176 to 200 of 588 Incident Response Jobs in the UK

alerts and incidents across cloud and on-prem environments. Perform threat hunting and analysis using SIEM, EDR, and other security tools. Collaborate with internal teams to improve detection and response capabilities. Support incident response activities and contribute to post-incident reviews. Maintain and tune security monitoring systems to ensure optimal performance. What We're Looking For … 3+ years of experience in a SOC or similar security operations role. Strong understanding of security principles, threat landscapes, and incident response. Hands-on experience with SIEM platforms (e.g., Splunk, SentinelOne, Chronicle, etc.). Familiarity with cloud environments (AWS, Azure, GCP) and container security. Excellent analytical and communication skills. Why Join? Work with a globally recognised cyber security leader. More ❯

You will be responsible for planning and implementing appropriate security controls to ensure that the information within is kept secure. Key functions/outputs: Vulnerability Scanning & Reporting Endpoint Security Incident Management & Tickets System Hardening Change Work Participation in Regular Meetings Documentation Vulnerability Scanning & Reporting Code Scans: perform regular code scans to audit code quality metrics, potential bugs, and security … access and threats are being blocked. Access Control: ensuring that access controls have been implemented correctly to only allow authorised users to gain access to certain data and systems. Incident Management & Tickets: Incident Identification: help to recognise and confirm potential incidents through alerts, logs and user reports. This includes distinguishing between true threats and false positives. Incident Response: respond to potential security breaches or cyber-attacks. The main effort should focus on containment, mitigating the damage, investigation of the root cause of the incident and restoring to normal operations. Ticket Requests: respond to and resolve any tickets raised to the Leidos Security group on SD+ that require Cyber Security Engineering input. System Hardening: Patch More ❯

organizations through every step of their journey toward cyber resilience. Clients count on us for quick and expert support in the event of and in preparation against a cyber incident; from incident response to risk assessments, and complex forensics to breach notification and ID theft remediation we help clients - of all sizes - respond with confidence. At Kroll More ❯

security aspects of design, build, implementation, operation, process, and policy, to ensure they are secure, resilient, and compliant with local and national standards. You'll assist with Cyber Security incident detection, response and recovery as well as the development, implementation, maintenance and testing of the Trust's Cyber Incident Response Plan (CIRP) and Security Strategy. You More ❯

assist in vulnerability management programs ensuring that all AWS cloud infrastructure meets the highest security standards. In This Role, You'll Respond to security tickets promptly and professionally, including incident handling, triage, investigation, and collaboration with other teams for resolution. Serve as the point-of-contact for internal user security questions, providing guidance on security policies, tools, and best … practices. Design, implement, and improve operational security processes—focusing on ticket management, incident response workflows, and documentation standards. Monitor security dashboards for alerts; analyze, document, and escalate events as needed for further investigation and remediation. Support the implementation and maintenance of security controls, including vulnerability management, endpoint protection, multi-factor authentication, and encryption technologies. Assist in onboarding and … security engineering Familiarity with securing AWS cloud services Familiarity with Infrastructure-as-Code tools like Terraform Familiarity with deploying and operating Kubernetes such as AWS EKS. Strong understanding of incident management, ticket response, and security operations best practices. Experience using ticketing systems and operational tools such as JIRA or Atlassian suite. Excellent communication skills; ability to explain technical More ❯

assist in vulnerability management programs ensuring that all AWS cloud infrastructure meets the highest security standards. In This Role, You'll Respond to security tickets promptly and professionally, including incident handling, triage, investigation, and collaboration with other teams for resolution. Serve as the point-of-contact for internal user security questions, providing guidance on security policies, tools, and best … practices. Design, implement, and improve operational security processes—focusing on ticket management, incident response workflows, and documentation standards. Monitor security dashboards for alerts; analyze, document, and escalate events as needed for further investigation and remediation. Support the implementation and maintenance of security controls, including vulnerability management, endpoint protection, multi-factor authentication, and encryption technologies. Assist in onboarding and … security engineering Familiarity with securing AWS cloud services Familiarity with Infrastructure-as-Code tools like Terraform Familiarity with deploying and operating Kubernetes such as AWS EKS. Strong understanding of incident management, ticket response, and security operations best practices. Experience using ticketing systems and operational tools such as JIRA or Atlassian suite. Excellent communication skills; ability to explain technical More ❯

manage automated security tooling that prevents security issues before they occur Perform security-focused code reviews and support threat modelling exercises Champion cloud security principles across product engineering teams Incident Management & Monitoring: Lead incident response for security risks and issues raised by SOC teams Manage implementation of logging and SIEM integration for comprehensive monitoring Prioritise and oversee More ❯

delivering robust, scalable, and compliant security operations aligned with FCA Consumer Duty and broader regulatory obligations. You will play a key role in the operational management of security technologies, incident response processes, and the continuous enhancement of our detection and response capabilities. The successful candidate will bring hands-on expertise in, cloud security operations, threat detection and … will do: Operate and optimise core cyber security tools and platforms, including SIEM, XDR, EDR, DLP, IAM, PAM, ZTNA and vulnerability management solutions Lead or support the detection and response lifecycle, including triage of alerts, investigation of incidents, root cause analysis, and coordination of response actions. Implement and administrate security operational controls across AWS, Azure, and on-prem … with ISO 27001, PCI-DSS, CIS and internal governance requirements. Deliver clear, actionable security reporting and dashboards for both technical and executive audiences, covering vulnerabilities, threats, control coverage, and incident trends. Maintain and enhance operational documentation, including runbooks, playbooks, and standard operating procedures (SOPs) Support internal and external audit processes by maintaining evidence artefacts, compliance reporting, and validation of More ❯

of our international businesses, with a focus on resiliency, this role has an opportunity to provide strategic guidance on improvements. At the forefront of providing production support services including, incident logging, incident resolution, problem management, change management practices, and SRE support, we are inviting you to join our success story.As our Site Reliability Engineering Manager you will:- Lead … a culture of collaboration, innovation, and continuous improvement. Assist with the design, implementation, and maintenance of systems to ensure high availability, scalability, and performance. Develop and implement strategies for incident response, root cause analysis, and post-mortem reviews to prevent future incidents. Work closely with business and technology teams to understand their needs and ensure alignment with reliability More ❯

of our international businesses, with a focus on resiliency, this role has an opportunity to provide strategic guidance on improvements. At the forefront of providing production support services including, incident logging, incident resolution, problem management, change management practices, and SRE support, we are inviting you to join our success story. As our Site Reliability Engineering Manager you will … a culture of collaboration, innovation, and continuous improvement. Assist with the design, implementation, and maintenance of systems to ensure high availability, scalability, and performance. Develop and implement strategies for incident response, root cause analysis, and post-mortem reviews to prevent future incidents. Work closely with business and technology teams to understand their needs and ensure alignment with reliability More ❯

scans and external security & penetration tests, forensic audits, or related investigations. This includes the ability to ensure remediation of findings are handled and fed into continuous service improvement activities. Incident management of cyber security events of all severities, throughout the incident lifecycle. Business Continuity Develop, maintain, and improve data and technology Business Continuity & Disaster Recovery Plans that enable … into Live Service Experience of working with conflicting, highly complex, and/or highly sensitive information Experience in managing critical incidents, and problem investigation + resolution (including managing security incident response, and information security breaches) Experience of contributing to, and developing enabling strategies (example: information security) Coaching, mentoring and supervision of others Management of financial budgets for a … on-call, consumables, relevant 3rd party provision contracts) and developing investment cases Desirable Experience in conducting or managing information security audits, penetration testing, table-top/simulation exercises, and incident investigations Experience of management products/services in healthcare (NHS) Skills and Knowledge Essential Deal with complex business problems and translate into information security and business continuity requirements and More ❯

on expertise will protect critical systems and support business growth. Key Responsibilities Develop and maintain the enterprise information security strategy aligned with business goals Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish … and finance Strong track record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies Excellent risk assessment and incident management skills Outstanding communication skills with the ability to influence stakeholders at all levels Strategic mindset with the capability to balance security controls and business agility SM&CR Responsibilities More ❯

integration. Baseline and conduct regular reviews with an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish … and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies, specifically Microsoft Defender XDR, Purview and Sentinel Excellent risk assessment and incident management skills Outstanding communication skills with the ability to influence stakeholders at all levels Strategic mindset with the capability to balance security controls and business agility SM&CR Responsibilities More ❯

Responsibilities Lead, coach, and develop a multisite team of 1st to 3rd line IT Support Analysts. Oversee daily operations of the IT Service Desk, ensuring SLAs are met across incident, request, and problem management. Act as the primary escalation point for major incidents, coordinating resolution and stakeholder communication. Own and improve ITSM processes including incident, problem, request, change … and major incident management. Monitor service desk KPIs. Ensure smooth collaboration across infrastructure, development, and platform teams. Maintain excellent service quality and communication with internal and external users. Promote a culture of continuous improvement and customer service excellence. Contribute to IT strategy by identifying automation opportunities and service enhancements. Service Desk Manager Requirements Proven experience managing an IT Service … Desk or Technical Support function. Strong working knowledge of ITSM frameworks. Hands on expertise in incident, request, problem, and major incident management. Skilled in leading and developing high performing support teams (1st to 3rd line). Experience with major incident response and crisis communication. Customer focused with strong interpersonal and stakeholder management abilities. Familiarity with ITSM More ❯

Responsibilities Lead, coach, and develop a multisite team of 1st to 3rd line IT Support Analysts. Oversee daily operations of the IT Service Desk, ensuring SLAs are met across incident, request, and problem management. Act as the primary escalation point for major incidents, coordinating resolution and stakeholder communication. Own and improve ITSM processes including incident, problem, request, change … and major incident management. Monitor service desk KPIs. Ensure smooth collaboration across infrastructure, development, and platform teams. Maintain excellent service quality and communication with internal and external users. Promote a culture of continuous improvement and customer service excellence. Contribute to IT strategy by identifying automation opportunities and service enhancements. Service Desk Manager Requirements Proven experience managing an IT Service … Desk or Technical Support function. Strong working knowledge of ITSM frameworks. Hands on expertise in incident, request, problem, and major incident management. Skilled in leading and developing high performing support teams (1st to 3rd line). Experience with major incident response and crisis communication. Customer focused with strong interpersonal and stakeholder management abilities. Familiarity with ITSM More ❯

Responsibilities Lead, coach, and develop a multisite team of 1st to 3rd line IT Support Analysts. Oversee daily operations of the IT Service Desk, ensuring SLAs are met across incident, request, and problem management. Act as the primary escalation point for major incidents, coordinating resolution and stakeholder communication. Own and improve ITSM processes including incident, problem, request, change … and major incident management. Monitor service desk KPIs. Ensure smooth collaboration across infrastructure, development, and platform teams. Maintain excellent service quality and communication with internal and external users. Promote a culture of continuous improvement and customer service excellence. Contribute to IT strategy by identifying automation opportunities and service enhancements. Service Desk Manager Requirements Proven experience managing an IT Service … Desk or Technical Support function. Strong working knowledge of ITSM frameworks. Hands on expertise in incident, request, problem, and major incident management. Skilled in leading and developing high performing support teams (1st to 3rd line). Experience with major incident response and crisis communication. Customer focused with strong interpersonal and stakeholder management abilities. Familiarity with ITSM More ❯

safeguarding our AWS cloud environment , ensuring our systems stay secure, resilient, and fully compliant with financial regulations. You'll bring real-world experience with security tools, threat detection, and incident response , helping us evolve and harden our defences every day. A background in a regulated industry (like financial services) is important, as is a strong grasp of infrastructure … will do: Operate and optimise a wide range of security platforms, including SIEM, XDR, EDR, IAM, DLP, PAM, ZTNA, and vulnerability management tools Take ownership of the detection and response lifecycle - triaging alerts, investigating incidents, identifying root causes, and coordinating response actions Implement and manage security controls across AWS, Azure, and on-prem environments, aligning with frameworks like … ISO 27001, PCI-DSS Build and maintain clear, actionable dashboards and reports for technical and leadership teams, covering threats, vulnerabilities, incident trends, and control effectiveness Keep our documentation tight - from runbooks and playbooks to standard operating procedures (SOPs) Support internal and external audits, helping maintain evidence, reporting, and demonstrating control effectiveness Devoted to the FCA principle of Consumer Duty More ❯

our project development lifecycle and delivery processes Support the agenda for our cloud first strategy and ensure any cloud solutions meet our security aspirations and requirements Take responsibility for incident management and lead our response to cyber security events, incidents and potential breaches Ensure our suppliers adequately monitor the IT estate for threats and alerts and are capable … disciplinary teams in complex infrastructure environments A strong technical background across Networks, Security, Firewall, Vulnerability Management, SIEM and EDR technologies Experience with cyber security concepts, such as Threat Modelling, Incident Response, Penetration Testing (external/internal) Advanced knowledge of cloud products and services e.g. Azure, Microsoft 365 Emotionally intelligent and able to recognise and manage the needs and More ❯

doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Prepare reports for managed clients to both technical and non-technical audiences and … continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational More ❯

SOC Analyst (L3) - Senior Incident Responder Location: Birmingham (Hybrid) Salary: Up to £70,000 (depending on experience) + bonus NOTE: Candidates for this role must be eligible for UK Security Clearance (SC). We’re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real … Splunk and wider SIEM technologies. This is a critical role within the SOC, where you’ll be the escalation point for L1 and L2 analysts and take ownership of incident containment, remediation, and post-incident review. What you’ll do: Act as the L3 escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use … Splunk and other SIEM tools to detect, investigate, and respond to security events. Perform detailed forensic analysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and recovery. Develop, refine, and own SOC use cases, runbooks, and playbooks to drive continual service improvement. Liaise directly with clients, providing clear guidance and More ❯

Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct threat modelling, risk assessments, and incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK More ❯

and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. Incident Response Support: Coordinate with SRE and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares … Clear, concise communication skills for both technical and business audiences. Nice-to-Haves Exposure to cloud security (AWS, Azure, or GCP). Hands-on lab or internship experience with incident response. Entry-level certs like CompTIA Security+ or GIAC GSEC in progress. Why Our Client? Competitive package: £36,000-£43,000 + performance bonus. Flexibility: Choose your workspace—office More ❯

Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). … SOC2), and risk management best practices. • Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. • Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS More ❯

implement the company's security strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, risk assessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines from data … Skills & Experience 15+ years of progressive experience in Information Security, with a minimum of 7-8 years focused on cybersecurity. Proven track record in cybersecurity strategy, team leadership, and incident management. Deep knowledge of blockchain protocols, smart contracts (Solidity, Rust), cryptography, and custody systems. Strong expertise in cloud security, DevSecOps, and secure software development lifecycle (SSDLC). Understanding of More ❯

platform. Collaboration & Leadership: Serve as the security subject matter expert for AI/ML projects. Mentor development and data science teams on secure coding and operational best practices. Lead incident response activities related to the AI/ML platform. Qualifications & Experience (Required) Experience : 5+ years of experience in a DevOps, DevSecOps, or Cloud Security role, with at least More ❯