1 to 25 of 148 Remote Incident Response Jobs in the UK

Stevenage The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

20th January Main duties of the job The role combines governance, assurance and hands-on leadership of proactive and preventative tactics, threat intelligence, incident response, vulnerability management, strategy and cultural change to build cyber resilience across the Integrated Care System (ICS They will have a proven track record … within the NHS or wider public sector. They will possess deep technical and governance expertise across areas such as threat detection, vulnerability management and incident response, with the ability to translate complex technical risk into clear, articulate, actionable information for senior executives and boards with assurance and confidence. ...

team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What … professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios ...

team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What … professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios ...

primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document … infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams ...

primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document … infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams ...

firms risk appetite, client expectations and legal and regulatory changes and attitudes Manage and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal … regulatory reporting, client and individual notifications and reputation management. Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide To support the CPO and CISO in the formulation and delivery of the firms cyber and incident response ...

Lead Cybersecurity Incident Responder - IR, Cyber, Salary: Competitive, based on experience + benefits Location: London/Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond … innovate, and make a real impact. Who We're Looking For We are seeking a highly experienced cybersecurity professional with a strong background in incident response and advanced security operations. Essential experience and skills: * Extensive hands-on experience in Incident Response (IR), SOC, MSSP, CSIRT ...

networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall … hours coverage if needed. What we're looking for Solid experience, ideally 3+ years working in a SOC or security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. Job description: Support SOC Manager to deliver the followingSIEM, IR tools platform … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do: Support SOC Manager to deliver the following SIEM … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...

getting organised ahead of their anticipated growth. We’re focused on finding them a Security Operations (SecOps) Manager to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes line management of two team members who support IT operations … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct ...

getting organised ahead of their anticipated growth. We’re focused on finding them a Security Operations (SecOps) Manager to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes line management of two team members who support IT operations … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct ...

Role: Agentic AI for Security & Sentinel Advanced Capabilities Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft Sentinel Model Context Protocol … advanced context-aware analytics and automation. Develop and maintain security analytics and data pipelines within Sentinel Data Lake to support large-scale threat detection, incident response, and threat hunting, while optimizing cost and enabling Agentic AI-driven security operations. Integrate and automate security workflows using Microsoft Sentinel Graph ...

. This is a great opportunity to join a forward-thinking security operations team , where you’ll have hands-on ownership across threat detection, incident response, and overall security posture , alongside a competitive salary, strong benefits, and clear long-term development opportunities . The role offers flexible, hybrid … networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall ...

social engineering assessments and physical security testing Produce detailed scoping documents and executive-level penetration testing reports aligned with CREST and NCSC standards Lead incident response investigations and digital forensic analysis when required Work independently on client-facing assessments whilst collaborating with senior consultants and team leaders Maintain … Certified Testers, and forensic specialists delivers: Penetration Testing & Security Audits : Infrastructure, application, and mobile assessments Compliance Advisory : PCI DSS, GDPR, ISO27001 implementations and certifications Incident Response & Forensics : 24/7 emergency response and digital evidence analysis Specialist Services : SCADA testing, social engineering, business continuity planning Based ...

posture, protect critical infrastructure, and reduce risk across a diverse and complex environment. Youll take ownership of real security challenges threat monitoring, vulnerability management, incident response, and continuous hardening of systems while helping shape a maturing cyber function. This is hands-on, meaningful engineering work within a team … growing and being taken seriously at board level. Key Responsibilities Threat Detection & Monitoring: Actively identify and analyse emerging risks across networks, applications and infrastructure. Incident Response: Support the creation, improvement and execution of response processes, ensuring swift containment and minimisation of impact. Security Assessments: Conduct regular audits ...

Windows Server infrastructure, including patching and hardening. Conduct regular security assessments, vulnerability remediation, and participate in audits. Develop and maintain technical documentation, runbooks, and incident response procedures. Collaborate with IT, Security, and business teams to deliver secure, scalable solutions. Integrate security best practices into DevOps and cloud automation … emerging threats, vulnerabilities, and technology trends. Key Experience Required Proven expertise in Azure security engineering and Windows Server administration. Strong background in security operations, incident response, and monitoring. Skilled in Microsoft security tools (M365 Purview, DLP) and automation (PowerShell, Azure CLI). Knowledge of identity and access management ...

role in protecting a large-scale, high-availability environment, acting as an escalation point for complex security incidents. Your day will include: Leading incident response activities: investigating alerts, conducting threat hunting, and managing escalations. Tuning and configuring Splunk SIEM to reduce false positives and enhance detection accuracy. Handling … malware analysis, forensic reviews and sensitive internal cases. Correlating logs across multiple systems and using threat intelligence to strengthen detection capabilities. Producing clear, concise incident reports for senior stakeholders, including non-technical audiences. Supporting junior analysts with guidance, best practice coaching and career development (no formal line management). ...

manage Infrastructure-as-Code (Terraform). Develop and enhance deployment automation and environment consistency. Maintain and optimise monitoring, alerting and logging. Support operational reliability: incident response, environment stability, and performance improvements. Lead cloud cost optimisation and usage reporting. Contribute to DevOps strategy, tooling, and roadmap. Cloud, IT Operations … external suppliers responsible for: Software, cloud integration, and identity services Physical server hardware, monitoring, connectivity, and onsite infrastructure Ensure uptime, maintenance scheduling, upgrades, and incident response are clearly managed and communicated. Escalate performance or stability issues and track them through to resolution. Support planning for future on-prem ...

cyber-resilience strategy and protect the systems and data that support essential public services. This is a key leadership role overseeing cyber security governance, incident response, regulatory compliance (PSN, PCI-DSS, Cyber Essentials Plus), and the secure operation of cloud and hybrid environments. Youll work closely with senior … design across all ICT services. What youll do: Lead the local authoritys cyber security framework, policies, and standards Own vulnerability management, security monitoring, and incident response Ensure compliance with NCSC, PSN, PCI-DSS, GDPR and other national frameworks Manage SIEM, Microsoft security tooling (Sentinel/Defender/ ...

operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with … governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness ...

security operations. This is a hands-on, strategic position within the Technical Operations team, where you’ll set the direction for security practices, guide incident response, and support the growth of the wider team. Your responsibilities: Lead on security incidents, managing investigations through to resolution Design, implement … maintain robust security controls across infrastructure and applications Drive the creation and execution of incident response plans, ensuring continuous improvements Integrate security practices seamlessly into the DevOps pipeline Manage and optimise monitoring tools to provide real-time threat visibility Carry out regular threat and vulnerability assessments, applying effective ...

/OT environments is a must* I'm partnering with a well-established organisation looking for a Senior Security Analyst to take ownership of incident response within an operational technology environment. Acting as the senior escalation point for security incidents, you'll shape detection, response playbooks … autonomously, with a strong understanding of how warehouses operate and how security needs to align with operational processes. Key focus areas: Lead senior-level Incident Response (SIEM/SOAR) Act as escalation point for complex incidents Shape OT-aligned security controls and playbooks Collaborate closely with warehouse ...