76 to 100 of 476 Incident Response Jobs in the UK excluding London

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

local government. To read more about our business area, please visit Corporate Services and Transformation Key Responsibilities: Lead and develop an active Security Operations team focused on threat detection, incident management, and prevention of data breaches or service disruptions. Build and mature the Security Operations Centre (SOC) with a focus on cyber risks, threat intelligence and proactive incident avoidance. Oversee the councils response to critical cyber incidents, coordinating resolution efforts and informing senior stakeholders. Collaborate with security architects and technical teams to shape and implement cyber security policies, ensuring theyre risk-appropriate and business-friendly. Manage cyber security risks by embedding them into the corporate risk register and advising on appropriate mitigation strategies. Oversee the planning … cyber security trends, threats, tools, and protocols -demonstratable vendor agnostic technical appreciation of both defensive and offensive Cyber Security with focus on Microsoft security competencies. Strong experience in leading incident response, technical investigations, and high-pressure decision-making. Excellent communication skills with the ability to influence and collaborate at all organisational levels. Strategic thinking with a focus on More ❯

. Lead the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement … KPIs) Client Satisfaction Rate : Measured through regular client feedback and satisfaction surveys. Delivery Compliance Rate : Percentage of client engagements that meet defined delivery standards and pass governance review gates. Incident Response Effectiveness : Success rate in managing and resolving client incidents within predefined response windows. Service Utilisation Rate : Adoption and effective use of security services across client accounts More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

clients to enhance security visibility Contribute to threat hunting, detection tuning, and SOC process improvements Skills You’ll Need: 2-5+ years in a SOC, threat detection, or incident response role Hands-on experience with Microsoft Sentinel (KQL, analytics rules, Logic Apps) Knowledge of Microsoft Defender XDR suite (Defender for Endpoint, Cloud, Identity) Understanding of MITRE ATT More ❯

SSCP – Highly desirable Bonus Skills & Knowledge Awareness of compliance and risk frameworks such as ISO 27001, NIST, and CIS Benchmarks. Ability to support threat modelling, cloud risk assessment, and incident response planning. Exposure to Infrastructure-as-Code (IaC) security using tools like Terraform, ARM templates, or Bicep. Skilled in translating technical risks into business terms for senior stakeholders. More ❯

the senior custodian of live services, infrastructure, and end-user computing across the enterprise. This is a high-impact leadership role where you ll own the operational landscape from incident response and capacity planning to supplier performance and cyber resilience. Your mission? To ensure technology consistently enables business growth, regulatory compliance, and an outstanding colleague experience. What You … Issue Resolution: Lead root-cause analysis, implement preventive controls, and champion continuous service improvement. • Service Management Governance: Oversee ITIL processes and support internal audits with robust systems and policies. • Incident & Change Leadership: Manage incidents and changes efficiently, providing strategic oversight on high-priority issues. • Financial Stewardship: Plan and manage Opex/Capex budgets, track spend, and identify cost-saving More ❯

the senior custodian of live services, infrastructure, and end-user computing across the enterprise. This is a high-impact leadership role where you’ll own the operational landscape—from incident response and capacity planning to supplier performance and cyber resilience. Your mission? To ensure technology consistently enables business growth, regulatory compliance, and an outstanding colleague experience. What You … Issue Resolution: Lead root-cause analysis, implement preventive controls, and champion continuous service improvement. • Service Management Governance: Oversee ITIL processes and support internal audits with robust systems and policies. • Incident & Change Leadership: Manage incidents and changes efficiently, providing strategic oversight on high-priority issues. • Financial Stewardship: Plan and manage Opex/Capex budgets, track spend, and identify cost-saving More ❯

in languages like PowerShell, Bask, or Python for task automation - Experience with vulnerability management tools like Nessus, Qualys, or OpenVAS - Knowledge of endpoint security solutions (antivirus, anti-malware) and incident response procedures - Familiarity with Security Information and Event Management (SIEM) tools, like Splunk or QRadar - Ability to interpret metrics from network, server and application performance monitoring tools - Knowledge More ❯

our Information Security team and exposure to our wider IT teams. You will build knowledge in the following areas: Risk Management, Policy and Compliance, Security Certifications,Supplier Due Diligence, Incident Response and Awareness, and Security Awareness, as well as working on ongoing projects. WHAT IS THE SCOPE OF THE ROLE? The following list is not exhaustive but gives More ❯

our Information Security team and exposure to our wider IT teams. You will build knowledge in the following areas: Risk Management, Policy and Compliance, Security Certifications, Supplier Due Diligence, Incident Response and Awareness, and Security Awareness, as well as working on ongoing projects. What is the scope of the role? The following list is not exhaustive but gives More ❯

security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience and to lead this More ❯

security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience and to lead this More ❯

management across our organisation.You'll support a broad range of stakeholders across the following business units:Retail Operations -Supply Chain & Logistics -Support Centre. Your responsibilities will include: Business continuity & incident response Leading crisis simulations and scenario-based exercises with stakeholders Supporting disaster recovery planning and testing Delivering security incident response training and playbooks Coordinating business continuity … planning and improvement tracking Acting as a liaison during major incidents and assisting with post-incident reviews Information security risk & assurance Promoting security governance across business units Managing risk registers and facilitating quarterly risk reviews Coordinating audits, assessments, and compliance checks Supporting third-party due diligence and vulnerability remediation You'll work closely with internal teams including Operations, IT … looking for: Proven background in Information Security, IT Risk, or Governance roles Strong understanding of business continuity and disaster recovery Hands-on experience with security risk assessments, audits, and incident response Familiarity with key standards and regulations (e.g. ISO 27001, PCI DSS, GDPR) Excellent stakeholder management and communication skills And desirable would be: Certifications such as CISSP, CISM More ❯

join our Security Operations Center team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents, optimizing SIEM configurations, and contributing to threat detection and response strategies. This role requires hands-on experience with both platforms and a deep understanding of cybersecurity principles and incident management. Key Responsibilities: Monitor and investigate security alerts from … Analyze logs, network traffic, and other data sources to detect threats and suspicious activities. Develop and tune detection rules, analytics, and alerting logic in both SIEM platforms. Collaborate with incident response teams to contain and remediate security incidents. Create dashboards, workbooks, and reports for stakeholders. Perform threat hunting activities and support continuous improvement of SOC processes. Maintain and More ❯

log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing applications and infrastructure Security Advisory More ❯

and overall security performance. Support compliance efforts across frameworks including Cyber Essentials, ISO 27001, GDPR and DPA. Lead the vulnerability management programme, advising IT on remediation strategies. Oversee security incident monitoring and response in coordination with the SOC team. Design and implement an effective identity and access management (IAM) process and own access control across all systems. Required … application of security frameworks and standards including CIS, ISO 27001/27002, GDPR, DPA, and Cyber Essentials. Proven experience managing or working closely with Security Operations Centres (SOC), including incident response and threat detection. Demonstrable background in implementing and running vulnerability management programmes, with experience using industry-standard tooling. Experience designing, deploying, and managing Identity and Access Management More ❯

Opportunity This is not your average SOC role. As a Microsoft Sentinel Specialist , you'll be front and center in our managed SOC, leading the charge in threat detection, incident response, and security monitoring across client environments. You'll bring deep expertise in Microsoft Sentinel and the wider Defender XDR suite , working directly with clients and internal teams … and building automation playbooks (Logic Apps). Create and maintain clear documentation , client reports, and actionable runbooks. Collaborate with client stakeholders and internal engineers to optimize detection coverage and incident resolution . Drive continuous improvement through automation, process refinement, and operational enhancements. What You Bring Must-Have Experience: 2-5+ years in a SOC or threat detection role. … Apps, Power Automate). Knowledge of compliance frameworks: ISO 27001, NIST, Cyber Essentials . Experience with other SIEMs (Splunk, QRadar, etc.). Scripting (PowerShell, Python) for custom detection/response workflows. Eames Consulting is acting as an Employment Agency in relation to this vacancy. More ❯

As a member of the Starling SOC team, you will be working with the industries brightest SecOps professionals to protect Starling customers, assets, and systems using the latest technologies. Incident Triage, Response, and Investigations based on Alerts received from multiple sources which include: Cloud Infrastructure/Security. Endpoint Detection and Response. Perimeter detection tooling. Investigating and responding to … security alerts raised by Users. Enhancing and creating analytic triggers to enhance alert efficacy. Continuous development of incident handling and readiness processes. Proactive threat hunting based on threat intelligence. Documentation of incidents and investigations. About your Skills We're open-minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. … Below is an overview: 3+ years experience in an in-house SOC role and team Understanding of AWS Security Solutions (or other Public Cloud Solutions) Analysis and Incident Response experience with Cloud systems such as AWS or GCP Experience working and supporting analytics/SIEM platforms. Experience working in CSIRT/SOC functions. Experience supporting and conducting Incident More ❯

initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC … operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: • Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. • Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of … security incidents. • Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). • Investigate potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies that may indicate suspicious or malicious activity. • Use OSINT (Open-Source Intelligence) to enrich contextual More ❯