26 to 50 of 361 Incident Response Jobs in the UK

platforms. The SOC Shift Lead will take ownership of security operations during assigned shifts, acting as the senior escalation point for complex incidents, leading response activities, and ensuring effective coordination across teams. This role also carries leadership responsibility, including oversight of analysts and accountability in the absence of senior … Clear progression within a specialist cyber security function What You Need To succeed in this role, candidates should demonstrate: 710 years experience in SOC, incident response, or threat analysis Strong leadership capability, with experience mentoring or guiding analysts Proven experience acting as an escalation point for high-severity ...

strong security posture across mission-critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities of the Security Operations Shift Lead Lead investigations into escalated … security incidents, assessing attack vectors, scope, and business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium- and high-severity incident response activities, producing detailed ...

heart of a thriving Cyber Practice covering Assurance, Compliance, SecOps, Offensive Security and Research. You'll play a pivotal part in threat detection, incident response, detection engineering, and security monitoring - helping defend major UK organisations. This role is perfect for someone who thrives in technical depth, enjoys problem … improvements Review and uplift existing SecOps standards, logging maturity, BAU monitoring and threat-led optimisation Perform day-to-day security monitoring, alert triage and incident response (9am-5:30pm rota) Investigate cyber security incidents and provide technical leadership during escalations Mentor junior analysts through shadowing and hands ...

security alerts, intrusions, and unauthorised activity Responding to incidents in line with defined SOC playbooks Escalating complex or high-risk incidents to Tier 2 Incident Response teams Reviewing vulnerability scan results and feeding findings back to technical teams Supporting secure configuration reviews and remediation activities Producing regular service … Junior SOC Analyst essential skills A qualification in Cyber Security, Computer Science, Networking, or a related technical discipline Strong interest in cyber security and incident response Understanding of core security concepts and common cyber threats Ability to follow processes, investigate alerts, and document findings clearly Willingness to work ...

across the business. The Role Youll lead day-to-day cyber security operations, working closely with IT and business stakeholders to ensure robust monitoring, incident response, and risk management processes are in place. This is a hands-on role with both operational and strategic elements. Key Responsibilities Overseeing … cyber operations, including threat monitoring and incident response Managing vulnerabilities and supporting remediation activities Supporting the development and delivery of cyber security strategy Collaborating with internal teams and third-party providers Driving awareness, training, and continuous improvement initiatives About You Experience in cyber security operations, SOC, or incident ...

Title - Cyber security incident manager SC cleared or eligible for clearance. 3 month rolling ( likely 1 year) Fully remote Key Responsibilities Incident Response & Management Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats). Serve as primary incident commander during … high severity events. Oversee triage, impact assessment, containment strategies, and remediation plans. Ensure timely escalation and communication to leadership and relevant stakeholders. Maintain accurate incident logs, timelines, and evidence for audits or legal processes. Threat Analysis & Investigation Direct technical investigations, working with SOC analysts, threat intelligence teams, and external ...

test and deploy efficiently Advise during design sessions to help engineers pick the right solutions for projects Reliability & Operations Own production reliability, uptime, and incident response Define and enforce SLAs and SREs Lead incident response and post‐incident reviews Ensure monitoring, alerting, and on‐call … growing company Ability to operate production systems under pressure Deep hands‐on experience with the AWS cloud platform Strong background in reliability, observability, and incident management Experience leading or mentoring engineers What we offer in return 💰 Competitive salary depending on experience 🏝️ 27 days of annual leave (including 3 days ...

endpoint, email, identity, network, cloud and application layers. Manage and integrate a broad ecosystem of third-party cyber security platforms, including managed detection and response services, email security gateways, vulnerability management tools, privileged access management and threat intelligence services. Lead and support cyber security incident response activities … including investigation, containment, remediation and post incident review. Oversee security monitoring, alerting and response processes, working closely with managed service providers where applicable. Conduct and coordinate vulnerability assessment and remediation activities across infrastructure, endpoints, applications and cloud services. Support regulatory, client and internal audits (e.g. ISO 27001), including ...

intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration of autonomous response actions. You will be responsible for incident response activities, including triaging security alerts, investigating incidents, coordinating escalation and remediation, and conducting root … works closely with the Security Operations Centre (SOC) partner, supporting the assessment and investigation of alerts and contributing to the development and refinement of incident response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting ...

minimise it through automation and improved operational tooling. Collaborate with engineering teams to incorporate reliability into services through design enhancements and resilience patterns. Incident and Problem Management Excellence Enhance production outcomes through effective incident response practises, including major incident triage, root cause analysis, and post-incident … corporate banking or similarly regulated financial services context. Strong engineering background with the ability to drive automation and minimise manual toil. Proficiency in incident response, problem management, and operational resilience practises in critical settings. Excellent stakeholder management skills, with the capacity to influence and communicate effectively at senior ...

operational resilience, developer experience and infrastructure team leadership. You will be responsible for shaping the long term infrastructure roadmap, improving reliability and observability, strengthening incident response and ensuring the platform can support a growing customer base and increasingly critical product suite. This is a role for someone … cloud architecture to support scale, resilience and performance Set standards across infrastructure, CI/CD, environments and observability Lead production reliability, uptime, incident response and post incident reviews Improve monitoring, alerting and on call practices to ensure they are effective and sustainable Partner closely with the Information ...

Disaster Recovery (DR) frameworks Technology resilience planning across infrastructure, cloud, networks, applications, and data Organisation-wide Business Continuity Plan ownership and governance Major incident and crisis response coordination DR and continuity testing — scenario, tabletop, live and technology-led Cyber-resilience integration with security and incident response … Operational Resilience, Business Continuity, Disaster Recovery or Technology Risk Strong awareness of IT architecture, cloud services, infrastructure, and tech-led recovery processes Confidence leading incident response and crisis coordination Experience with resilience exercises, DR walkthroughs, failover testing, and scenario simulations Ability to work cross-functionally with Technology, Cyber ...

case dialog flows (REFER, re-INVITE, UPDATE, early media, SDP renegotiation). · Build dashboards and alerting on call quality, ASR, ACD, NER, and SIP response-code distributions. Telco Infrastructure & Carrier Operations · Manage SIP trunks and interconnects with upstream carriers and tier-1 wholesalers. · Own carrier onboarding, IP whitelisting, codec …/profile alignment, and signalling testing. · Coordinate with carriers on incident triage, MOS degradation, FAS, and trunk failover. Routing, Numbering & Number Management · Maintain and evolve LCR (Least Cost Routing) logic, prefix tables, and routing policies across multiple carriers. · Handle DID/number provisioning, porting (LNR/LNP) workflows, E.164 ...

built for you.We’re hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening … Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments (including AD hardening tools ) Essential Experience (Must Haves) Candidates must have: Security Engineering & Hardening IAM, PIM/PAM , identity lifecycle ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber ...

social engineering assessments and physical security testing Produce detailed scoping documents and executive-level penetration testing reports aligned with CREST and NCSC standards Lead incident response investigations and digital forensic analysis when required Work independently on client-facing assessments whilst collaborating with senior consultants and team leaders Maintain … Certified Testers, and forensic specialists delivers: Penetration Testing & Security Audits : Infrastructure, application, and mobile assessments Compliance Advisory : PCI DSS, GDPR, ISO27001 implementations and certifications Incident Response & Forensics : 24/7 emergency response and digital evidence analysis Specialist Services : SCADA testing, social engineering, business continuity planning Based ...

Service Reviews You will also be required to keep abreast of threat intelligence developments, and work closely with S‐RM’s Threat Intelligence and Incident Response teams to integrate key data points into our service. Support to other teams will be required where ASM is used … value‐add to assessment‐based engagements in our Risk & Resilience practice, and also where ASM is used to support incident investigation with our Incident Response practice. You will be required to work closely with the other managed service teams (Managed Detection and Response and Cyber Threat ...

strengthening the organisation's security posture. Role Overview: You'll lead on security engineering initiatives, own key security platforms, drive automation and support incident response and threat detection activities. You'll also contribute to strategic security projects and ensure secure, scalable and resilient solutions across the business. … using Terraform and Ansible. Maintain secure baselines for Windows, Linux and Kubernetes. Automate IAM workflows and integrate identity governance into CI/CD. Support incident response, threat detection and Red/Blue team exercises. Maintain security documentation and participate in on-call rotations. Qualifications & Experience: Degree in Computer ...

Security: Drive the secure design and operation of critical technology platforms, collaborating with platform owners and engineering teams to embed security throughout the lifecycle. Incident Response & Threat Management: Provide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation ...

management activities. Report on security posture to the Board and leadership team. 2. Regulatory Compliance & Engagement Ensure full compliance with DORA (ICT risk management, incident reporting, resilience testing, third-party risk), PSD2-SCA, PCI-DSS, SWIFT CSP, GDPR (as it relates to ICT), and EBA guidelines. … primary liaison for DNB, EBA, and other regulators; manage regulatory inquiries, audits, inspections, and reporting obligations. 3. Incident & Access Management Own and manage end-to-end response to security incidents and data breaches, including coordination, escalation, investigation, containment, and regulatory reporting in line with DORA and GDPR. Oversee ...

DDoS protection to keep our platform secure and performant. Drive vulnerability management across cloud infrastructure and application code, ensuring timely prioritisation and resolution. Lead incident response coordinate detection, investigation, containment and post-incident reviews. Maintain and evolve security monitoring, alerting and operational runbooks to ensure consistent coverage. … familiarity is important. Practical understanding of UK GDPR, DPA 2018 and PCI-DSS compliance requirements. Experience building or maturing security governance policies, risk registers, incident response procedures. Ability to communicate security risk and posture clearly to both technical teams and senior leadership. Hands-on comfort with security tooling ...

policies, and specific customer requirements. You will act as a primary point of contact for compliance reporting and assurance testing while supporting our cyber incident response efforts. What You’ll Do (Responsibilities) In this role, you will: Maintain Regulatory Oversight : Stay current on all new and existing … Reporting & Assessments : Create regular, customer-facing reports on the control environment and security incidents, and assist in the completion of detailed customer security assessments. Incident Support : Assist the Cyber Incident Response team with critical communications and assurance during cybersecurity incidents. What You’ll Bring (Skills & Qualifications ...

cyber assurance integrates Knowledge of methodologies (Waterfall, Incremental, SAFE, DevOps) Experienced in managing ITHC activities end-to-end, from initial scoping through remediation Incident Response & Awareness Experienced in developing and managing Cyber Incident Response capabilities, including planning, implementation, and continuous improvement Proven experience designing and delivering ...

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...