20 of 20 Incident Response Jobs in the West Midlands

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. As … the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We … looking for someone Midlands based who can be on site in Warwickshire 1 day a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

Principal Cyber Security Incident Response Analyst £60,000 - £70,000 Full Time/Permanent West Midlands/Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. … As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire … on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network More ❯

Cyber Incident Manager £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Manager to join a large nationally recognised brand head quartered in the West Midlands. As the Cyber Incident Manager you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We are ideally looking for someone … Midlands based who can be on site in Warwickshire 1 day a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships with required stakeholders. More ❯

an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC … activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports … to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients More ❯

difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these … efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within … are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements More ❯

are seeking an experienced SOC Manager to lead and enhance a Security Operations Centre (SOC) for a major client in the technology sector. You will be responsible for improving incident response, strengthening threat detection, and overseeing the performance and development of the SOC team. Key Responsibilities: Establish SOC goals and priorities, including improving incident response, reducing … false positives, and enhancing threat detection. Lead incident response efforts and coordinate resolution with internal and external stakeholders. Analyse incident trends to identify vulnerabilities and inform security strategy. Act as the primary point of contact for security incidents. Manage end-to-end security incident investigations and reporting. Mentor SOC analysts and ensure adherence to operational best … knowledge of Authentication, Endpoint Security, Firewalls, DLP, IAM, PKI, EDR, SOAR, and related SOC technologies. Experience with SIEM platforms such as Google Chronicle, Splunk ES, or QRadar. Expertise in incident management, intrusion analysis, and security device configuration. Experience with log source integration, parser writing, and correlation rule development. SOC automation and cloud operations experience (e.g., AWS). Excellent leadership More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role is based on site for the first 3 months followed by a hybrid working arrangement. Key Responsibilities Develop More ❯

an experienced SOC Engineer to support a high-profile critical national infrastructure project. This role is ideal for professionals with a strong background in security operations, threat detection, and incident response, who thrive in fast-paced environments and understand the importance of protecting sensitive systems. This is a remote-first opportunity, with occasional travel to the customer site … SIEM use cases, dashboards, and alerting mechanisms. Respond to security incidents, conduct root cause analysis, and provide remediation recommendations. Collaborate with engineering and infrastructure teams to improve detection and response capabilities. Maintain documentation for incident handling, playbooks, and operational procedures. Support compliance efforts and contribute to audit readiness. Stay current with emerging threats, vulnerabilities, and security technologies. Required … Skills & Experience Proven experience in a SOC or similar security operations role. Strong knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar). Familiarity with threat intelligence, malware analysis, and incident response frameworks. Understanding of network protocols, Windows/Linux systems, and cloud environments. Excellent analytical, communication, and problem-solving skills. Active SC Clearance or eligibility to obtain it. More ❯

cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯

security measures, and monitoring network activity. Key responsibilities include: Monitor Networks and Systems: Continuously monitor the organisation’s networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits to ensure that systems and networks … Stay updated on the latest intelligence, including hackers’ methodologies, to anticipate security breaches. Reporting: Prepare reports that document security breaches and the extent of the damage caused. Cyber Security Incident Response: Work with the IT Manager to maintain and update cyber incident response plans and procedures. Conduct Security Attack Simulations: Undertake security assessments such as Phishing More ❯

Splunk architecture, data ingestion, alerting, and dashboarding, along with experience migrating workloads to Elasticsearch. In addition to migration duties, the candidate will maintain and enhance existing Splunk infrastructure, provide incident support, manage upgrades, and ensure observability platforms remain secure and performant. This role demands a technically strong individual with excellent stakeholder communication and problem-solving skills. Key Responsibilities: Migration … Collaborate with Elastic teams to configure alerting and monitoring using Kibana, Elasticsearch Watcher, or third-party tools. Ensure migration plans include validation, rollback procedures, and knowledge transfer. Platform Operations & Incident Response: Maintain Splunk infrastructure in both Production and Non-Production environments. Support Splunk SRE and Application teams in incident investigation and resolution. Proactively monitor system health and More ❯

Overview Monitor and manage IT security infrastructure Conduct vulnerability assessments and penetration tests Lead incident response and mitigation Implement security policies and procedures Ensure compliance with GDPR, ISO27001 Work with SIEM tools for threat detection Manage access controls and firewalls Oversee employee security awareness programs Respond to emerging cyber threats Document incidents and reports Collaborate with IT teams More ❯

and maintain cloud infrastructure across public and hybrid environments, using Infrastructure-as-Code tools. The role also involves monitoring for performance, availability, and security, as well as assisting with incident response and troubleshooting. Collaboration is key, and you ll work with engineers and architects to create reusable templates, drive automation, and support cost optimisation. This is a great More ❯

and maintain cloud infrastructure across public and hybrid environments, using Infrastructure-as-Code tools. The role also involves monitoring for performance, availability, and security, as well as assisting with incident response and troubleshooting. Collaboration is key, and you’ll work with engineers and architects to create reusable templates, drive automation, and support cost optimisation. This is a great More ❯

FortiGate Manage VPNs, IPSEC tunnels, and certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/IP, VLAN, VXLAN, EVPN, VPC More ❯

FortiGate Manage VPNs, IPSEC tunnels, and certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/IP, VLAN, VXLAN, EVPN, VPC More ❯

to implement alerting and monitoring using Kibana and Elasticsearch Watcher or third-party tools. Assess existing Splunk configurations, including dashboards, alerts, saved searches, data models and recreate in Kibana. Incident Response Ensure the smooth functioning of Splunk platform across BT maintaining the Splunk’s infrastructure in Production & Non-Production environments. To support Splunk SRE & Application teams in investigating More ❯

vulnerabilities. - Coordinate and lead disaster recovery drills and tests to ensure readiness and effectiveness. - Collaborate with IT and suppliers to design and document backup and recovery solutions. - Support Manage incident response and ensure rapid recovery of operations in the event of a disaster. - Document and report on disaster recovery activities and outcomes. - Stay updated with industry best practices More ❯

RAG, and prompt engineering Familiarity with Azure services and cloud ecosystems Excellent communication and presentation skills A passion for mentoring and developing engineering talent Experience with distributed systems and incident response Benefits: Flexible remote working Competitive salary 25 days holiday Private health insurance (after 1 year) Enhanced parental leave And more Please Note: This is a permanent role More ❯

stack - M365, Azure, Atlassian, Telephony, IT Service tools Manage/Develop Identity and Access Management solutions Identity/Automate tasks - streamline workflows Implement/Manage monitoring tools Troubleshoot and Incident Response: Investigate, Resolve issues Security: Implement security measures Documentation: create documentation for systems procedures CI/CD Support: Implementation of Continuous Integration/Deployment pipelines Provide tech config More ❯