51 to 75 of 326 Incident Response Jobs in the UK

clients—from fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth … cyber threats across varied environments. You will support and mentor junior analysts, lead complex investigations, and contribute to the ongoing development of detection and response capabilities. This role is suited to a security professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership ...

Cyber Security Consultant - Incident and Vulnerability Management +6 months + +1 day a week on site in London/Preston/Birmingham - 4 days WFH +Inside IR35 + 550 - 580 a day +SC cleared role - must have current active clearance +Sole British nationals only due to nature … project Role Description: Security Incident & Vulnerability Management Consultant (Operational Integrator/SIAM - Transition Role) UK Sole National ONLY Security Clearance required Role Summary The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within ...

support). Monitor, analyse, and investigate network traffic and emerging threats, including active DDoS activity. Support customer maintenance, upgrades, and technical communications. Contribute to incident response and post-incident reviews that sharpen our detection and mitigation playbooks. Work within ITIL processes (Incident, Change, Problem, Service Requests … A+, Network+, Security+, CySA+, or CyberOps. If youre early in your career and hungry to build deep expertise in network security, traffic analysis, and incident response, this role was designed for you. Bright Purple is an equal opportunities employer: we are proud to work with clients who share ...

transit ◦ Implement logging, monitoring, alerting and security event visibility ◦ Design systems with attack, failure and misuse scenarios in mind ◦ Support cloud-level incident response and post-incident reviews ◦ Help ensure the platform meets expectations for a trading and regulated environment Reliability, DR & Resilience ◦ Design, implement and test … trading or other security-sensitive environments ◦ Experience with containerised and event-driven systems ◦ Experience inheriting, hardening or cleaning up existing cloud environments ◦ Familiarity with incident response and DR testing in cloud platforms Working Style ◦ Proactive and self-directed ◦ Detail-oriented and disciplined ◦ Strong communicator who values documentation ...

business continuity requirements. Drive accountability by maintaining clear roles, responsibilities and escalation paths across IT and business teams, ensuring a coordinated and effective response during incidents. Review test outcomes, identify lessons learned and champion continuous improvement initiatives that enhance resilience and recovery capability across the organisation. Monitor and assess … continuity dependencies. Provide meaningful governance, reporting and assurance to senior stakeholders on DR and BC readiness, resilience posture, identified risks and remediation activity. Ensure incident response, cyber resilience and major incident management processes integrate seamlessly with the wider DR and BC framework. Act as a key leader ...

cyber assurance integrates Knowledge of methodologies (Waterfall, Incremental, SAFE, DevOps) Experienced in managing ITHC activities end-to-end, from initial scoping through remediation Incident Response & Awareness Experienced in developing and managing Cyber Incident Response capabilities, including planning, implementation, and continuous improvement Proven experience designing and delivering ...

environments. You will lead the design, implementation, and continuous improvement of the organisation's security engineering capabilities across cloud platforms, infrastructure, security tooling, and incident response. As the technical lead for cybersecurity engineering, you will help shape the organisation's security roadmap while remaining close to the technology … Develop and improve detection engineering capabilities and threat monitoring use cases. Partner with the external SOC provider to ensure effective alerting, triage, escalation, and response processes. Lead vulnerability management activities from identification through remediation tracking and reporting. Support and lead technical incident response activities, including investigation, containment ...

mature Security Operations Centre, focused on protecting essential services. The Opportunity You'll play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability … response maturity. What You'll Be Doing Monitoring & Triage Analyse and triage security alerts using SIEM platforms Correlate events and identify patterns across multiple data sources Assess severity, scope, and business impact Investigation & Analysis Conduct detailed investigations across endpoint, network, identity, and log data Build evidence-led timelines ...

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...

About the role: This is an integral growth role within our Security Operations team, ideal for someone looking to deepen their expertise in incident response and client-facing security operations. You’ll be working hands-on with real security incidents in a fast-paced environment, building your technical … role in supporting our clients day-to-day, acting as an extension of their security teams. The role is focused on investigation and response, ensuring incidents are managed effectively from start to finish, while also contributing to improving how we detect and respond to threats over time. This role ...

Risk & Compliance: Ensure adherence to DSPT, CAF, CE+, ISO 27001, GDPR/DPA. Security by Design: Support secure architecture, systems design, and resilience planning. Incident Response: Act as primary escalation point; lead investigations and remediation. Policy & Process: Develop and enforce security policies and technical controls. Threat & Vulnerability Management … supplier security assessments. Familiarity with CAF, CE+, NIST, CIS Controls, ISO 27001. Understanding of healthcare data protection, ideally NHS/UK standards. Strong incident response, analytical, and problem-solving skills. Knowledge of AI/ML risks and AI governance. Experience with phishing campaigns, penetration testing, and remediation. Excellent ...

practical, proportionate security advice to stakeholders. Reporting & Metrics Develop and maintain meaningful metrics to measure the effectiveness of vulnerability management and threat intelligence functions. Incident Response Support Support and enhance incident response processes. Represent cyber security during operational incidents, coordinate with stakeholders, and assist threat intelligence ...

automate operational processes and help ensure systems remain secure, performant and easy to operate. As a senior member of the team, you will lead incident response activities, champion a culture of continuous improvement and collaborate with engineering teams to embed reliability into service design. You will define … with cloud platforms AWS and/or Azure You have experience with observability tools such as Prometheus, Grafana, Datadog You have experience of leading incident response and drive reliability improvements You're proficient with container orchestration (Kubernetes) and Infrastructure-as-Code (Terraform, Pulumi, or similar) You have ...

maintain of workspaces, including data connectors, Logic App, Function App, analytics rules, workbooks, and playbooks. Develop and refine custom queries for advanced threat hunting, incident investigation, and reporting. Optimize SIEM performance, cost, and data retention policies Identify new log sources work closely with infrastructure teams Identify, onboard, and configure … detect anomalies and incidents across the applications and infrastructure estate. Collaborate with SOC team to enrich detection logic based on known vulnerabilities and misconfigurations. Incident Response & Security Operations: Formulate proactive threat hunting rule based on emerging threats and intelligence. Contribute to the development and improvement of security playbooks ...

Essential Experience Proven experience leading a Security Operations Centre (SOC/NSOC) or cyber security function within a complex organisation. Experience in security operations, incident response, risk management, and service delivery. Experience maintaining compliance with standards such as ISO 27001 and Cyber Essentials Plus. Experience managing third-party … Ability to engage effectively with senior stakeholders and communicate technical issues in business terms. Technical Knowledge Strong understanding of cyber security operations, threat detection, incident response, and security monitoring. Good knowledge of network infrastructure, cloud technologies, and endpoint security. Experience with Microsoft Azure, Microsoft Sentinel, Microsoft Defender ...

project outcomes within agreed SLAs. Operational Excellence Accountable for the operational integrity of WAN, LAN, Wi-Fi, and cloud-based network services. Oversee incident response, troubleshooting, and root cause analysis for complex network issues, ensuring timely resolution and minimal business impact. Owner of network device configuration management, backup … network security baselines, compliance with internal policies, and external standards (e.g., ISO 27001, NIST CSF). Collaborate with the Security team on vulnerability management, incident response, and audit readiness. Supplier & Stakeholder Management Act as the primary technical authority with network service providers and hardware vendors, accountable ...

play a key role in a growing SecOps function protecting a modern Microsoft and cloud environment. This is a highly technical role focused on incident response, SIEM optimisation, vulnerability management, and security engineering, helping drive a Zero Trust journey and supporting ISO 27001 & CIS controls. What … doing Lead and support incident response, threat monitoring and root-cause analysis Tune and optimise SIEM & CrowdStrike EDR for maximum effectiveness Drive vulnerability management, remediation and risk reduction Secure cloud and infrastructure across Intune, Entra ID, Palo Alto, Cisco ISE, Mimecast and more Implement key security controls including ...

your background and interests, your work may include: Reviewing security maturity against recognised good practice Supporting Cyber Essentials preparation and assessments Developing and testing incident response plans Carrying out tabletop and simulated incident exercises Assessing and improving supply chain security Advising on secure application and software development … love to hear from you. Apply now and send over your CV for a quick review. Security, Cyber, Cybersecurity, Infosec, Information Security, Incident Response, IR, Consult, Consultant, Consulting, Compliance, 27001, GDPR, DPA, Data Protection, GRC, Governance, Risk Circle Recruitment is acting as an Employment Agency in relation ...

across Azure cloud, VMware infrastructure and Cisco Meraki networking. This is an operational cyber security role focused on cloud security, infrastructure hardening, vulnerability remediation, incident response, DR testing and cyber resilience. Key Skills & Experience: • Azure security, Entra ID, Conditional Access, RBAC and Azure Policy • VMware vSphere, vCenter … ESXi • Cisco Meraki, VLANs, VPNs, firewall rules and network segmentation • Security monitoring, incident response and vulnerability management • Sophos MDR or similar MDR/SIEM tooling • Windows/Linux hardening and secure configuration • Disaster Recovery and Business Continuity testing • PowerShell, KQL or Python desirable • Microsoft Defender, Sentinel ...

infrastructure, implementing and overseeing risk management processes, ensuring that appropriate controls and countermeasures are in place to mitigate all identified risks. Lead the incident response efforts, including preparing for, detecting, and responding to cyber security incidents, ensure that an effective incident response plan is in place … regularly tested and managing post incident analysis and reporting to prevent future occurrences. Manage and mentor the cyber security team, fostering a culture of continuous learning and development, ensuring that the team has the necessary skills and tools to protect the organisation effectively, and oversee recruitment, training, and performance ...

Security Clearance Central Government client requires Duty Managers/Analysts to operate within a high-security, mission-critical environment These are not traditional Major Incident Management (MIM) or technical resolver role s Instead, the focus is on operational command, coordination, and real-time situational awarenes s across multiple domains … cross-functional awarenes s Responsibilities The Manager acts as the on-shift operational commander , with responsibility for: Leading real-time operational decision-making and incident command Coordinating across multiple domains including: Security Operations (SOC) Network Operations (NOC) Infrastructure Physical Security Declaring and escalating Major Incidents (MI) Maintaining the single ...

ideal for someone who brings experience of well-established cyber operations and can apply that knowledge to strengthen and evolve our detection and response capability in a complex NHS environment, where patient safety and operational continuity are critical. You will work with tools including Sophos Intercept X and Secureworks … operation and ongoing development of our SOC and SIEM capability Own and continuously improve detection use cases, alerting, triage, and response processes Act as a technical lead for monitoring and detection , ensuring controls are effective, proportionate, and aligned to risk Investigate and respond to security incidents , providing clear, risk ...

network and security infrastructure, ensuring robust protection of business systems and data. Key Responsibilities Manage day-to-day cyber security operations and incident response Monitor and optimise security tools (SIEM, firewalls, endpoint security) Maintain and support network infrastructure (LAN/WAN, Wi-Fi, L2/L3) Identify threats … Alto firewalls, SIEM tools, and endpoint security Experience with L2/L3 networking (Nexus, LAN/WAN, Wi-Fi) Vulnerability management (e.g. Qualys) and incident response expertise Understanding of data security, threat analysis, and security best practice Essential Requirements Strong problem-solving and analytical skills Excellent communication ...

leading global financial institution seeking a Lead Cyber Operations Analyst to join their Cyber Security team. This role will focus on leading cyber incident response activities, managing security monitoring capabilities, driving threat detection and containment, and supporting the bank's wider cyber defence strategy. Key Requirements: * Strong experience … within Cyber Operations, SOC or Incident Response environments* Hands-on expertise with SIEM technologies (Splunk, Sentinel, QRadar etc.)* Knowledge of threat detection, malware analysis, endpoint, network or cloud security* Scripting experience (Python, PowerShell or similar)* Strong understanding of cyber risk, controls and security governance* Excellent stakeholder management ...

Cyber Security Delivery Manager, you'll take ownership of client engagements from start to finish, covering risk assessments, security architecture reviews, policy development, incident response planning, and governance work. You'll be the senior point of contact on engagements, ensuring quality and consistency across everything that goes … cyber security projects in a consultancy or professional services environment Strong technical knowledge across core cyber domains - risk management, security architecture, governance, assurance, or incident response CISSP, CISM, or equivalent professional certification A proven track record of leading teams and managing senior client relationships The ability to communicate ...