sentinel, Cisco Meraki, MS Defender, Endpoint protection Knowledge and experience with SIEM, IDS/IPS, firewalls, endpoint protection systems, and vulnerability management Knowledge and experience analysing and More ❯

Join Centrica's IT Security Team as a Cyber Security Incident Response Manager! ?? Are you ready to drive the UK's energy transformation? Centrica is looking for a skilled Cyber Security Incident Response Manager to join our IT Security team. You'll handle cyber incident … investigations, e-Discovery, network forensics, and cyber breach inquiries. Location: Hybrid working with occasional travel to Windsor. Key Accountabilities: Carry out forensic analysis and incident response investigations Build and manage forensic and incident infrastructure. Lead cyber forensic investigations. Support weekly security operations calls. Oversee resilience planning and … and remediate vulnerabilities. Analyse security reports and manage alerts. Stay updated on security policies and regulations. Experience Required: Expert in Security Operations and Security Incident Response. Expert in cyber incident investigations, e-Discovery, network forensics, and cyber breach inquiries Proficiency in SIEM, SEM, and log monitoring. Scripting/ More ❯

Incident Response Analyst – Hybrid – Newport – Up to £55,000 CPS Group is currently working with a leading UK-based Critical National Infrastructure (CNI) organisation, supporting their search for an experienced Incident Response Analyst to join their growing Cyber Resilience Team. This is an exciting opportunity to … and determine if incidents have occurred. Contain and mitigate security incidents to prevent further impact. Work closely with IT and security teams to develop incident response strategies. Analyse incidents to identify root causes and recommend improvements. Contribute to the development of cyber security plans, policies, and training. 🧠 What … or similar cyber security role. Strong understanding of cyber threats, threat intelligence frameworks, and best practices. Excellent problem-solving and analytical skills. GIAC Certified Incident Handler (GCIH) or equivalent. Desirable: Degree in Cyber Security or a related field. Additional cyber security certifications. This role offers a unique chance to More ❯

mission. We all play a vital role in energising a greener, fairer future . Join Centrica\\\'s IT Security Team as a Cyber Security Incident Response Manager! Are you ready to drive the UK\\\'s energy transformation? Centrica is looking for a skilled Cyber Security Incident Response Manager to join our IT Security team. You\\\'ll handle cyber incident investigations, e-Discovery, network forensics, and cyber breach inquiries. Location: Hybrid working with occasional travel to Windsor. Key Accountabilities: Carry out forensic analysis and incident response investigations Build and manage forensic and incident … and remediate vulnerabilities. Analyse security reports and manage alerts. Stay updated on security policies and regulations. Experience Required: Expert in Security Operations and Security Incident Response. Expert in cyber incident investigations, e-Discovery, network forensics, and cyber breach inquiries Proficiency in SIEM, SEM, and log monitoring. Scripting/ More ❯

Job Title: SOC Lead Location: Hybrid (3 days in office ) About the Role We are seeking a highly skilled SOC Lead to oversee cyber incident response, threat intelligence, and vulnerability management for a leading organization. This role will act as a trusted advisor to senior leadership, ensuring a … structured and effective response to cyber incidents while driving improvements in incident management processes. Key Responsibilities Lead and coordinate responses to significant cyber incidents, ensuring effective and timely resolution. Act as a subject matter expert, advising senior leadership on business impacts and risk mitigation strategies. Develop and implement … cyber incident containment plans and remediation strategies. Oversee incident investigations, reporting, and documentation to drive continuous improvement. Collaborate with Threat Intelligence and Incident Response teams to monitor and respond to emerging threats. Ensure effective vulnerability management, prioritizing risks and coordinating remediation efforts. Provide regular technical and More ❯

with the best technology in a dynamic and advanced environment. The Opportunity We are looking for a industry experienced, highly motivated and self driven, Incident Response Specialist, someone who can rapidly address security incidents and threats as they appear with the ability to strategize and lead Incident … In This Role, You'll Get to: Perform end-to-end handling of all critical, high and medium cyber security incidents at Agoda. Drafting incident reports & communicating incident summaries to senior leadership, end users, legal teams Write playbooks for different types of cyber security incidents and use automation … to reduce MTTR time. Automating repetitive tasks of incident response using automation platforms and/or programming Optimizing existing security controls to finetune the alerts & reduce false positives Gather open source and commercial threat intelligence and perform hunting across the enterprise for undetected threats. Support the legal & regulatory More ❯

An exciting opportunity has arisen for a Cyber Security Incident Response Manager to join a leading Financial Services organisation based in Glasgow. This role plays a key part in safeguarding the organisation from cyber threats by identifying, responding to, and mitigating cybersecurity incidents. As part of the Cyber … Detect and Respond Operations Team , you will be instrumental in enhancing security operations, strengthening defences, and ensuring operational resilience. Key Responsibilities Lead real-time response to cyber threats, managing cybersecurity incidents and investigations through to resolution. Analyse security breaches, identify attack vectors, and ensure appropriate remediation actions are taken. … to improve cybersecurity measures and prevent future threats. Provide clear communication to senior management on cybersecurity risks and incidents. Drive continuous improvement through post-incident reviews and scenario testing. What They're Looking For Extensive experience in cybersecurity incident response and operational leadership within a Security Operations More ❯

Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with … APIs, and Case Management tools for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions More ❯

business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate … Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration … PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real More ❯

a pivotal role at the heart of a rapidly growing mobile-first payments solution organisation, where you can truly shape and affect how the incident response is delivered. You would be reporting to the Security Operations Lead (who reports to the Head of Security) and will be working … responsibilities You will be responsible for building the infrastructure of a new in-house SOC, all the way through to conducting precise and robust incident response against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work … on the SIEM detection content development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day-to-day security events. Key requirements Experience in deploying security related IaC projects at scale. Familiarity with SOAR and optimisation More ❯