1 to 25 of 257 Remote Incident Response Jobs in the UK

Overview We now have an exciting opportunity for an Associate Director to join our Digital Forensics and Incident Response (DFIR) team in London. As the senior member of the EMEA DFIR team with deep digital forensic experience, you will be integral to the wider EMEA practice, and in turn part of a global practice offering and influencing the … direction of our forensic technology and digital forensics incident response capability. The Discovery and Data Insights department is the hub of all technical consulting and you will provide digital forensics and incident response solutions for matters which involve cyber response investigations, digital forensic investigations, eDiscovery and data analytics. Our clients include law firms and Fortune … need to deploy the team and support crises. As the technical lead for engagements, you will provide direction to empower the team and provide quality assured, highly responsive forensic incident management. A significant portion of the role will require you to engage across the business to leverage technology consulting into all business development and go-to-market strategy. You More ❯

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … s network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will: Lead the response to escalated and high-severity cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and … enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform More ❯

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … s network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will: Lead the response to escalated and high-severity cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and … enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform More ❯

Senior Cyber Incident Response InvestigatorFully UK RemoteDV Clearance or eligibility essential£80,000 + OT and On-Call earning £100,000+ Excellent opportunity for a candidate with Incident Response experience, DV Clearance or the ability to obtain it, and extensive experience with cyber forensic tools to join a business offering an entirely remote working position, the … key stakeholders within your client. This is a highly autonomous environment and you'll even set your own hours of work.The ideal candidate will have good experience within Cyber Response and have a wide range of experience with different cyber forensic tools. Candidates must be happy to travel to customer sites a few times a year, must be eligible … a wide and varied client base, remote working opportunities, and the chance to make a real difference to businesses across the UK and Europe! The Role: *Senior-Level Cyber Incident Response Investigator*Fully Remote*Helping businesses deal with real-time cyber-attacks remotely*Occasionally travelling to customer sites*£80,000 base + OT and On-all bumping total More ❯

Senior Cyber Incident Response Investigator Fully UK Remote DV Clearance or eligibility essential £80,000 + OT and On-Call earning £100,000+ Excellent opportunity for a candidate with Incident Response experience, DV Clearance or the ability to obtain it, and extensive experience with cyber forensic tools to join a business offering an entirely remote working … stakeholders within your client. This is a highly autonomous environment and you'll even set your own hours of work. The ideal candidate will have good experience within Cyber Response and have a wide range of experience with different cyber forensic tools. Candidates must be happy to travel to customer sites a few times a year, must be eligible … a wide and varied client base, remote working opportunities, and the chance to make a real difference to businesses across the UK and Europe! The Role: *Senior-Level Cyber Incident Response Investigator *Fully Remote *Helping businesses deal with real-time cyber-attacks remotely *Occasionally travelling to customer sites *£80,000 base + OT and On-all bumping total More ❯

strategic and hands-on Security Operations Manager to fortify our defences, drive compliance, and lead proactive risk mitigation across the organisation. You’ll oversee Security Operations and Engineering, manage incident response, and collaborate with IT, legal, and compliance teams to embed a culture of security awareness. If you're passionate about protecting assets and reputation while leading with … and implementation of strategic security plans to enhance MIB’s security posture and resilience Operational Resilience Identify within Security Operations and support the business on our Operational Resilience efforts Incident Response Management : Lead and coordinate from a Security perspective incident response efforts, ensuring timely and effective resolution of security incidents Budget Management The Security Operations Manager … Engineering teams. This includes the ability to mentor and guide team members, fostering a collaborative and high-performance environment Experience in budget management and control Extensive experience in security incident response leadership. This includes coordinating and managing incident response efforts, ensuring timely and effective resolution of security incidents. Relevant advanced security qualifications such as CISSP, GIAC. More ❯

role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior … and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments … upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and More ❯

internal consultants, and third-party partners to design, build, deliver, and report on pre-defined and bespoke crisis simulation exercises. The successful candidate will have a strong understanding of incident response, business continuity, and crisis management processes, with excellent organisational and communication skills to manage multiple phases of delivery. Whats in it for you … Private healthcare buyback scheme Remote-first working model Nest pension scheme Vendor training and development budget What we're Looking For Proven experience delivering tabletop exercises, crisis simulations, or incident response exercises. Strong understanding of cybersecurity incident response, crisis management, and business continuity principles. Excellent written communication skills for creating scenario documentation and final reports. Strong … finance, utilities) is advantageous. Key Responsibilities 1. Scoping and Discovery Conduct initial discussions with clients to understand their organisational structure, security tooling, regulatory landscape, and key concerns. Review existing Incident Response (IR) and Business Continuity (BCP) documentation. Define exercise objectives, target audience (technical or managerial), and scope based on available time and maturity. Capture all key details and More ❯

internal consultants, and third-party partners to design, build, deliver, and report on pre-defined and bespoke crisis simulation exercises. The successful candidate will have a strong understanding of incident response, business continuity, and crisis management processes, with excellent organisational and communication skills to manage multiple phases of delivery. What’s in it for you … Private healthcare buyback scheme Remote-first working model Nest pension scheme Vendor training and development budget What we're Looking For Proven experience delivering tabletop exercises, crisis simulations, or incident response exercises. Strong understanding of cybersecurity incident response, crisis management, and business continuity principles. Excellent written communication skills for creating scenario documentation and final reports. Strong … finance, utilities) is advantageous. Key Responsibilities 1. Scoping and Discovery Conduct initial discussions with clients to understand their organisational structure, security tooling, regulatory landscape, and key concerns. Review existing Incident Response (IR) and Business Continuity (BCP) documentation. Define exercise objectives, target audience (technical or managerial), and scope based on available time and maturity. Capture all key details and More ❯

Principal Cyber Incident Response Investigator Fully UK Remote DV Clearance or eligibility essential 80,000 + OT and On-Call earning 100,000+ Excellent opportunity for a candidate with Incident Response experience, DV Clearance or the ability to obtain it, and extensive experience with forensic tools to join a business offering an entirely remote working position … key stakeholders within your client. This is a highly autonomous environment and youll even set your own hours of work. The ideal candidate will have good experience within Cyber Response and have a wide range of experience with different cyber forensic tools. Candidates must be happy to travel to customer sites a few times a year, must be eligible … a wide and varied client base, remote working opportunities, and the chance to make a real difference to businesses across the UK and Europe! The Role: *Senior-Level Cyber Incident Response Investigator *Fully Remote *Helping businesses deal with real-time cyber-attacks remotely *Occasionally travelling to customer sites *80,000 base + OT and On-all bumping total More ❯

Principal Cyber Incident Response Investigator Fully UK Remote DV Clearance or eligibility essential £80,000 + OT and On-Call earning £100,000+ Excellent opportunity for a candidate with Incident Response experience, DV Clearance or the ability to obtain it, and extensive experience with forensic tools to join a business offering an entirely remote working position … stakeholders within your client. This is a highly autonomous environment and you’ll even set your own hours of work. The ideal candidate will have good experience within Cyber Response and have a wide range of experience with different cyber forensic tools. Candidates must be happy to travel to customer sites a few times a year, must be eligible … a wide and varied client base, remote working opportunities, and the chance to make a real difference to businesses across the UK and Europe! The Role: *Senior-Level Cyber Incident Response Investigator *Fully Remote *Helping businesses deal with real-time cyber-attacks remotely *Occasionally travelling to customer sites *£80,000 base + OT and On-all bumping total More ❯

Senior Incident Responder (DFIR) 🚨 Location: Hybrid (UK-based) Job Type: Full-time Salary: Competitive + up to 20% annual bonus Are you a seasoned DFIR professional with a passion for digital forensics and incident response? Do you thrive in high-pressure environments and want to make a real impact in protecting one of the UK’s largest … retailers? If so, Tesco Technology wants you on our team. We’re looking for a Senior Incident Responder to join our cutting-edge Digital Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering … teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence More ❯

Senior Incident Responder (DFIR) 🚨 Location: Hybrid (UK-based) Job Type: Full-time Salary: Competitive + up to 20% annual bonus Are you a seasoned DFIR professional with a passion for digital forensics and incident response? Do you thrive in high-pressure environments and want to make a real impact in protecting one of the UK’s largest … retailers? If so, Tesco Technology wants you on our team. We’re looking for a Senior Incident Responder to join our cutting-edge Digital Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering … teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence More ❯

Senior Incident Responder (DFIR) 🚨 Location: Hybrid (UK-based) Job Type: Full-time Salary: Competitive + up to 20% annual bonus Are you a seasoned DFIR professional with a passion for digital forensics and incident response? Do you thrive in high-pressure environments and want to make a real impact in protecting one of the UK’s largest … retailers? If so, Tesco Technology wants you on our team. We’re looking for a Senior Incident Responder to join our cutting-edge Digital Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering … teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence More ❯

Senior Incident Responder (DFIR) 🚨 Location: Hybrid (UK-based) Job Type: Full-time Salary: Competitive + up to 20% annual bonus Are you a seasoned DFIR professional with a passion for digital forensics and incident response? Do you thrive in high-pressure environments and want to make a real impact in protecting one of the UK’s largest … retailers? If so, Tesco Technology wants you on our team. We’re looking for a Senior Incident Responder to join our cutting-edge Digital Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering … teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence More ❯

Senior Incident Responder (DFIR) 🚨 Location: Hybrid (UK-based) Job Type: Full-time Salary: Competitive + up to 20% annual bonus Are you a seasoned DFIR professional with a passion for digital forensics and incident response? Do you thrive in high-pressure environments and want to make a real impact in protecting one of the UK’s largest … retailers? If so, Tesco Technology wants you on our team. We’re looking for a Senior Incident Responder to join our cutting-edge Digital Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering … teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence More ❯

highly visible security operations function with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do: Support SOC Manager to deliver the following SIEM, IR tools platform management including … health checks Responsible for operational activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement of formal service catalogue, service … with Colt’s long term priorities and strategy. Develop and grow the talent and people capability within the security teams. What We're Looking For? 6+ years Information Security Incident Response experience with a focus on detection and response to malicious activity using log data from various sources preferred. Strong Networking and Systems experience, preferably in an More ❯

Senior Cyber Incident Response Investigator Fully UK Remote DV Clearance or eligibility essential £80,000 + OT and On-Call earning £100,000+ Excellent opportunity for a candidate with Incident Response experience, DV Clearance or the ability to obtain it, and extensive experience with cyber forensic tools to join a business offering an entirely remote working More ❯

Unit 42 Consulting Unit 42 Consulting is Palo Alto Networks' elite security advisory team. Our vision is to create a more secure digital world by delivering the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team comprises highly recognized experts and incident responders with deep technical expertise and extensive … experience in investigations, data breach response, digital forensics, and information security. With a proven track record of delivering mission-critical cybersecurity solutions, we work swiftly to provide effective incident response, attack readiness, and remediation plans, focusing on long-term support to enhance our clients’ security posture. Job Description Your Career Unit 42 is a dynamic, energetic, and … dynamic environments. Deep Cybersecurity Domain Mastery: At least 10 years of experience selling complex Security solutions or services, including a profound understanding and proven success in: Offensive Security Services Incident Response Retainers Risk Management Services SOC Assessment Services Threat Intelligence Services Channel Ecosystem Acumen: A profound understanding of global channel partners and a proven ability to strategically leverage More ❯

risks. ISMS Ownership Lead and maintain the Information Security Management System end-to-end. Certifications & Compliance Drive ISO 27001, Cyber Essentials Plus & SOC 2 readiness, certification, and ongoing compliance. Incident Response Leadership Build, refine, and lead incident response & security operations. Security Culture & Training Develop training programs and foster a culture of security-first thinking. Continuous Improvement … Type I & Type II readiness & audits Up-to-date security risk register & treatment plans Regular internal security audits & training completion metrics Security policies reviewed & refreshed annually (or post-incident) Why Youll Love It Here Remote-first flexibility with occasional in-person collaboration Purpose-driven mission improving healthcare & social care through digital transformation Learning culture stay ahead with the latest … results Were Looking For Someone Who Lives & breathes information security, governance, and cyber best practice Knows ISO 27001, Cyber Essentials Plus, and SOC 2 inside out Can design & deliver incident response, security ops, and security awareness programs that people actually use Is comfortable being the security point person across product, engineering, compliance, and leadership teams Wants to work More ❯

risks. 🌳 ISMS Ownership – Lead and maintain the Information Security Management System end-to-end. 🌳 Certifications & Compliance – Drive ISO 27001, Cyber Essentials Plus & SOC 2 readiness, certification, and ongoing compliance. 🌳 Incident Response Leadership – Build, refine, and lead incident response & security operations. 🌳 Security Culture & Training – Develop training programs and foster a culture of security-first thinking. 🌳 Continuous Improvement … Type I & Type II readiness & audits 🌳 Up-to-date security risk register & treatment plans 🌳 Regular internal security audits & training completion metrics 🌳 Security policies reviewed & refreshed annually (or post-incident) Why You’ll Love It Here 🌳 Remote-first flexibility with occasional in-person collaboration 🌳 Purpose-driven mission – improving healthcare & social care through digital transformation 🌳 Learning culture – stay ahead with the … We’re Looking For Someone Who 🌳 Lives & breathes information security, governance, and cyber best practice 🌳 Knows ISO 27001, Cyber Essentials Plus, and SOC 2 inside out 🌳 Can design & deliver incident response, security ops, and security awareness programs that people actually use 🌳 Is comfortable being the security point person across product, engineering, compliance, and leadership teams 🌳 Wants to work More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role is based on site for the first 3 months followed by a hybrid working arrangement. Key Responsibilities Develop More ❯

SOC Manager £75,000 - £85,000 + 15% bonus + £6k car allowance Warrington – Remote-first A leading global technology organisation is seeking a SOC Response & Threat Manager to lead their elite Tier 3 security team. As a SOC Response & Threat Manager, you will take ownership of complex security incidents, lead high-performing analysts, and shape the Cyber … Threat Intelligence capability. Working hands-on with cutting-edge tools, you'll orchestrate critical incidents while hunting sophisticated threat actors across enterprise environments. Key Experience: • Proven experience leading incident response operations and managing security analysts. • Deep expertise in digital forensics and incident response (DFIR). • Strong knowledge of threat hunting methodologies and adversary tactics. • Ability to … bonus + £6k car allowance • Generous pension with double-matched contributions • 25 days holiday plus bank holidays • Private medical insurance and flexible benefits To hear more about the SOC Incident Response & Threat Hunting Manager opportunity, get in touch with Connor Smyth at Anson McCade on 020 7780 6706. More ❯

lead and develop a team of security professionals, oversee the delivery and ongoing management of our security infrastructure, and act as the go-to technical expert in threat detection, incident response, and vulnerability management. Were looking for someone with strong leadership skills, a deep knowledge of the cyber security landscape, and a real passion for safeguarding digital assets. … and Data, helping to build strong cyber security awareness. Oversee day-to-day security operations, using tools like MDR, SIEM, endpoint protection, and firewalls to keep us protected. Lead incident response, creating and maintaining playbooks and ensuring quick, effective action during any breaches. Stay ahead of threats by managing vulnerabilities, coordinating penetration tests, applying patches, and analysing threat … record of leading and mentoring a team. Extensive experience with security technologies such as SIEM, firewalls, intrusion detection/prevention systems, and vulnerability scanning tools. In-depth knowledge of incident response procedures, threat hunting, and forensic investigation techniques. Strong understanding of networking protocols, operating systems, and cloud security principles. Qualifications Bachelor's degree in Computer Science, Information Security More ❯

customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner! The Cyber Security Incident Response Team (CSIRT), part of Counter Threat & Engineering (CT&E), responds to digital security threats and incidents globally from bp hubs in Houston, Sunbury, Kuala Lumpur, Pune, and … role is not eligible for relocation Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development More ❯