1 to 25 of 388 Remote Incident Response Jobs

Senior Analyst, (Delivery Lead), Incident Response London We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the Incident Response Team. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some … Working in Cyber at S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we'd like to hear from you. Our Incident Response Delivery Leads are a critical part of our Cyber Security division's success. As a Delivery Lead on our team, you will deploy your incident response More ❯

Incident Response Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an Incident Response Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯

We have a new and exciting role available within our Cyber Security division in the U.K for an Incident Response Engagement Lead. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some of their toughest information security challenges. We've been able to … us. Working in Cyberat S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … If that sounds like your kind of team, we'd like to hear from you. The role We are looking for a German speaking consultant to join our Cyber Incident Response team as an Engagement Lead. A successful cyber response only happens when a group of technical experts works seamlessly with a team leader who can get More ❯

re now seeking a Consultant to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, Incident Response, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . You will be expected to … be a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London office at least three days a week (hybrid) with … on-call rotations that may include weekends/evenings. Experience in digital forensics and incident response is essential. Responsibilities Provide forensic/incident response consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation teams across regions. Deliver high-quality, timely, and efficient results to clients. Ensure work is defensible and meets evidential More ❯

Join Maersk's groundbreaking Cyber Team: Redefining Incident Management & Response Imagine a career where you're not just responding to security incidents-you're revolutionising how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯

with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incident response playbooks, reviewing existing policy sets, documenting key BAU and incident response processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incident response playbooks Policy reviews Incident response If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯

with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incident response playbooks, reviewing existing policy sets, documenting key BAU and incident response processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incident response playbooks Policy reviews Incident response If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯

Incident Response Analyst Location: Huntsville, AL Work Type: Onsite Remote Work: No Job Description Collect, analyze, and present digital evidence in support of computer investigations. Apply basic principles, theories, and concepts and limited industry knowledge. Solve routine problems of limited scope and complexity and refer more complex issues to higher levels. Work under direct supervision. Qualifications 8+ years … imaging, remote collection, and forensic analysis Experience with malware analysis, including static, dynamic, and reverse engineering Experience performing root cause analysis and following through with all phases of the incident response lifecycle Top Secret clearance Bachelor's degree Additional Qualifications Experience acquiring memory from the host and performing memory analysis with tools, including Volatility Experience with Endpoint Detection … and Response (EDR) tools, including CrowdStrike Falcon and FireEye HX Experience performing analysis of packet capture using tools, including Wireshark Experience with Python or PowerShell Experience performing Incident Response and Forensics in cloud computing environments Knowledge of Enterprise Network Architecture, including routing, switching, common protocols, including DHCP, DNS, or HTTP, and devices, including Firewalls, Proxies, or VPN More ❯

DFIR AnalystDigital Forensics & Incident Response/Threat Hunting/Cyber Analytics/Outside IR35/Fully Remote/£550–£600 pd/ASAP Start/6 Months SR2 has partnered with a cutting-edge Cybersecurity MSP delivering critical threat detection and incident response capabilities to a number of global financial clients.You’ll be part of a … dynamic DFIR team tasked with identifying, analysing, and responding to security incidents, proactively hunting for advanced threats, and contributing to the enhancement of threat detection strategies. Key Responsibilities Incident Response – Detect, document, and resolve security incidents efficiently Endpoint Forensics – Analyse host-based artifacts to reconstruct timelines and attacker activity Security Analytics – Extract meaningful insights from large datasets for More ❯

Location: Bradford (Hybrid) Salary: £70,000 (Depedning on Experince) Are you an experienced cybersecurity professional looking for your next challenge? We are currently seeking a Level 3 SOC and Incident Response Consultant to join an established and dynamic security operations team. This role involves supporting global clients in real-time threat monitoring, incident response, and security … enhancement. About the Role: As an SOC and Incident Response L3 Consultant, you'll be a critical part of the cyber defence team, working closely with offshore colleagues to monitor, analyse, and respond to security alerts and incidents. You'll take ownership of investigations, coordinate responses, and help refine security operations through automation and continuous improvement. Key Responsibilities … Lead detailed investigations into security alerts and incidents, identifying root causes and impacts. Support MDR analysts and contribute to SIEM administration, including use-case development and log integration. Implement response actions to contain threats and restore secure system states. Stay ahead of emerging threats and evolving attack vectors. Collaborate with clients, internal teams, and vendors during incident handling. More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

play a pivotal role in strengthening the security of our infrastructure, applications, and services. As a Security Engineer, you will apply your technical expertise across engineering, application security, and incident response to help scale and mature our security posture. This is a hands-on role that requires a collaborative mindset, strong problem-solving skills, and the ability to … applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE, PASTA, MITRE ATT&CK, and DREAD. Build and refine detection and response capabilities using logs, alerts, and behavioral signals. Lead or support incident response activities, including log analysis, querying, forensic investigation, threat mitigation, and root cause analysis. Conduct internal … Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to application security, vulnerability remediation, detection coverage, and incident response effectiveness. Support compliance initiatives (e.g., SOC 2), contribute to control implementation, and assist with security documentation. Contribute to internal security education and awareness by developing training materials More ❯

get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100/+44 204 520 2575 with the subject line: “Application Support Request”. Role: Cyber Incident Response Consultant Job Type: Permanent Location: Bradford , Hybrid (3 days On-site) Are you looking to leverage your skills in threat detection, response, and coordination? We have … an exciting opportunity for you - Cyber Incident Response Consultant! Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands … and thought leadership. Gain access to endless learning opportunities. Lead a team and their technical growth. Lead projects and inspire both colleagues and stakeholders. The Role As a Cyber Incident Response Consultant, you will be working with the existing security team to support the customer with monitoring alerts and threats received. You will also be responsible for front More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response. How will you make an impact? Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards, and risk management processes. Audit Preparation … audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute to analyzing cybersecurity … Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. Commitment to continuous learning and professional development in audit, compliance, and security. You will have an More ❯

Are you passionate about incident reporting and making a real impact in the world of cybersecurity? Are you ready to be on the front line of security incidents? Detection and Response business unit is looking for a Security Specialist to join our DFIR team. You will be a part of our dynamic DFIR team, reporting directly to the … to major investigations. Your main duties will be handling security incidents, conducting forensic investigations and analyses, threat hunting, and performing various security specialist tasks. Additionally, you will manage security incident cases, develop processes and ways of working, and be part of our SOC Tier 3 team in a 24/7/365 on-call rotation, divided between office … Diversity is fundamental to our culture and we invite you to be part of this diversity. We are a match if you have solid security background and experience in incident response, forensics and working either with or in a security team for several years. You should be experienced professional in the field of digital forensics and incident More ❯

to hear from you. This is more than just a security role, it's a chance to: Contribute to the design and implementation of security controls, tools, monitoring, and incident response processes. Work with modern cloud technologies, especially Microsoft Azure, to secure scalable microservices and infrastructure. Help shape and implement security best practices, threat detection, and incident response strategies. What you'll be doing Designing and implementing security controls & tooling across our hybrid-based infrastructure, with a focus on Microsoft Azure. Monitoring and responding to threats using tools like SIEM and XDR, ensuring rapid detection and resolution of security incidents. Collaborating in an Agile environment with multiple teams to embed security best practices throughout the … business. Conducting regular vulnerability assessments, supporting patch management, and improving our overall security posture. Creating and maintaining clear, concise documentation for security processes, configurations, and incident response procedures. Participating in the Information Security on-call rota. What you'll bring: 2+ years of hands-on cybersecurity experience, with a focus on cloud environments such as Microsoft Azure. A More ❯

Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world's most prestigious law firms is seeking a Senior Incident Response & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a key role in the operation and … enhancement of a 24/7 SOC , handling incident response and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement … Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal More ❯

Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world’s most prestigious law firms is seeking a Senior Incident Response & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a key role in the operation and … enhancement of a 24/7 SOC , handling incident response and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement … Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal More ❯

and lead the global cyber security strategy. This is a high-impact, senior leadership role ideal for someone who combines strategic oversight with hands-on expertise across security operations, incident response, and governance. As the business continues to modernise its technology infrastructure, this role will be central to protecting digital assets and ensuring compliance with global security and … privacy standards. What You’ll Be Doing: Define and implement the cyber security strategy, policies, and controls across a multi-regional environment. Lead global security operations, including threat detection, incident response, and risk mitigation. Manage compliance with standards such as ISO27001, NIST, Cyber Essentials+, and GDPR. Build and develop a high-performing cyber team spanning multiple international offices. … Collaborate with senior leadership, risk committees, and external vendors to ensure alignment on cyber risk and mitigation. Own the incident response function, including planning, testing, and leading responses when required. Drive security awareness across the organisation with a measurable, well-governed training programme. What We’re Looking For: Minimum 5 years’ experience in a senior cyber security role More ❯

Location: United Kingdom 100% Remote? Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incident response Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What … You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security … MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to More ❯

seeking individuals eager to drive SRE maturity through the research and development of internal tooling, operational enhancements, and deployment pipelines. Ivanti SRE takes a holistic view of operational procedures, incident response procedures, application and infrastructure monitoring, and process automation. Ivanti SRE is a blend of infrastructure, networking, automation, development, and application administration. This is a hands-on technical … position. The ideal candidate will have a software engineering background and strong experience with continuous deployment, SaaS delivery, and production incident response. This role requires that applicants reside in Scotland and be authorized to work in the United Kingdom. About The Team Ivanti Engineering is a driving force behind transforming market challenges into innovative ideas and successful solutions that … environments in AWS and Azure Working with geographically dispersed, cross-departmental teams to solve difficult problems Participate in on-call rotations for 24x7 coverage (follow-the-sun model) for incident response, issue triage, and problem resolution To Be Successful in The Role, You Will Have A BSc in Computer Science, a related field, or equivalent practical experience 3+ More ❯

security tools such as CSPM and CNAPP. In addition, you'll write scripts and build automation tools to streamline security activities, work cross-functionally to ensure effective monitoring and incident response, and collaborate closely with product teams to provide guidance and encourage adoption of security best practices. You'll also take part in an on-call rotation to … support timely and effective incident response when needed. What we're looking for Cloud engineering experience with security tooling and cloud workload protection Skilled in DevOps, AWS, Infrastructure as Code (Terraform), and scripting (Python, Bash) Knowledge of secure engineering standards (OWASP, CIS, NIST) and Agile/DevOps practices Experienced with CSPM, CNAPP, security incident response, and More ❯

Us Join a mission-driven team supporting the U.S. Department of Health and Human Services (HHS), Administration for Children and Families (ACF), Office of Human Services Emergency Preparedness and Response (OHSEPR). We provide critical emergency management and repatriation support services to safeguard vulnerable populations during crises and disasters. Blue Rose Consulting Group, Inc. (Blue Rose) is seeking a … qualified Planning Manager to serve as a key personnel leader in support of emergency preparedness, planning, and incident response operations. This is a full-time, onsite position during steady-state operations and requires the ability to deploy during emergencies. Key Responsibilities Lead incident-related data gathering and analysis related to emergency operations and resources. Facilitate planning meetings … and develop Incident Action Plans (IAPs) for operational periods. Coordinate and synchronize planning across jurisdictions and stakeholders. Develop long-term and transition plans for incidents based on complexity. Contribute to the development and delivery of steady-state and incident-specific planning tools, job aids, and SOPs. Serve as a subject matter expert for planning during emergency repatriation operations. More ❯

setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit … preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Incident Response & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and More ❯