1 to 25 of 312 Remote Incident Response Jobs in the UK

Senior Analyst, (Delivery Lead), Incident Response London We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the Incident Response Team. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some … Working in Cyber at S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we'd like to hear from you. Our Incident Response Delivery Leads are a critical part of our Cyber Security division's success. As a Delivery Lead on our team, you will deploy your incident response More ❯

Incident Response Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an Incident Response Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

Role: VP - Digital Forensics & Incident Response (DFIR) Manager Location: London (Hybrid working available) Salary: Up to £90,000 + benefits Sector: Cyber Security/Financial Services Overview A leading financial services organisation is seeking a VP-level DFIR Manager to lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role … focused on incident response, threat detection, and forensics within a complex, regulated environment. You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response … investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. Contribute to vulnerability management and remediation plans. More ❯

We have a new and exciting role available within our Cyber Security division in the U.K for an Incident Response Engagement Lead. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some of their toughest information security challenges. We've been able to … us. Working in Cyberat S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … If that sounds like your kind of team, we'd like to hear from you. The role We are looking for a German speaking consultant to join our Cyber Incident Response team as an Engagement Lead. A successful cyber response only happens when a group of technical experts works seamlessly with a team leader who can get More ❯

re now seeking a Consultant to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, Incident Response, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . You will be expected to … be a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London office at least three days a week (hybrid) with … on-call rotations that may include weekends/evenings. Experience in digital forensics and incident response is essential. Responsibilities Provide forensic/incident response consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation teams across regions. Deliver high-quality, timely, and efficient results to clients. Ensure work is defensible and meets evidential More ❯

We are looking for a seasoned, detail-oriented Security Incident Manager to join our security team. The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents. This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory … requirements.The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution. This individual will drive teams to ensure timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions. Your Impact Incident Response Leadership Lead … all phases of incident response, including detection, analysis, containment, eradication, recovery and communication. Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams. Ensure adherence to the organization's incident response framework and regulatory requirements. 2. Strategic Communication Serve as the main point of contact for incident updates to More ❯

how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on cutting-edge research and designed to drive change, resilience, and … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯

with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incident response playbooks, reviewing existing policy sets, documenting key BAU and incident response processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incident response playbooks Policy reviews Incident response If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯

with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incident response playbooks, reviewing existing policy sets, documenting key BAU and incident response processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incident response playbooks Policy reviews Incident response If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯

We are looking for aEngineering Manager, Security Operations to lead and scale security operations across Vercel's platform and enterprise security functions. This role will focus on operational resilience, incident response readiness, and fostering alignment across security and engineering teams. You will oversee threat detection, response processes, and security best practices, while guiding Security Operations Engineers to … For location-specific details, please connect with our recruiting team. What You Will Do: Lead and manage Security Operations for platform and enterprise security functions, ensuring effective detection and response capabilities. Develop and refine incident response protocols and threat detection processes, ensuring rapid and effective mitigation of security incidents. Own internal attack surface management, including SaaS security … and reduce operational overhead. Support compliance initiatives (PCI, SOC2, ISO) by ensuring audit readiness and security visibility across critical systems. About You: Extensive experience leading security operations functions, including incident response, threat detection, and security monitoring at scale. Strong technical expertise in SIEM, logging infrastructure, and cloud security (AWS, Kubernetes, serverless architectures). Proven leadership in mentoring and More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100/+44 204 520 2575 with the subject line: “Application Support Request”. Role: Cyber Incident Response Consultant Job Type: Permanent Location: Bradford , Hybrid (3 days On-site) Are you looking to leverage your skills in threat detection, response, and coordination? We have … an exciting opportunity for you - Cyber Incident Response Consultant! Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands … and thought leadership. Gain access to endless learning opportunities. Lead a team and their technical growth. Lead projects and inspire both colleagues and stakeholders. The Role As a Cyber Incident Response Consultant, you will be working with the existing security team to support the customer with monitoring alerts and threats received. You will also be responsible for front More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response. How will you make an impact? Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards, and risk management processes. Audit Preparation … audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute to analyzing cybersecurity … Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. Commitment to continuous learning and professional development in audit, compliance, and security. You will have an More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information risks for policing. It supports … the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security incidents within the NMC, along … with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident Response Planning, Cyber Incident More ❯

organised crime remains the biggest concern for digital leaders. Public services, councils and healthcare providers continue to be high-profile victims. This is driving demand for security operations specialists, incident response teams and forensic analysts. Supply chain risk is under the spotlight Breaches linked to third-party providers have exposed vulnerabilities beyond company walls. In response, organisations … evolving threats and advising on proactive measures. Typical salary: £50,000 to £85,000 Cybersecurity Analyst - A key all-rounder role, analysts monitor networks, investigate suspicious activity and support incident response efforts. They are often the first to identify and flag vulnerabilities. Typical salary: £45,000 to £70,000 We're also seeing new hybrid titles emerge, such … business. The Skills Employers Are Prioritising Employers are looking for more than technical knowledge, they're searching for people who can make a real impact. Core technical skills include: Incident response and threat hunting Identity and access management Zero Trust architecture Familiarity with UK regulatory standards and NCSC guidance Certifications often requested: CISSP, CISM, CISA CompTIA Security+ ISO More ❯

to hear from you. This is more than just a security role, it's a chance to: Contribute to the design and implementation of security controls, tools, monitoring, and incident response processes. Work with modern cloud technologies, especially Microsoft Azure, to secure scalable microservices and infrastructure. Help shape and implement security best practices, threat detection, and incident response strategies. What you'll be doing Designing and implementing security controls & tooling across our hybrid-based infrastructure, with a focus on Microsoft Azure. Monitoring and responding to threats using tools like SIEM and XDR, ensuring rapid detection and resolution of security incidents. Collaborating in an Agile environment with multiple teams to embed security best practices throughout the … business. Conducting regular vulnerability assessments, supporting patch management, and improving our overall security posture. Creating and maintaining clear, concise documentation for security processes, configurations, and incident response procedures. Participating in the Information Security on-call rota. What you'll bring: 2+ years of hands-on cybersecurity experience, with a focus on cloud environments such as Microsoft Azure. A More ❯

Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world’s most prestigious law firms is seeking a Senior Incident Response & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a key role in the operation and … enhancement of a 24/7 SOC , handling incident response and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement … Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal More ❯

and lead the global cyber security strategy. This is a high-impact, senior leadership role ideal for someone who combines strategic oversight with hands-on expertise across security operations, incident response, and governance. As the business continues to modernise its technology infrastructure, this role will be central to protecting digital assets and ensuring compliance with global security and … privacy standards. What You’ll Be Doing: Define and implement the cyber security strategy, policies, and controls across a multi-regional environment. Lead global security operations, including threat detection, incident response, and risk mitigation. Manage compliance with standards such as ISO27001, NIST, Cyber Essentials+, and GDPR. Build and develop a high-performing cyber team spanning multiple international offices. … Collaborate with senior leadership, risk committees, and external vendors to ensure alignment on cyber risk and mitigation. Own the incident response function, including planning, testing, and leading responses when required. Drive security awareness across the organisation with a measurable, well-governed training programme. What We’re Looking For: Minimum 5 years’ experience in a senior cyber security role More ❯

Location: United Kingdom 100% Remote? Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incident response Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What … You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security … MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to More ❯

Director of Cyber Security - NIST CSF, Risk Management, Incident Response - Dublin - £150,000 + 40% bonus A leading international gaming and entertainment company are searching for a Director of Cyber Security to drive their Group cyber security strategy and build resilience across their global operations. The Director of Cyber Security's responsibilities will be: Lead implementation of Group … implementing technology security policies and NIST CSF standards. Strengthen cyber governance and risk management, providing timely and accurate risk reporting to senior management and risk committees. Lead Security Monitoring & Incident Response teams, ensuring robust processes across critical business systems. Oversee Platforms & Services Security teams, ensuring assets comply with NIST CSF v2 and Group policies. Manage SEC reporting requirements … experienced cyber security leader looking to drive strategic transformation at a global entertainment company with operations across multiple markets? Please apply! Director of Cyber Security - NIST CSF, Risk Management, Incident Response - Dublin (mostly remote) - £150,000 + 40% bonus Burns Sheehan Ltd will consider applications based only on skills and ability and will not discriminate on any grounds. More ❯

security tools such as CSPM and CNAPP. In addition, you'll write scripts and build automation tools to streamline security activities, work cross-functionally to ensure effective monitoring and incident response, and collaborate closely with product teams to provide guidance and encourage adoption of security best practices. You'll also take part in an on-call rotation to … support timely and effective incident response when needed. What we're looking for Cloud engineering experience with security tooling and cloud workload protection Skilled in DevOps, AWS, Infrastructure as Code (Terraform), and scripting (Python, Bash) Knowledge of secure engineering standards (OWASP, CIS, NIST) and Agile/DevOps practices Experienced with CSPM, CNAPP, security incident response, and More ❯

get hands-on to address critical security challenges. You'll be a force-multiplier, collaborating across teams and leveraging your technical expertise to optimise our security posture, detection and response capabilities. If you have an interest in how security and counter-fraud controls can work together to better support robust financial services and safeguard customers, this will be a … end user environments: partner with IT teams to ensure the ongoing security and oversight of end user environments (e.g. access management, vulnerability management, data leakage, laptop security etc). Incident response: enhance incident detection and response capabilities, ensuring rapid and competent handling of security events, that comply with relevant regulatory requirements, e.g. e.g. ISO27001, PCI DSS … Cyber Kill Chain, Mitre Att&ck and D3FEND Proficiency in scripting and automation (Python, Terraform). Demonstrated ability to optimise security alerts, tune systems and reduce noise. Experience with incident response and management, with an understanding of regulatory requirements. Engineering-led mindset to drive automation, innovation and efficiency. Excellent communication and collaboration skills, with the ability to work More ❯

ServiceNow Technical Consultant - SecOps (SIR/VR) UK-Based Remote with Occasional Onsite Security Clearance Eligible Wrangu is seeking a Senior ServiceNow Technical Consultant with deep expertise in Security Incident Response (SIR) and/or Vulnerability Response (VR) to join our growing consultancy team. This role supports a UK-project, making UK residency and eligibility for UK … consulting, ideally in a client-facing services environment Hands-on configuration and scripting skills (e.g. JavaScript, Business Rules, UI Policies) Deep subject matter knowledge in SecOps, particularly in: Security Incident Response Vulnerability Response Strong communication skills, capable of engaging both technical and non-technical stakeholders Understanding of agile project delivery and client lifecycle management Ability to manage More ❯