Incident Response Jobs in the UK

176 to 200 of 717 Incident Response Jobs in the UK

Cyber Security Advisory Director

London, United Kingdom
Hybrid / WFH Options
Control Risks
development: Identify and originate cyber risk management and technology resilience opportunities. Manage key client relationships, supported by account, sales, and marketing plans. Position our cyber threat intelligence, assurance, and incident response practices. Provide energetic consulting leadership in KSA, promoting Control Risks as a trusted advisor on cyber and technology risk, leading to increased long-term, programmatic work. Support More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Associate Director, Research and Computing Operations

Edinburgh, United Kingdom
Asklepios Biopharmaceutical Inc
audits Develop and maintain security compliance documentation Coordinate and respond to penetration testing activities Implement security recommendations and remediation plans Ensure infrastructure meets corporate security standards Participate in security incident response planning Business Continuity: Lead disaster recovery planning for scientific computing infrastructure Coordinate and execute DR testing Maintain DR documentation and procedures Develop and maintain business continuity plans … Technical: Infrastructure architecture and design Performance optimization Problem-solving and troubleshooting Security best practices Technical documentation Business & Management: Contract negotiation and management Budget planning and control Risk management Audit response and compliance Strategic planning Vendor management Cost-benefit analysis Interpersonal: Strong communication skills Stakeholder management Team collaboration Conflict resolution Customer service orientation Ability to bridge technical and scientific domains More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Cyber Assurance and Resilience Manager

Norwich, Norfolk, England, United Kingdom
Hybrid / WFH Options
Clarion
explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incident response, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯
Employment Type: Full-Time
Salary: £61,698 - £84,776 per annum
Posted:

Cyber Assurance and Resilience Manager

London, South East, England, United Kingdom
Hybrid / WFH Options
Clarion
explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incident response, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯
Employment Type: Full-Time
Salary: £61,698 - £84,776 per annum
Posted:

Cyber Assurance and Resilience Manager

Norwich, Norfolk, East Anglia, United Kingdom
Hybrid / WFH Options
Clarion Housing
explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incident response, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯
Employment Type: Permanent, Work From Home
Salary: £80,000
Posted:

IT Manager

London, United Kingdom
Hybrid / WFH Options
Jas Gujral
industry regulations and standards (e.g., GDPR, ISO 27001). Manage security systems, including firewalls, intrusion detection/prevention systems, and antivirus software, in collaboration with GT. Develop and test incident response plans and coordinate responses to security incidents and breaches. Raise cybersecurity awareness among bank employees through annual training/workshops. Other Duties Maintain professional and technical knowledge More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

SOC Analyst Waterstons

England, United Kingdom
CyberNorth
varied environment, sharing your knowledge and experience to support, coach and mentor your colleagues, then we want to hear from you. Day to day responsibilities Lead threat detection and incident response across modern security platforms Monitor and analyse alerts from EDR/XDR platforms, cloud services (M365, AWS, Azure), SIEM systems and more. Manage and optimise security tools More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

OT Cyber Security Consultant

City of London, London, United Kingdom
Integrity360
top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was More ❯
Posted:

OT Cyber Security Consultant

London Area, United Kingdom
Integrity360
top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was More ❯
Posted:

Security Architect

Birmingham, Staffordshire, United Kingdom
Hybrid / WFH Options
Michael Page (UK)
ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Security Architect

Birmingham, West Midlands, West Midlands (County), United Kingdom
Hybrid / WFH Options
Michael Page
ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯
Employment Type: Permanent
Salary: £41055 - £44415/annum
Posted:

Director Cybersecurity

United Kingdom
Genese Solution Limited
Internal Cybersecurity Program: Develop, implement, and oversee the organization's comprehensive cybersecurity strategy, policies, and procedures. Conduct regular risk assessments and vulnerability assessments to identify potential threats. Manage cybersecurity incident response and recovery plans. Ensure compliance with relevant industry regulations and standards. Build and maintain a strong security culture within the organization. Cybersecurity Product and Service Development: Identify More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Information Security Manager

London, United Kingdom
Hybrid / WFH Options
Onetrace
perspective, reducing risk during personnel changes. Partner with internal stakeholders to manage vendor selection and SaaS procurement, balancing usability, security and cost. Proactively monitor access controls, audit trails, and incident response procedures and lead or escalate where needed. Champion scalable solutions, including the use of AI or automation for security monitoring, access reviews and alerting. Governance and Process More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Chief Information Officer

London, United Kingdom
DfT Operator
Review and monitor DFTO entity and TOC cybersecurity protocols for robustness andcompliance with relevant regulations and industry standards in DFTO entity Work proactively to identify vulnerabilities and support Group incident response strategies. Develop IT Capacity within DFTO entity Build and enhance the IT capacity of DFTO at a corporate level, ensuring it can support and scale with the More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Cyber Security Lead

Sussex, United Kingdom
Clearwater People Solutions
Lead to join their organization. The Information Security Officer & Cyber Security Lead will have knowledge of ISO27001 & Cyber Essentials as well as hands-on technical knowledge of SIEM and incident response. Key Responsibilities for the Information Security Officer & Cyber Security Serve as a subject matter expert for information security, advising stakeholders on risks, controls, and security best practices. Support More ❯
Employment Type: Permanent
Salary: GBP 60,000 - 70,000 Annual
Posted:

Cyber Security Lead

Brighton, East Sussex, The City of Brighton and Hove, United Kingdom
Clearwater People Solutions
Lead to join their organization. The Information Security Officer & Cyber Security Lead will have knowledge of ISO27001 & Cyber Essentials as well as hands-on technical knowledge of SIEM and incident response. Key Responsibilities for the Information Security Officer & Cyber Security Serve as a subject matter expert for information security, advising stakeholders on risks, controls, and security best practices. Support More ❯
Employment Type: Permanent
Salary: £60000 - £70000/annum Plus Benefits
Posted:

Digital Forensics and Incident Response: Consultant

London, United Kingdom
Hybrid / WFH Options
Control Risks
re now seeking a Consultant to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, Incident Response, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . You will be expected to … be a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London office at least three days a week (hybrid) with … on-call rotations that may include weekends/evenings. Experience in digital forensics and incident response is essential. Responsibilities Provide forensic/incident response consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation teams across regions. Deliver high-quality, timely, and efficient results to clients. Ensure work is defensible and meets evidential More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Cyber Incident Response Lead

Nottingham, Nottinghamshire, East Midlands, United Kingdom
Hybrid / WFH Options
Experian Ltd
CFC) you will respond, contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Centre (CFC) according to Experian's Incident Response Plan. This team member will join a new, growing team of specialized, advanced responders to support escalations of complex or prioritized matters from Experian's existing 24x7 … security monitoring and response functions responsible for responding to and analysing security incidents involving threats targeting Experian information assets. These threats may include phishing, malware, network attacks, suspicious activity. Also, you will involve working with end-users, partners, technical support teams, and management to ensure remediation and recovery from these threats.?Use analytics & data collected from endpoints, environmental logging … schedule and expectation to participate in on-call schedule or work outside of normal work hours to manage cybersecurity incidents. You will report to the CFC Senior Director of Incident Management and Security Operations. Main Responsibilities include:- Conduct advanced incident response activities to investigate and contain complex and larger-scale cybersecurity matters (such as potential major severity More ❯
Employment Type: Permanent, Work From Home
Posted:

Senior Analyst, Cybersecurity Operations (Detection & Response)

London, United Kingdom
McDonald's Corporation
reporting to the Senior Manager of Security Operations. Responsibilities include managing security personnel, enforcing policies, promoting security awareness, and leading initiatives on Global Cyber Security (GCS) defensive measures and incident response. You will support daily security operations and incident response processes, responding to crises to mitigate cyber threats, employing mitigation, preparedness, response, and recovery strategies. You … will work within the Incident Response team, coordinating with other Cyber Operations teams to identify, report, and remediate security incidents, including triaging events, analyzing networks and endpoints, reverse engineering malware, threat hunting, and vulnerability management. You will develop and implement SOPs, playbooks, and processes to streamline monitoring and investigations, supporting GCS's cybersecurity operations and incident response programs. The ideal candidate should demonstrate leadership in supervising small teams, with expertise in cybersecurity practices, cloud technologies, detection and response frameworks, and incident handling (containment, eradication, recovery, lessons learned). They should adhere to established incident response procedures, possess strong attention to detail, and collaborate effectively across global teams. Requirements include: Experience in security More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Security Engineer: Detection and Response

London, United Kingdom
Hybrid / WFH Options
Menlo Ventures
have the potential to greatly benefit society. However, developing advanced AI also comes with risks if not properly safeguarded. That's why we are seeking an exceptional Detection and Response engineer that will be on the frontlines to build solutions to monitor for threats, rapidly investigate incidents, and coordinate response efforts with other teams. In this role, you … will have the opportunity to shape our security capabilities from the ground up alongside our world-class research and security teams. Responsibilities: Lead cybersecurity Incident Response efforts covering diverse domains from external attacks to insider threats involving all layers of Anthropic's technology stack. Develop and deploy novel tooling that may leverage Large Language Models to enhance detection … investigation, and response capabilities. Create and optimize detections, playbooks, and workflows to quickly identify and respond to potential incidents. Review Incident Response metrics and procedures and drive continuous improvement. Work cross-functionally with other security and engineering teams. Note: This position will require participation in an on-call rotation. You may be a good fit if you More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

SOC Analyst - Systems Integrator

London, United Kingdom
Hamilton Barnes Associates Limited
and incidents. Utilise SIEM tools (particularly Crowdstrike SIEM) to monitor and assess host, network, and identity data. Tune and reduce false positives, improving SIEM efficiency and alerting accuracy. Lead incident investigations across Windows, macOS, and Linux environments. Design and implement SOC runbooks, use cases, and alert rules to enhance incident response capabilities. Collaborate with stakeholders to conduct … hunts across host data, vulnerability data, network logs, Active Directory, and other sources. Coordinate timely security response efforts and document incident communications for both technical and management audiences. Work with vendors to develop and implement new SOC use cases. Skills/Must have: 5+ years' recent experience in a Tier 2 or Tier 3 SOC analyst role, ideally … within a government or critical infrastructure organisation. Deep experience with SIEM tools such as Crowdstrike, Splunk, and Microsoft Defender. Proven track record designing and implementing SOC use cases and incident response plans. Strong capability in data correlation across disparate sources. Demonstrated ability to develop effective alerting strategies and manage alert noise. Experience creating and using runbooks to conduct More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

OT Security Analyst

Scotland, United Kingdom
SR2 | Socially Responsible Recruitment | Certified B Corporation™
platforms that form part of UK national infrastructure. Role Overview This position will focus on monitoring, assessing, and strengthening OT cybersecurity posture. The successful candidate will contribute to detection, response, and prevention strategies across a diverse technology stack within a regulated environment. Key Responsibilities Monitor and manage OT security monitoring tools and technologies. Analyse threats, assess vulnerabilities, and prioritise … remediation efforts. Develop and execute incident response plans specific to OT systems. Identify and track vulnerabilities, working with internal teams for resolution. Support security assessments and coordinate OT-specific penetration testing. Assist in the development of OT-specific security policies and procedures. Ensure compliance with industry standards and regulatory frameworks, including IEC62443, NIS, CAF, OG86, and HSE. Apply … frameworks such as NIST, IEC62443, NIS Regulations, CAF, or SoGP. Understanding of threat intelligence, attack surfaces, and cyber kill chains relevant to OT. Proven experience in vulnerability management and incident response in OT contexts. Ability to manage stakeholder relationships and communicate technical risks effectively. A proactive approach to problem-solving and strong attention to detail. More ❯
Posted:

L3 SOC Analyst - Consultancy

Manchester, United Kingdom
Hamilton Barnes Associates Limited
seasoned SOC professional looking to make a tangible impact. Apply now to join a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune analytic rules, workbooks, and automation playbooks in Sentinel. … Perform deep-dive analysis of malware, phishing, and lateral movement techniques. Collaborate with engineering teams to optimise Microsoft security tool integrations. Maintain and enhance incident response procedures and documentation. Skills/Must have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with … Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. Experience working with SOAR platforms and building automated workflows. Benefits: View to Extension Salary: Up to £575 Per Day More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Cyber Security Analyst Microsoft Sentinel / SIEM

London, South East, England, United Kingdom
Salt Search
per week on-site and the remainder remote. You'll play a central role in monitoring, analysing, and improving the organisation's cyber security posture - particularly around SIEM and incident response, with a strong focus on Microsoft Sentinel. Key Responsibilities: Monitor security alerts and log data using Microsoft Sentinel and related SIEM tools Respond to security incidents, performing … experience in a cyber security analyst or SOC analyst role Strong hands-on knowledge of Microsoft Sentinel and broader SIEM technologies Solid understanding of threat detection, log analysis, and incident response workflows Experience working in a public sector or regulated environment is highly desirable Ability to clearly communicate security issues and provide actionable advice to stakeholders This is More ❯
Employment Type: Contractor
Rate: £400 per day
Posted:

SOAR Engineer/Analyst (Google SecOps)

City of London, London, England, United Kingdom
Gibbs Hybrid
SecOps) - Leeds/Remote - 12 Months Initial - Inside IR35 We are seeking a skilled SOAR Engineer/Analyst responsible for designing, developing, implementing, and maintaining automation playbooks to improve incident response efficiency within the Security Operations Centre utilizing Google SecOps Role Overview: Job Title: SOAR Engineer/Analyst (Google SecOps) Location: Leeds/Remote Contract Type: Contract Duration …/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python, PowerShell, or Bash. Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE ATT&CK. Strong problem-solving, critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g. More ❯
Employment Type: Contractor
Rate: £450 - £495 per day
Posted:
Incident Response
10th Percentile
£42,000
25th Percentile
£51,063
Median
£65,000
75th Percentile
£77,500
90th Percentile
£93,750