1 to 25 of 96 Remote Incident Response Jobs in the UK excluding London

Job Title: Cyber Security Response Specialist Location: Warwick OR Wokingham, Hybrid, 2 days onsite per week Remuneration: Daily Rate From: £650 Contract Details: Fixed Term Contract, 6 months, Full Time Responsibilities: Develop and maintain incident response plans, processes, and documentation. Implement effective Incident Response processes for remediation and restoration. Lead Post Incident Response and Lessons Learned initiatives. Design and deliver engaging incident response exercises at various command levels. Communicate vital information through reports, presentations, and briefings. Provide expert cyber security knowledge and drive continuous improvement. Establish and nurture relationships for effective incident communication. Collaborate with government and energy sector stakeholders to enhance security. About the Role: Join our vibrant … team as a Cyber Security Response Specialist, where your expertise in incident response will shine! This exciting opportunity allows you to design and implement robust incident response processes, providing critical support to Security Operations and ensuring seamless management of all Security Incidents. You'll be part of a dynamic joint cyber and physical security response More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on cutting-edge research and designed to drive change, resilience, and … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯

Incident Response Analyst Permanent - 52k - 57k + strong benefits Location: Hybrid - South Wales Your new company I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The … mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role: Monitor and analyse network traffic, system logs, and other data sources to … identify potential security incidents. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data More ❯

Incident Response Analyst Permanent - £52k - £57k + strong benefits Location: Hybrid - South Wales Your new company I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The … mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role: Monitor and analyse network traffic, system logs, and other data sources to … identify potential security incidents. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data More ❯

Major Incident & Problem Manager Grade: 4 Reporting to: Head of IT Service Management Location: Swansea About us IQUW is a speciality (re)insurer at Lloyd’s (Syndicate 1856) underwriting a diverse range of Property, Commercial and Speciality (re)insurance products from Cargo and Marine to Political Violence, Terror and War. We combine data, intelligent automation and human expertise to … help get under the skin of the most difficult insurance risks, helping build products to meet their customer’s needs. The role We are seeking a proactive and experienced Incident and Problem Manager to take ownership of our Incident, Major Incident and Problem Management processes. This role is critical in reducing operational disruption, improving service reliability, and … recurrence. We currently operate a hybrid working model. This entails 3 days per week collaborating with colleagues in the office, and 2 days working from home. Key responsibilities Major Incident Management Own and manage the end-to-end Major Incident process, ensuring efficient and effective response, resolution, and communication. Act as the primary point of escalation during More ❯

Overview Job Description Major Incident & Problem Manager Grade: 4 Reporting to: Head of IT Service Management Location: Swansea About us IQUW is a speciality (re)insurer at Lloyd's (Syndicate 1856) underwriting a diverse range of Property, Commercial and Speciality (re)insurance products from Cargo and Marine to Political Violence, Terror and War. We combine data, intelligent automation and … help get under the skin of the most difficult insurance risks, helping build products to meet their customer's needs. The role We are seeking a proactive and experienced Incident and Problem Manager to take ownership of our Incident, Major Incident and Problem Management processes. This role is critical in reducing operational disruption, improving service reliability, and … recurrence. We currently operate a hybrid working model. This entails 3 days per week collaborating with colleagues in the office, and 2 days working from home. Key responsibilities Major Incident Management Own and manage the end-to-end Major Incident process, ensuring efficient and effective response, resolution, and communication. Act as the primary point of escalation during More ❯

SIEM solutions. Onboard and normalise log sources across both cloud and on-premise environments. Develop and optimise analytical rules for advanced threat detection and behavioural analysis. Design and implement incident response playbooks and integrate them with SOAR platforms to automate triage and response. Conduct threat modelling exercises (MITRE ATT&CK, STRIDE, Cyber Kill Chain) and translate them into … actionable use cases. Perform in-depth investigations, coordinate incident response, and collaborate with threat intelligence teams. Produce dashboards, reports, and insights on security posture and incident trends. Support scoping and demonstrations of SOC tools for new opportunities. Mentor junior analysts and contribute to continual service improvements. What We’re Looking For 3+ years experience in SOC/… NOC Environments Strong experience with SIEM - IBM QRadar . Experience with log parsing, KQL/SPL/AQL, and scripting (Python, PowerShell). Solid understanding of threat detection, incident response, vulnerability management, and penetration testing . Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS . Strong communication and presentation skills, with the ability to work More ❯

resilient digital world. You will act as a critical liaison between client stakeholders and internal operational teams, ensuring the delivery of world-class cyber security services. You'll drive incident response coordination, lead vulnerability management efforts, and ensure service excellence through strategic oversight and hands-on technical engagement. What You'll Be Doing Serve as the key point … of contact and escalation for clients across SOC services. Coordinate incident response activities, leading investigation, containment, and remediation alongside technical teams. Manage post-incident reporting and continuous service improvement initiatives. Support compliance with SLAs and ensure services meet contractual, operational, and quality standards. Lead service reviews and present performance reports to clients (weekly/monthly). Oversee … of experience in technical support for SOC or Cyber Security operations. 5+ years of vulnerability management experience, with demonstrable risk-based prioritisation skills. Proven leadership in high-pressure, crisis-response situations. Strong client relationship management and stakeholder engagement skills. In-depth understanding of incident response frameworks and operational delivery. Experience managing IDS/IPS technologies and security More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role is based on site for the first 3 months followed by a hybrid working arrangement. Key Responsibilities Develop More ❯

and ISO27001:2022. Risk Management : Lead the identification and mitigation of information security risks across all operations. Security Architecture : Oversee secure system and software design throughout the development lifecycle. Incident Response : Manage the full lifecycle of security incidents, including reporting to relevant authorities. Awareness & Training : Drive a strong security culture through staff training and awareness initiatives. Regulatory Compliance … Deep understanding of secure SDLC and embedding security into product and system architecture. Risk Management : Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. More ❯

and ISO27001:2022. Risk Management : Lead the identification and mitigation of information security risks across all operations. Security Architecture : Oversee secure system and software design throughout the development lifecycle. Incident Response : Manage the full lifecycle of security incidents, including reporting to relevant authorities. Awareness & Training : Drive a strong security culture through staff training and awareness initiatives. Regulatory Compliance … Deep understanding of secure SDLC and embedding security into product and system architecture. Risk Management : Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. More ❯

and ISO27001:2022. Risk Management : Lead the identification and mitigation of information security risks across all operations. Security Architecture : Oversee secure system and software design throughout the development lifecycle. Incident Response : Manage the full lifecycle of security incidents, including reporting to relevant authorities. Awareness & Training : Drive a strong security culture through staff training and awareness initiatives. Regulatory Compliance … Deep understanding of secure SDLC and embedding security into product and system architecture. Risk Management : Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. More ❯

a leading organisation based in Croydon, who are looking to employ an experienced Cyber Security Manager with an in-depth knowledge of Cybersecurity frameworks, tools, and technologies, ISO27001 adoption, Incident management and Change management. This role involves the development and implementation of security strategies, policies, and procedures to protect against cybersecurity threats, as well as actively monitoring and responding … per week Some of the main duties of the Cyber Security Manager will include: * Security Strategy & Implementation: Design, implement, and maintain comprehensive cybersecurity policies, procedures, and controls* Threat Detection & Response: Continuously monitor the digital environment for potential vulnerabilities and security breaches* Incident Management : Lead incident response activities, coordinating with IT teams to mitigate risks and minimise … damage. Responsible for writing incident reports, gathering input across the technical and business teams to then share the report and project management of any improvement change actions* Security Integration & System Management: Collaborate with IT and development teams to ensure security is embedded in all new and existing applications, systems, and network infrastructure* Risk Management & Compliance: Ensure compliance with industry More ❯

our systems. Key Responsibilities SIEM Management: Monitor and optimize Security Information and Event Management (SIEM) tools like Splunk. Firewall & Proxy Audits: Review configurations and coordinate changes with infrastructure teams. Incident Response: Act as part of the Cyber Security Incident Response Team (CSIRT) to address threats. Compliance: Ensure alignment with ISO 27001, and other security standards. Risk More ❯

Security Engineer Strong experience with Microsoft Security Tools and the wider Defender XDR suite Knowledge of cloud and on-premise environments, ideally Azure, including networking and firewalls Familiarity with incident response processes, playbooks, and tools Understanding of threat intelligence and vulnerability management Experience with ISO27001 and compliance frameworks Scripting and coding skills (e.g., Python, PowerShell, Bash) Exposure to … Strong problem-solving ability with a pragmatic and collaborative approach Responsibilities for Cyber Security Engineer Enhance, manage, and optimise the company’s security tooling portfolio Review, update, and implement incident response playbooks and processes Strengthen security posture in Office 365 and Azure by deploying new tools and improving detection/response capabilities Collaborate with development teams to More ❯

an exciting opportunity to play a key role in shaping the transformation journey of enterprise clients. The role will suit professionals with a strong background in SOC service delivery , incident response coordination , and vulnerability management . Key Responsibilities: Act as the primary liaison between clients and internal operational delivery teams, ensuring seamless communication and service excellence. Serve as … the key escalation point for clients, managing security incidents from detection to resolution. Lead coordination efforts across Security Operations Centre (SOC), Incident Response, and technical teams during major incidents. Identify impacted systems, users, and business functions, and ensure timely stakeholder communication. Oversee remediation and containment activities and coordinate post-incident investigations and reporting. Ensure all service delivery … stakeholders. Manage and maintain IDS and IPS signature updates for client security gateways and firewalls. What You'll Bring: The ideal candidate will bring extensive experience in security operations , incident management , and service delivery in high-stakes environments. Key qualifications and experience include: Minimum of 10 years' experience providing technical support and advisory services within a Security Operations Centre. More ❯

Threat Modeling & Risk Assessment: Strong knowledge of security risk management. Cloud & Container Security: Expertise in AWS, Azure, GCP, Docker, and Kubernetes. Security Governance: Experience developing and enforcing security standards. Incident Response Leadership: Skilled in leading incident response and root cause analysis. Training & Mentorship: Ability to upskill teams on DevSecOps best practices. Please apply with your updated More ❯

teams to ensure security best practices and secure-by-design principles. Identify and mitigate security risks in solution architectures. Create security documentation (e.g., RMADS, Security Assurance Documents). Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST … modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Certifications such as CISSP More ❯

teams to ensure security best practices and secure-by-design principles. Identify and mitigate security risks in solution architectures. Create security documentation (e.g., RMADS, Security Assurance Documents). Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST … modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Certifications such as CISSP More ❯

is a hands-on role where youll play a key part in strengthening the organisations cyber defence posture by collecting, analysing, and disseminating actionable intelligence. Youll work closely with incident response, security operations, vulnerability management, and leadership teams to anticipate threats, mitigate risks, and improve resilience. Key Responsibilities: Collect and analyse intelligence to address high-priority security requirements. … Produce and share actionable threat intelligence with stakeholders across security operations, incident response, and fraud prevention. Conduct dark web investigations and OSINT gathering to support requests for intelligence. Proactively identify internal and external threats, including insider threats, and escalate as appropriate. Support the running of a threat intelligence platform to structure and standardise cyber threat data. Write and … edge global security team. Your Profile: Strong background in technical investigations, OSINT, and dark web intelligence. At least 2 years of security experience, ideally with exposure to threat intelligence, incident detection, or response. Solid understanding of the threat intelligence lifecycle and common cyber threat groups. Strong analytical skills with the ability to turn complex data into actionable insights. Self More ❯

and experience: An experienced threat intelligence lead (or similar). Expert in cybersecurity, with a focus on threat management and defensive security in regulated environments. Proficient in threat management, incident response and remediation tools. Strategic development in cyber threat intelligence research, process automation, knowledge sharing and team training. Skilled in using threat frameworks (e.g. MITRE ATT&CK, Cyber … Kill chain). Experienced in using OSINT and security analysis tools (e.g. Shodan, Censys, Qualys, Virus Total, EDR, AV). Experience supporting incident response or vulnerability management programs. Professional certifications in Cyber and Information Security (e.g. OCSP, GREM, CEH). Strong analytical and problem-solving abilities, translating complex technical issues into actionable recommendations. An excellent communicator with the More ❯

Leadership, leading key initiatives to protect systems, data and users while helping shape the organisations security posture. What youll be doing: Managing day-to-day information security operations, including incident response and risk assessments Leading the development and implementation of security policies, standards, and controls Driving continuous improvement initiatives to strengthen cyber resilience Developing and supporting security roadmaps … to Cyber Essentials, ISO27001 or similar What youll need: Proven experience managing IT security or information security functions Strong technical knowledge of Microsoft environments and security controls Experience with incident response, vulnerability management, and security risk mitigation Confident working with both technical teams and business stakeholders Solid understanding of security frameworks and compliance standards Ability to lead projects More ❯

of our lives. They're going through an exciting transformation period —building out their cyber security capabilities from the ground up. They're now looking for an experienced Cyber Incident Response Lead to help shape the function, drive best practices, and make a lasting impact on how the organisation responds to evolving threats. Key experience they're looking … for: Solid background in Incident & Problem Management, with the ability to lead effective responses and continuous improvement initiatives. Strong Stakeholder Management skills, with the confidence to work across technical and non-technical teams. Familiarity with ITIL and Service Management framework. A good understanding of the current Cyber Threat Landscape, including common threat actors, attack vectors, and response strategies. More ❯

alerting systems, SLA/SLO/SLI monitoring, alert tuning. Proven track record leading and mentoring engineering teams. Experience working in multi-disciplinary environments with multiple stakeholders. Involvement in incident response, postmortems, on-call rotations. Strong communication skills, with ability to explain technical direction clearly. Java Technical Lead X5 – (Java 8) SC Security Cleared- Key Responsibilities Lead and …/CD, infrastructure, and monitoring. Ensure systems are secure, resilient, and aligned with engineering standards. Collaborate with Dev, Ops, QA, and Security teams in a cross-functional environment. Support incident response, troubleshooting, and postmortems to improve reliability. Contract until March 2026 with scope to extend-£550-£650pday inside IR35 Hybrid working with ad hoc days on site when More ❯