1 to 25 of 104 Remote/Hybrid Incident Response Jobs in the UK excluding London

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Title Level 3 Security Analyst – Incident Response & Vulnerability Management Department Service Delivery/Security Reporting To Security Lead/Service Delivery Manager Operates under the direction of the Incident Manager during security incidents Location UK (Hybrid) Office in Cardiff 1-2 days per week, regular client site … travel. Working Pattern Monday to Friday with participation in the on-call Security and Major Incident rota as required Role Purpose The Level 3 Security Analyst is responsible for the technical investigation, containment, remediation, and resolution of IT security incidents and vulnerabilities across a complex, multi-site customer estate ...

lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance … manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … daily operational activities and performance. Define and implement the strategy and operational roadmap for security monitoring, detection, and response. Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts during high-severity security events ...

evolve the position based on their strengths and expertise. The successful candidate will play a key role in strengthening security posture through SIEM ownership, incident response, and system hardening, directly contributing to Europe's technological sovereignty. The Role The IT Security Specialist will: Design, build, and operate … centralised SIEM platform to aggregate and analyse security logs across infrastructure, networks, and applications Own security log analysis, vulnerability management, and incident investigation, including defining baselines and developing alerting rules for critical events Lead incident response efforts, using log correlation and analysis to investigate and resolve security ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

endpoint, email, identity, network, cloud and application layers. Manage and integrate a broad ecosystem of third-party cyber security platforms, including managed detection and response services, email security gateways, vulnerability management tools, privileged access management and threat intelligence services. Lead and support cyber security incident response activities … including investigation, containment, remediation and post incident review. Oversee security monitoring, alerting and response processes, working closely with managed service providers where applicable. Conduct and coordinate vulnerability assessment and remediation activities across infrastructure, endpoints, applications and cloud services. Support regulatory, client and internal audits (e.g. ISO 27001), including ...

cyber assurance integrates Knowledge of methodologies (Waterfall, Incremental, SAFE, DevOps) Experienced in managing ITHC activities end-to-end, from initial scoping through remediation Incident Response & Awareness Experienced in developing and managing Cyber Incident Response capabilities, including planning, implementation, and continuous improvement Proven experience designing and delivering ...

SIEM architecture and propose improvements to ingestion pipelines, parsing rules, correlation logic, and storage management. Implement automation and orchestration components (SOAR) to streamline incident response activities. Log Source Onboarding & Integration Identify, prioritise, and onboard new log sources from cloud, on-prem, network, endpoint, identity, and application platforms. Develop … correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning and logic refinement. SOC Support & Incident Response Work closely with SOC analysts to validate and refine detection logic. Support incident investigations through SIEM searches, enrichment, and data modelling. ...

your background and interests, your work may include: Reviewing security maturity against recognised good practice Supporting Cyber Essentials preparation and assessments Developing and testing incident response plans Carrying out tabletop and simulated incident exercises Assessing and improving supply chain security Advising on secure application and software development … love to hear from you. Apply now and send over your CV for a quick review. Security, Cyber, Cybersecurity, Infosec, Information Security, Incident Response, IR, Consult, Consultant, Consulting, Compliance, 27001, GDPR, DPA, Data Protection, GRC, Governance, Risk Circle Recruitment is acting as an Employment Agency in relation ...

service model for critical data engineering pipelines, aligned to project requirements. Establish clear service constructs, including: Support coverage models (core hours, escalation) Incident, problem, and change processes Release and maintenance windows Ensure service definitions are fit for current pipeline complexity , not aspirational future platforms. 2. Service Readiness & Operational Assurance … deprioritised Contribute to operational continuity planning for high‐risk services. 4. Operational Playbooks & Knowledge Enablement Define standards and structure for: Operational playbooks Incident response procedures Escalation paths Ensure playbooks are: Pipeline-specific Actionable by support teams Validated with technical SMEs Support completion and validation of knowledge transfer activities ...

maintain Huel’s information security strategy, aligned with business priorities, technology risks, and growth plans. Oversee core security capabilities, including threat detection, vulnerability management, incident response, access controls, and continuous improvement. Partner with Engineering, Data, and IT Operations to embed security across the full lifecycle of applications, systems … Strong knowledge of frameworks, standards, and regulations such as NIST, Cyber Essentials, and GDPR Experience building or maturing capabilities across risk management, incident response, vulnerability management, governance, and awareness Experience working with third-party security providers across services such as penetration testing, Managed Detection and Response ...

controlled environment. The Role You'll be responsible for the day-to-day operation and improvement of a central Azure cloud platform, covering monitoring, incident response, automation, and platform reliability. Senior hires will also play a key role in mentoring others and driving improvements across the platform. What … Azure (IaaS/PaaS) Terraform for Infrastructure as Code Kubernetes and containerised platforms CI/CD using GitHub Actions or similar Monitoring, alerting, and incident response tooling L2/L3 on-call support within a 24/7 rota What they're looking for Experience supporting cloud platforms ...

leadership for the delivery and continuous improvement of NRW's telemetry services. These services underpin NRW's ability to deliver critical flood risk management, incident response, and water resource management services. You will act as NRW's senior technical authority for telemetry systems, with end-to-end responsibility … purpose. Your expertise will directly support evidence-based decision-making, enabling effective routine operations and providing trusted data and system performance during incident and emergency response. As an organisation we support flexible working. You will be contracted to the nearest NRW office to your home and a suitable hybrid ...

monitoring solutions into OT networks, alongside the rollout of hardened security baselines. You'll work closely with SOC, security architecture and incident response teams to integrate solutions into a centralised SIEM/SOC capability and fine-tune detection and response.This is a highly technical, electrofocusing role offering real … security technologies (EDR, ITDR, NDR, ICS monitoring) Integrate OT security tooling with a central SOC/SIEM environment (including alerting, detection and response tuning) Take a threat led approach to security configuration, aligned to MITRE ATT&CK, Cyber Kill Chain and relevant threat intelligence Roll out endpoint ...

Risk Management: Own and manage the security risk management program, including advanced risk assessments, vendor risk reviews, third-party due diligence, and mitigation planning. Incident Response & Improvement: Collaborate on incident coordination, response, root cause analysis, and driving continuous improvement initiatives. Stakeholder Communication: Deliver clear, data-driven ...

Model & Ways of Working : Define and implement SRE ways of working and engagement patterns, aligning reliability practices with existing ITSM/ITIL processes (e.g., incident, problem, release and change) and modern engineering delivery. Reliability Measures (SLIs/SLOs) & Error Budgets : Establish service measures and targets (SLIs/SLOs … Insight: Shape observability approaches (metrics/logs/traces) and operational monitoring models that make reliability risks visible and actionable, improving operational decision‐making. Incident Excellence & Continuous Learning: Design incident analysis and improvement loops, including practical approaches that strengthen incident response and drive learning through post ...

focused on monitoring, analysing and responding to security threats, while driving continuous improvement across our security operations capability. Youll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. ...

Responsibilities Proactively monitor security alerts, dashboards, and event queues for a portfolio of clients, identifying sophisticated threats and anomalies. Perform advanced analysis of incident data, logs, and artefacts, validating genuine security incidents and leading initial containment. Take ownership of escalated alerts from Level 1 analysts, performing in-depth investigation … managing the incident response process through to resolution or escalation to senior technical leads. Collaborate with other SOC team members, mentoring and providing guidance to junior analysts to build team capability. Support forensic data collection and evidence management during incident investigations; contribute expertly to incident post ...

technical role where youll investigate complex alerts, support threat-hunting activities, contribute to the tuning of SIEM detections, and help improve SOC processes and response playbooks. Youll also play an important role in mentoring analysts and supporting the continued development of the SOCs technical capability. Technology innovation is part … this role will continue to evolve as AI-driven detection, automation, and response capabilities are introduced. You will: Investigate, triage, and respond to security alerts across customer environments Support the tuning and maintenance of SIEM detection rules alongside senior analysts Carry out proactive threat analysis and support threat-hunting ...

governance framework for all areas of cyber and information security across the Group. Manage third-party providers responsible for cyber monitoring, detection, and incident response, ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the Group-wide cyber security risk register, including conducting risk … assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. Ensure adherence to relevant regulations and industry standards, including ISO 27001, NIST, GDPR, and the UK Data Protection Act. Promote a strong security ...

governance framework for all areas of cyber and information security across the client. Manage third-party providers responsible for cyber monitoring, detection, and incident response, ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the client-wide cyber security risk register, including conducting risk … assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. Ensure adherence to relevant regulations and industry standards, including ISO 27001, NIST, GDPR, and the UK Data Protection Act. Promote a strong security ...

Develop and enhance monitoring systems to proactively identify performance, reliability, security, and cost issues Monitor platform performance and communicate insights to engineering teams Support incident response and assist with remediation of platform vulnerabilities Identify, plan, and implement improvements to cloud infrastructure and deployment processes Work closely with engineering ...