1 to 25 of 295 Remote Incident Response Jobs

Senior Analyst, (Delivery Lead), Incident Response London We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the Incident Response Team. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some … Working in Cyber at S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we'd like to hear from you. Our Incident Response Delivery Leads are a critical part of our Cyber Security division's success. As a Delivery Lead on our team, you will deploy your incident response More ❯

Incident Response Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an Incident Response Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

We have a new and exciting role available within our Cyber Security division in the U.K for an Incident Response Engagement Lead. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some of their toughest information security challenges. We've been able to … us. Working in Cyberat S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … If that sounds like your kind of team, we'd like to hear from you. The role We are looking for a German speaking consultant to join our Cyber Incident Response team as an Engagement Lead. A successful cyber response only happens when a group of technical experts works seamlessly with a team leader who can get More ❯

re now seeking a Consultant to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, Incident Response, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . You will be expected to … be a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London office at least three days a week (hybrid) with … on-call rotations that may include weekends/evenings. Experience in digital forensics and incident response is essential. Responsibilities Provide forensic/incident response consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation teams across regions. Deliver high-quality, timely, and efficient results to clients. Ensure work is defensible and meets evidential More ❯

We are looking for a seasoned, detail-oriented Security Incident Manager to join our security team. The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents. This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory … requirements.The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution. This individual will drive teams to ensure timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions. Your Impact Incident Response Leadership Lead … all phases of incident response, including detection, analysis, containment, eradication, recovery and communication. Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams. Ensure adherence to the organization's incident response framework and regulatory requirements. 2. Strategic Communication Serve as the main point of contact for incident updates to More ❯

Join Maersk's groundbreaking Cyber Team: Redefining Incident Management & Response Imagine a career where you're not just responding to security incidents-you're revolutionising how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯

how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on cutting-edge research and designed to drive change, resilience, and … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. Key responsibilities Cyber Incident Response and event management Contributing to the response efforts for security incidents, managing triage, containment, documentation, and the reporting process. Contribute to the Cyber Incident Response process from a technical perspective and provide effective management of all cyber incidents. Supporting the Incident Manager in driving post-incident reviews Collaborate with global stakeholders in technical conversations, to align response efforts and communicate effectively across technical audiences during incidents. Leverage Incident Analysis context to help identify gaps and improve detection and response More ❯

We are looking for aEngineering Manager, Security Operations to lead and scale security operations across Vercel's platform and enterprise security functions. This role will focus on operational resilience, incident response readiness, and fostering alignment across security and engineering teams. You will oversee threat detection, response processes, and security best practices, while guiding Security Operations Engineers to … For location-specific details, please connect with our recruiting team. What You Will Do: Lead and manage Security Operations for platform and enterprise security functions, ensuring effective detection and response capabilities. Develop and refine incident response protocols and threat detection processes, ensuring rapid and effective mitigation of security incidents. Own internal attack surface management, including SaaS security … and reduce operational overhead. Support compliance initiatives (PCI, SOC2, ISO) by ensuring audit readiness and security visibility across critical systems. About You: Extensive experience leading security operations functions, including incident response, threat detection, and security monitoring at scale. Strong technical expertise in SIEM, logging infrastructure, and cloud security (AWS, Kubernetes, serverless architectures). Proven leadership in mentoring and More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

play a pivotal role in strengthening the security of our infrastructure, applications, and services. As a Security Engineer, you will apply your technical expertise across engineering, application security, and incident response to help scale and mature our security posture. This is a hands-on role that requires a collaborative mindset, strong problem-solving skills, and the ability to … applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE, PASTA, MITRE ATT&CK, and DREAD. Build and refine detection and response capabilities using logs, alerts, and behavioral signals. Lead or support incident response activities, including log analysis, querying, forensic investigation, threat mitigation, and root cause analysis. Conduct internal … Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to application security, vulnerability remediation, detection coverage, and incident response effectiveness. Support compliance initiatives (e.g., SOC 2), contribute to control implementation, and assist with security documentation. Contribute to internal security education and awareness by developing training materials More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response. How will you make an impact? Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards, and risk management processes. Audit Preparation … audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute to analyzing cybersecurity … Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. Commitment to continuous learning and professional development in audit, compliance, and security. You will have an More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information risks for policing. It supports … the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security incidents within the NMC, along … with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident Response Planning, Cyber Incident More ❯

to hear from you. This is more than just a security role, it's a chance to: Contribute to the design and implementation of security controls, tools, monitoring, and incident response processes. Work with modern cloud technologies, especially Microsoft Azure, to secure scalable microservices and infrastructure. Help shape and implement security best practices, threat detection, and incident response strategies. What you'll be doing Designing and implementing security controls & tooling across our hybrid-based infrastructure, with a focus on Microsoft Azure. Monitoring and responding to threats using tools like SIEM and XDR, ensuring rapid detection and resolution of security incidents. Collaborating in an Agile environment with multiple teams to embed security best practices throughout the … business. Conducting regular vulnerability assessments, supporting patch management, and improving our overall security posture. Creating and maintaining clear, concise documentation for security processes, configurations, and incident response procedures. Participating in the Information Security on-call rota. What you'll bring: 2+ years of hands-on cybersecurity experience, with a focus on cloud environments such as Microsoft Azure. A More ❯

Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world’s most prestigious law firms is seeking a Senior Incident Response & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a key role in the operation and … enhancement of a 24/7 SOC , handling incident response and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement … Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal More ❯

and lead the global cyber security strategy. This is a high-impact, senior leadership role ideal for someone who combines strategic oversight with hands-on expertise across security operations, incident response, and governance. As the business continues to modernise its technology infrastructure, this role will be central to protecting digital assets and ensuring compliance with global security and … privacy standards. What You’ll Be Doing: Define and implement the cyber security strategy, policies, and controls across a multi-regional environment. Lead global security operations, including threat detection, incident response, and risk mitigation. Manage compliance with standards such as ISO27001, NIST, Cyber Essentials+, and GDPR. Build and develop a high-performing cyber team spanning multiple international offices. … Collaborate with senior leadership, risk committees, and external vendors to ensure alignment on cyber risk and mitigation. Own the incident response function, including planning, testing, and leading responses when required. Drive security awareness across the organisation with a measurable, well-governed training programme. What We’re Looking For: Minimum 5 years’ experience in a senior cyber security role More ❯

Location: United Kingdom 100% Remote? Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incident response Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What … You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security … MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to More ❯

seeking individuals eager to drive SRE maturity through the research and development of internal tooling, operational enhancements, and deployment pipelines. Ivanti SRE takes a holistic view of operational procedures, incident response procedures, application and infrastructure monitoring, and process automation. Ivanti SRE is a blend of infrastructure, networking, automation, development, and application administration. This is a hands-on technical … position. The ideal candidate will have a software engineering background and strong experience with continuous deployment, SaaS delivery, and production incident response. This role requires that applicants reside in Scotland and be authorized to work in the United Kingdom. About The Team Ivanti Engineering is a driving force behind transforming market challenges into innovative ideas and successful solutions that … environments in AWS and Azure Working with geographically dispersed, cross-departmental teams to solve difficult problems Participate in on-call rotations for 24x7 coverage (follow-the-sun model) for incident response, issue triage, and problem resolution To Be Successful in The Role, You Will Have A BSc in Computer Science, a related field, or equivalent practical experience 3+ More ❯

security tools such as CSPM and CNAPP. In addition, you'll write scripts and build automation tools to streamline security activities, work cross-functionally to ensure effective monitoring and incident response, and collaborate closely with product teams to provide guidance and encourage adoption of security best practices. You'll also take part in an on-call rotation to … support timely and effective incident response when needed. What we're looking for Cloud engineering experience with security tooling and cloud workload protection Skilled in DevOps, AWS, Infrastructure as Code (Terraform), and scripting (Python, Bash) Knowledge of secure engineering standards (OWASP, CIS, NIST) and Agile/DevOps practices Experienced with CSPM, CNAPP, security incident response, and More ❯

ServiceNow Technical Consultant - SecOps (SIR/VR) UK-Based Remote with Occasional Onsite Security Clearance Eligible Wrangu is seeking a Senior ServiceNow Technical Consultant with deep expertise in Security Incident Response (SIR) and/or Vulnerability Response (VR) to join our growing consultancy team. This role supports a UK-project, making UK residency and eligibility for UK … consulting, ideally in a client-facing services environment Hands-on configuration and scripting skills (e.g. JavaScript, Business Rules, UI Policies) Deep subject matter knowledge in SecOps, particularly in: Security Incident Response Vulnerability Response Strong communication skills, capable of engaging both technical and non-technical stakeholders Understanding of agile project delivery and client lifecycle management Ability to manage More ❯

setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit … preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Incident Response & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and More ❯

engaged in risk management, including evaluating vendor risk, examining vendor contracts, understanding third-party risk, and data privacy issues. This individual serves as an expert on cybersecurity protection, detection, response, and recovery, coordinating penetration testing and managing cybersecurity analysts to detect, mitigate, and analyze threats. Works closely with other teams to develop controls such as firewalls, data leakage prevention … activities to meet regulatory requirements. Evaluate and implement cybersecurity solutions to maintain confidentiality, integrity, and availability. Participate in proofs-of-concept for new security technologies. Develop and test security incident response plans, acting as incident response leader. Develop security, risk, and compliance reports and alerts. Review policies and procedures annually for security compliance. Develop, test, and More ❯

natural focus sits in protecting an organization's technology infrastructure and data from cyber-attacks. Provide support and expertise during cyber incidents and contribute to the development of cyber incident management and response plans Prepare detailed technical documentation to support with the improvement of a customer’s security estate, acting as a go-to for general advice and … spent Progression Plan - training & mentor programme. Experience 2+ years in Pre-Sales or similar role within an MSP/Reseller organisation. Previous experience being part of or working with incident response teams would be beneficial Good understanding of incident response stages and handling preferred o Knowledge and/or experience using endpoint detection and threat management More ❯

Job Summary: The Security Operations Lead is responsible for our security monitoring and incident response capabilities within the Square Enix Cyber Security team (covering Europe and North America). The primary goals of the role are the timely detection of security incidents, effective response and the continuous improvement of our preventative and detective controls. This role will … across Square Enix. Day to day you will be performing in-depth analysis and investigation of security alerts, game/brand related security events as well as leading the response to incidents. You will be responsible for maintaining and optimising our security operations tools and processes. Additionally you will be testing the effectiveness of our preventative and detective controls … platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with key More ❯