276 to 300 of 660 Incident Response Jobs in the UK

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

led MSSP services and are used to working in a high-pressure environment and managing geographically dispersed teams across different time-zones. The Role As the Global Head of Incident Response, your primary responsibilities will be: Manage and develop a global team of Cyber Threat Intelligence analysts, providing expert assistance during a cyber incident and for routine More ❯

CD practices to accelerate delivery and improve consistency. Compliance and Security Controls: Implement and monitor controls to ensure infrastructure build and release processes meet regulatory and internal compliance requirements. Incident and Problem Management: Oversee incident response and root cause analysis related to build and release operations, ensuring timely resolution and preventative measures. Performance Monitoring and Optimization: Monitor … application, and security teams to ensure build and release operations support broader infrastructure and business goals. Documentation and Reporting: Maintain accurate documentation of build and release procedures, configurations, and incident reports. Provide regular updates to senior management. Skills & Experience Strong leadership skills with experience managing technical teams. Proven experience managing infrastructure build and release operations in hybrid cloud and More ❯

laptops, mobile phones, corporate-managed, BYOD, and server-side devices. This critical role leads the engineering and enablement of endpoint protection technologies, ensuring device compliance, threat detection, and automated response capabilities. The role combines strong technical leadership, deep expertise in endpoint protection platforms, and a collaborative approach to operationalize security across all user and device touchpoints globally. Key Responsibilities … healing, zero-trust-aligned architectures for secure device management. Observability & Event Management: Implement real-time observability of endpoint health, risk exposure, and threat posture. Integrate with cybersecurity event and incident management pipelines for early detection and rapid response. Collaborate with the cyber and incident response teams to streamline investigation and containment. Ensure high-fidelity logging and alerting … background in automation, scripting, and observability practices. Experience working with large, global device fleets and BYOD models. Preferred Qualifications: Familiarity with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional More ❯

Information Security Office Function (CISO) The Security Analyst (XDR) role is within the Security Operations pillar of the CSOC (Cyber Security Operations Centre) providing second line security analytics and incident response services. The post of Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this … that RRP is non contractual and subject to review. Main duties of the job As a Security Analyst (XDR) you will: Act as a Tier 2 Extended Detection and Response (XDR) analyst for the Security Operations team. Deputise for Senior Analysts in their absence. Act as an escalation point for Tier 1 Junior Analysts for incidents and investigations. Offer … title is advertised to attract the right skills needed for the role. The post of Security Advisor/Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is non More ❯

to-end support across Service Desk tiers (13). That means you will not only resolve high-level, complex technical issues but also contribute to front-line customer service, incident triage, and service request fulfilment when required. The hours of work for this role are Monday - Sunday - 4 on 4 off - 7pm - 7am. Key Responsibilities as a Cloud Operations … Engineer: Maintain and troubleshoot Azure and hybrid cloud environments. Perform proactive monitoring, incident response, and root cause analysis of mission-critical systems. Configure, optimise, and secure servers, virtual machines, networking, and storage solutions. Create and maintain scripts (e.g., PowerShell) to automate operational tasks. Contribute to design and implementation of new cloud and hybrid solutions. Service Desk Element: Tier … experience in a 3rd line technical infrastructure support role Outstanding problem-solving skills with a structured and analytical mindset Experience with ITIL-aligned Service Desk processes. Ability to perform incident triage and service request fulfilment. Strong knowledge of end-user support: Windows OS, O365, Teams, Exchange Online, SharePoint. What We Offer: 33 days holiday (inclusive of bank holidays), with More ❯

and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . … What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and hybrid architectures. More ❯

and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . … What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and hybrid architectures. More ❯

and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . … What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and hybrid architectures. More ❯

and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . … What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and hybrid architectures. More ❯

and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . … What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and hybrid architectures. More ❯

the highest standards. Key Responsibilities Develop, implement, and maintain compliance with ISO , and PCI-DSS standards. Conduct risk assessments, security audits, and vulnerability testing across systems and processes. Lead incident response activities, ensuring rapid and effective mitigation. Collaborate with internal stakeholders and external auditors to achieve and maintain certifications. Deliver organisation-wide security and compliance awareness training. Monitor … Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO , and PCI-DSS. Strong understanding of governance, risk management, and regulatory compliance. Proficiency with security monitoring tools and incident management processes. Excellent analytical, communication, and leadership skills. Desirable Knowledge of GDPR, NIST, or other security frameworks. Experience in highly regulated industries such as, technology, finance, telecoms, and maybe More ❯

gaps for targeted development. Oversee all daily technical operations within the Cybersecurity Investigations team by ensuring established client security protocols are rigorously followed. Manage and coordinate all aspects of incident response and forensic investigations through following the client parameters while also proactively making suggestions for process improvement. Manage long-term initiatives for the global team to include global … primary technical liaison between the client team and the UK Based Cybersecurity Investigations team and other departments, facilitating communication and cooperation, preparing detailed reports and presentations on security trends, incident status, and risk mitigation for senior management. Monitor scheduling to meet baseline standards, handle attendance, timecard tracking and ensure that team members are following applicable laws and regulations in More ❯

security posture. Core responsibilities: - Overall management and maintenance of the CrowdStrike platform, including configuring EDR policies, tuning SIEM rules, and optimizing the system for performance - Leading or participating in incident response efforts, conducting root cause analysis, and developing runbooks for incident handling - Monitoring for security threats, analysing alerts, and responding to incidents using CrowdStrike and other security More ❯