1 to 25 of 34 Incident Response Jobs in the West Midlands

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients, look no further. We are … with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection … in detection coverage, log ingestion and alerting based on business risks and threats Review and improve existing SecOps standards and capabilities e.g. by highlighting requirements for additional logging, identifying incident or threat trends and detection and business-as-usual optimisation opportunities Perform security monitoring, reviewing and triaging triggered alerts, and suggesting improvements (on a rota basis 9AM to More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains. Theyre expanding their Security Operations Centre and hiring a hands-on … SOC Incident Response & Threat Hunting Manager to lead Tier 3 analysts and drive proactive defence strategies. This is a strategic and technical leadership role, ideal for someone with deep DFIR expertise, strong mentoring capabilities, and a passion for threat hunting and CTI development. Key Responsibilities: Lead and coordinate high-severity incident response engagements Provide technical oversight More ❯

Head of IT Security Incident and Threat Management – Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company’s digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role requires you to be on site for the first 3 months full time, there is a hybrid arrangement More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role is based on site for the first 3 months followed by a hybrid working arrangement. Key Responsibilities Develop More ❯

and maintaining support contracts to ensure system health and compliance. Cybersecurity and risk management: The role will involve supporting the adoption and management of cyber security frameworks, participating in incident response and disaster recovery planning and testing, implementing controls to maintain cyber security accreditation, and protecting the firm from cyber threats through policies, audits, training, and threat assessment. … IT technical operations are underpinned by best practice, complete and up-to date-documentation, refined processes and defined procedures, underpinned by proactive monitoring and review. • To help manage an Incident Response Plan and form part of the Incident Response Team as threats or incidents occur. • To work with the Executive, Legal Operations and Business Services teams More ❯

Senior Incident Responder £71000 GBP Onsite WORKING Location: Birmingham, West Midlands - United Kingdom Type: Permanent Senior Incident Responder - SOC Analyst (L3) Birmingham or Glasgow | Up to £71,000 + Bonus + Benefits | Hybrid | SC Clearance Required or Eligible Our client - a global technology and services firm - is expanding its Managed Security Operations Centre and seeking a Senior Incident … the sharp end of cybersecurity operations, working on major incidents across enterprise environments, guiding L1/L2 analysts, and collaborating with client stakeholders to deliver best-in-class detection, response, and remediation. The Role You'll take ownership of escalated incidents, conduct detailed investigations, and ensure effective containment and eradication of threats. You'll act as the escalation point … within the SOC, providing technical expertise, mentoring junior analysts, and driving continuous improvement of incident response processes. Key Responsibilities: Lead complex investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBM QRadar , Splunk, and Microsoft More ❯

Senior Incident Responder – SOC Analyst (L3) Birmingham or Glasgow | Up to £71,000 + Bonus + Benefits | Hybrid | SC Clearance Required or Eligible Our client – a global technology and services firm – is expanding its Managed Security Operations Centre and seeking a Senior Incident Responder (L3 SOC Analyst) to take the lead on complex security incidents, investigations, and threat … the sharp end of cybersecurity operations, working on major incidents across enterprise environments, guiding L1/L2 analysts, and collaborating with client stakeholders to deliver best-in-class detection, response, and remediation. The Role You’ll take ownership of escalated incidents, conduct detailed investigations, and ensure effective containment and eradication of threats. You’ll act as the escalation point … within the SOC, providing technical expertise, mentoring junior analysts, and driving continuous improvement of incident response processes. Key Responsibilities: Lead complex investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools Develop and refine SOC use cases More ❯

e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with … segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Salary/Package Basic salary of between £50k-£55k 4% Pension More ❯

e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with … segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Benefits: 4% Pension Life Insurance 3 x salary 25 days annual More ❯

e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with … segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Benefits: 4% Pension Life Insurance 3 x salary 25 days annual More ❯

Training platforms. Collaborate with IT, architecture, and project teams to improve security posture and integrate security into business processes. Respond to and investigate security incidents, participate in troubleshooting and incident response activities. Provide oversight and support for Security Operations Center (SOC) activities. Develop and enforce security policies, standards, and procedures. Educate and mentor staff on security best practices … minimum of 10 years experience in IT. Hands-on experience with vulnerability management, patch management, and security platforms. Experience developing and auditing governance, risk, and compliance controls. Experience in incident response and security project delivery. Experience managing or participating in security-related projects is a plus. Excellent IT skills, including networking, operating systems (Windows, Linux), and security tools. … Understanding of Email Security platforms (e.g., Darktrace) and Security Awareness & Training platforms. Knowledge of security frameworks (ISO 27001, NIST, GDPR, etc.). Familiarity with SIEM, security system administration, and incident response. Understanding of SOC operations and monitoring. No formal qualifications required, although a security or IT-related certification (e.g., CompTIA Security+, CISSP, CISM) are desirable. About us... Since our More ❯

global initiatives to be successfully deployed in region Implement and maintain security policies, protocols and measures across all platforms and locations, driving alignment with our global operating model Lead incident response efforts and manage the investigation of security breaches Collaborate with other Technology departments to ensure compliance with security standards, necessary security monitoring is in place and risks … Minimum basic requirements Ten or more years in cybersecurity roles in mid to large organisations, recently at or near executive level Strong understanding of cybersecurity frameworks, risk management and incident response protocols Proven leadership capabilities including building diverse teams Outstanding written and verbal communication skills with ability to present to a C-level audience Commercial acumen with an More ❯

support cyber-recovery solutions across large-scale PowerScale platforms Lead data integration and migration initiatives, ensuring seamless synchronisation across enterprise systems Conduct risk assessments , develop recovery strategies, and coordinate incident-response testing Collaborate with internal and client teams to drive best practice in data security, recovery, and optimisation Troubleshoot complex issues and provide technical documentation, knowledge sharing, and … training 🧠 Skills & Experience Proven experience with PowerScale/Isilon and enterprise-grade storage technologies Strong understanding of cyber-security frameworks , incident response, and data-recovery methodologies Hands-on experience with data migration, scripting (PowerShell, Python) , and automation tools Excellent communication and problem-solving skills Certifications such as EMC Proven Professional, CISSP, CISM are a plus More ❯

term basis. The primary mandate is to conduct a rapid, high-impact review and uplift of critical security governance functions, focusing specifically on asset management, third-party assurance, and incident preparedness. Key Responsibilities and Deliverables: The successful candidate will be a hands-on leader responsible for the following key reviews: 1. Group Information Asset Register (IAR) Review Audit and … diligence and ongoing monitoring. Define a tiered, risk-based methodology for assurance reviews, ensuring the rigor of the review matches the vendor's inherent risk to the organization. 3. Incident Response and Recovery Plan (IRRP) Validation Critically Review the current IRRP for clarity, compliance, and integration with broader Business Continuity (BC) plans. Coordinate and Lead scenario-based tabletop … Security, with significant time in a senior leadership or CISO/Interim CISO role. Demonstrable expertise in Information Asset Management, Third-Party Risk Management (TPRM), and leading high-stakes Incident Response efforts. Deep practical knowledge of GRC frameworks (e.g., NIST CSF, ISO 27001). Exceptional ability to communicate complex risks and solutions clearly to executive and board-level More ❯

and maintain the organisation’s security posture. About the Role: The successful candidate will assess risks, review supplier and project security documentation, respond to security questionnaires and tenders, support incident investigations, and help ensure compliance with relevant standards, including Cyber Essentials Plus, ISO 27001, DSPT, GDPR, and NCSC guidelines. This is a hands-on delivery role requiring someone who … validate security configurations for key platforms (endpoint protection, DLP, Microsoft 365 stack). Support technical teams with vulnerability and patch management, assessing impacts of critical vulnerabilities. Participate in post-incident reviews and provide input to technical design and change discussions. Supplier and Third-Party Security Assurance Conduct third-party risk assessments and evaluate supplier responses against security requirements. Identify … teams on security clauses and data protection in contracts. Advisory and Awareness Provide practical advice on information security and data protection. Promote good security practices across the organisation. Support incident briefings and reporting to senior stakeholders. Required Skills and Experience: 5+ years in Information Security roles, combining technical and GRC activities. Strong understanding of cloud and network security (Microsoft More ❯

on expertise across critical systems. Information Security Manager: Duties Experience of business acquisitions - Highly desirable Develop/Maintain enterprise InfoSec strategy aligned business goals Oversee security architecture, vulnerability management, incident response and threat intelligence Lead security risk assessments and manage remediation plans for gaps Financial regulation compliance - GDRP, PCI DSS, SOX, FCA Establish security policies, standards & procedures Repost More ❯

aligned with ISO 27001, NIST, and CIS frameworks. Produce detailed documentation for configurations, processes, and troubleshooting. Collaborate with global cloud, security, and infrastructure teams for consistent, secure operations. Support incident response, root cause analysis, and ongoing improvements. Required Skills & Experience: Extensive experience executing network refresh projects. Strong expertise with Cisco, Palo Alto, HAProxy, and Azure networking. Solid understanding More ❯

Azure, or GCP networking services; understanding of hybrid/multi-cloud; automation tools (Terraform, Ansible, Python). Monitoring & Management: Network management systems (SolarWinds, Cisco DNA Center); performance monitoring, logging, incident response. Experience Requirements: 7 10+ years in network engineering, with 3 5 years in architecture/design roles. Proven experience in large-scale or complex enterprise environments. Architectural artefact More ❯

Code (IaC): Familiarity with IaC tools and best practices. Security: Understanding of cloud security best practices. Competency with Identity and Access Management (IAM) . Strong troubleshooting and debugging skills (incident response desirable). Experience working in Agile environments . Attention to detail when capturing test evidence or specifying tests. Ability to write technical documentation. Willingness to mentor junior More ❯

Code (IaC): Familiarity with IaC tools and best practices. Security: Understanding of cloud security best practices. Competency with Identity and Access Management (IAM) . Strong troubleshooting and debugging skills (incident response desirable). Experience working in Agile environments . Attention to detail when capturing test evidence or specifying tests. Ability to write technical documentation. Willingness to mentor junior More ❯

in offensive cybersecurity (red teaming, use of tools like Metasploit, Nmap, etc.). Experience with physical security assessments aligned with NIS and NPSA standards. Expertise in Digital Forensics and Incident Response (DFIR) in industrial environments (e.g., VxWorks, RTOS, Embedded Linux, WinCC, PCS 7). Benefits: 28 days holiday plus bank holidays Flexible working, predominantly office based. Flexible Pension More ❯

best practices. Ability to design and implement complex infrastructure. Security: Knowledge of cloud security best practices. Familiarity with Identity and Access Management (IAM) . Troubleshooting and debugging skills, including incident response. Experience working in Agile environments . Ability to write technical documentation. Configuration control using Git . Experience with Terraform . Desirable Skills Containers and orchestration: Understanding of Docker More ❯

proxy, CrowdStrike-equivalent tools Data management : Supporting data labelling & retention projects using Purview or similar Governance support : Involved in data loss prevention, labelling, and stakeholder engagement (including DPO) Practical incident response input : Advising IT on immediate steps during incidents, converting theory into quick, actionable responses Ongoing InfoSec operations : Metrics, monitoring, and security projects across applications and users Tech … tools you’ll use: Microsoft Purview – Data governance and policy enforcement Microsoft Defender – Endpoint & email protection CrowdStrike/equivalents – Endpoint detection & response Web proxy & email security tools Azure (beneficial) – IAM, monitoring, and security logging Why this role? Be central to shaping data governance and security operations in a dynamic SME environment Hands-on exposure to a wide range of More ❯