Senior Analyst, (Delivery Lead), IncidentResponse London We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the IncidentResponse Team. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some … Working in Cyber at S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , IncidentResponse and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we'd like to hear from you. Our IncidentResponse Delivery Leads are a critical part of our Cyber Security division's success. As a Delivery Lead on our team, you will deploy your incidentresponseMore ❯
Leeds, West Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
OpenSourced Ltd
IncidentResponse Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an IncidentResponse Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding IncidentResponse team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live IncidentResponse operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯
We have a new and exciting role available within our Cyber Security division in the U.K for an IncidentResponse Engagement Lead. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some of their toughest information security challenges. We've been able to … us. Working in Cyberat S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , IncidentResponse and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … If that sounds like your kind of team, we'd like to hear from you. The role We are looking for a German speaking consultant to join our Cyber IncidentResponse team as an Engagement Lead. A successful cyber response only happens when a group of technical experts works seamlessly with a team leader who can get More ❯
re now seeking a Consultant to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, IncidentResponse, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . You will be expected to … be a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London office at least three days a week (hybrid) with … on-call rotations that may include weekends/evenings. Experience in digital forensics and incidentresponse is essential. Responsibilities Provide forensic/incidentresponse consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation teams across regions. Deliver high-quality, timely, and efficient results to clients. Ensure work is defensible and meets evidential More ❯
Maidenhead, Berkshire, United Kingdom Hybrid / WFH Options
Damco Spain SL
Join Maersk's groundbreaking Cyber Team: Redefining Incident Management & Response Imagine a career where you're not just responding to security incidents-you're revolutionising how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: IncidentResponse and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯
with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incidentresponse playbooks, reviewing existing policy sets, documenting key BAU and incidentresponse processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incidentresponse playbooks Policy reviews Incidentresponse If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Maxwell Bond
with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incidentresponse playbooks, reviewing existing policy sets, documenting key BAU and incidentresponse processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incidentresponse playbooks Policy reviews Incidentresponse If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯
Huntsville, Alabama, United States Hybrid / WFH Options
Gridiron IT Solutions
IncidentResponse Analyst Location: Huntsville, AL Work Type: Onsite Remote Work: No Job Description Collect, analyze, and present digital evidence in support of computer investigations. Apply basic principles, theories, and concepts and limited industry knowledge. Solve routine problems of limited scope and complexity and refer more complex issues to higher levels. Work under direct supervision. Qualifications 8+ years … imaging, remote collection, and forensic analysis Experience with malware analysis, including static, dynamic, and reverse engineering Experience performing root cause analysis and following through with all phases of the incidentresponse lifecycle Top Secret clearance Bachelor's degree Additional Qualifications Experience acquiring memory from the host and performing memory analysis with tools, including Volatility Experience with Endpoint Detection … and Response (EDR) tools, including CrowdStrike Falcon and FireEye HX Experience performing analysis of packet capture using tools, including Wireshark Experience with Python or PowerShell Experience performing IncidentResponse and Forensics in cloud computing environments Knowledge of Enterprise Network Architecture, including routing, switching, common protocols, including DHCP, DNS, or HTTP, and devices, including Firewalls, Proxies, or VPN More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
SR2
DFIR AnalystDigital Forensics & IncidentResponse/Threat Hunting/Cyber Analytics/Outside IR35/Fully Remote/£550–£600 pd/ASAP Start/6 Months SR2 has partnered with a cutting-edge Cybersecurity MSP delivering critical threat detection and incidentresponse capabilities to a number of global financial clients.You’ll be part of a … dynamic DFIR team tasked with identifying, analysing, and responding to security incidents, proactively hunting for advanced threats, and contributing to the enhancement of threat detection strategies. Key Responsibilities IncidentResponse – Detect, document, and resolve security incidents efficiently Endpoint Forensics – Analyse host-based artifacts to reconstruct timelines and attacker activity Security Analytics – Extract meaningful insights from large datasets for More ❯
Bradford, West Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
In Technology Group Limited
Location: Bradford (Hybrid) Salary: £70,000 (Depedning on Experince) Are you an experienced cybersecurity professional looking for your next challenge? We are currently seeking a Level 3 SOC and IncidentResponse Consultant to join an established and dynamic security operations team. This role involves supporting global clients in real-time threat monitoring, incidentresponse, and security … enhancement. About the Role: As an SOC and IncidentResponse L3 Consultant, you'll be a critical part of the cyber defence team, working closely with offshore colleagues to monitor, analyse, and respond to security alerts and incidents. You'll take ownership of investigations, coordinate responses, and help refine security operations through automation and continuous improvement. Key Responsibilities … Lead detailed investigations into security alerts and incidents, identifying root causes and impacts. Support MDR analysts and contribute to SIEM administration, including use-case development and log integration. Implement response actions to contain threats and restore secure system states. Stay ahead of emerging threats and evolving attack vectors. Collaborate with clients, internal teams, and vendors during incident handling. More ❯
Loughton, Essex, South East, United Kingdom Hybrid / WFH Options
Profile 29
will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. IncidentResponse: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯
play a pivotal role in strengthening the security of our infrastructure, applications, and services. As a Security Engineer, you will apply your technical expertise across engineering, application security, and incidentresponse to help scale and mature our security posture. This is a hands-on role that requires a collaborative mindset, strong problem-solving skills, and the ability to … applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE, PASTA, MITRE ATT&CK, and DREAD. Build and refine detection and response capabilities using logs, alerts, and behavioral signals. Lead or support incidentresponse activities, including log analysis, querying, forensic investigation, threat mitigation, and root cause analysis. Conduct internal … Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to application security, vulnerability remediation, detection coverage, and incidentresponse effectiveness. Support compliance initiatives (e.g., SOC 2), contribute to control implementation, and assist with security documentation. Contribute to internal security education and awareness by developing training materials More ❯
Bradford, England, United Kingdom Hybrid / WFH Options
Tata Consultancy Services
get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100/+44 204 520 2575 with the subject line: “Application Support Request”. Role: Cyber IncidentResponse Consultant Job Type: Permanent Location: Bradford , Hybrid (3 days On-site) Are you looking to leverage your skills in threat detection, response, and coordination? We have … an exciting opportunity for you - Cyber IncidentResponse Consultant! Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands … and thought leadership. Gain access to endless learning opportunities. Lead a team and their technical growth. Lead projects and inspire both colleagues and stakeholders. The Role As a Cyber IncidentResponse Consultant, you will be working with the existing security team to support the customer with monitoring alerts and threats received. You will also be responsible for front More ❯
Loughton, Essex, England, United Kingdom Hybrid / WFH Options
Profile 29
will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. IncidentResponse: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯
Southampton, Hampshire, United Kingdom Hybrid / WFH Options
NICE
ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response. How will you make an impact? Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards, and risk management processes. Audit Preparation … audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. IncidentResponse Support: Participate in incidentresponse efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute to analyzing cybersecurity … Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incidentresponse frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. Commitment to continuous learning and professional development in audit, compliance, and security. You will have an More ❯
Are you passionate about incident reporting and making a real impact in the world of cybersecurity? Are you ready to be on the front line of security incidents? Detection and Response business unit is looking for a Security Specialist to join our DFIR team. You will be a part of our dynamic DFIR team, reporting directly to the … to major investigations. Your main duties will be handling security incidents, conducting forensic investigations and analyses, threat hunting, and performing various security specialist tasks. Additionally, you will manage security incident cases, develop processes and ways of working, and be part of our SOC Tier 3 team in a 24/7/365 on-call rotation, divided between office … Diversity is fundamental to our culture and we invite you to be part of this diversity. We are a match if you have solid security background and experience in incidentresponse, forensics and working either with or in a security team for several years. You should be experienced professional in the field of digital forensics and incidentMore ❯
Cheadle, Staffordshire, United Kingdom Hybrid / WFH Options
Pets at Home
to hear from you. This is more than just a security role, it's a chance to: Contribute to the design and implementation of security controls, tools, monitoring, and incidentresponse processes. Work with modern cloud technologies, especially Microsoft Azure, to secure scalable microservices and infrastructure. Help shape and implement security best practices, threat detection, and incidentresponse strategies. What you'll be doing Designing and implementing security controls & tooling across our hybrid-based infrastructure, with a focus on Microsoft Azure. Monitoring and responding to threats using tools like SIEM and XDR, ensuring rapid detection and resolution of security incidents. Collaborating in an Agile environment with multiple teams to embed security best practices throughout the … business. Conducting regular vulnerability assessments, supporting patch management, and improving our overall security posture. Creating and maintaining clear, concise documentation for security processes, configurations, and incidentresponse procedures. Participating in the Information Security on-call rota. What you'll bring: 2+ years of hands-on cybersecurity experience, with a focus on cloud environments such as Microsoft Azure. A More ❯
Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world's most prestigious law firms is seeking a Senior IncidentResponse & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a key role in the operation and … enhancement of a 24/7 SOC , handling incidentresponse and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incidentresponse (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement … Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Precise Placements
Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world’s most prestigious law firms is seeking a Senior IncidentResponse & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a key role in the operation and … enhancement of a 24/7 SOC , handling incidentresponse and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incidentresponse (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement … Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Precise Placements
and lead the global cyber security strategy. This is a high-impact, senior leadership role ideal for someone who combines strategic oversight with hands-on expertise across security operations, incidentresponse, and governance. As the business continues to modernise its technology infrastructure, this role will be central to protecting digital assets and ensuring compliance with global security and … privacy standards. What You’ll Be Doing: Define and implement the cyber security strategy, policies, and controls across a multi-regional environment. Lead global security operations, including threat detection, incidentresponse, and risk mitigation. Manage compliance with standards such as ISO27001, NIST, Cyber Essentials+, and GDPR. Build and develop a high-performing cyber team spanning multiple international offices. … Collaborate with senior leadership, risk committees, and external vendors to ensure alignment on cyber risk and mitigation. Own the incidentresponse function, including planning, testing, and leading responses when required. Drive security awareness across the organisation with a measurable, well-governed training programme. What We’re Looking For: Minimum 5 years’ experience in a senior cyber security role More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Randstad Technologies
Location: United Kingdom 100% Remote? Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incidentresponse Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What … You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incidentresponse lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security … MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incidentresponse & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to More ❯
Dundee, Angus, United Kingdom Hybrid / WFH Options
Ivanti
seeking individuals eager to drive SRE maturity through the research and development of internal tooling, operational enhancements, and deployment pipelines. Ivanti SRE takes a holistic view of operational procedures, incidentresponse procedures, application and infrastructure monitoring, and process automation. Ivanti SRE is a blend of infrastructure, networking, automation, development, and application administration. This is a hands-on technical … position. The ideal candidate will have a software engineering background and strong experience with continuous deployment, SaaS delivery, and production incident response. This role requires that applicants reside in Scotland and be authorized to work in the United Kingdom. About The Team Ivanti Engineering is a driving force behind transforming market challenges into innovative ideas and successful solutions that … environments in AWS and Azure Working with geographically dispersed, cross-departmental teams to solve difficult problems Participate in on-call rotations for 24x7 coverage (follow-the-sun model) for incidentresponse, issue triage, and problem resolution To Be Successful in The Role, You Will Have A BSc in Computer Science, a related field, or equivalent practical experience 3+ More ❯
security tools such as CSPM and CNAPP. In addition, you'll write scripts and build automation tools to streamline security activities, work cross-functionally to ensure effective monitoring and incidentresponse, and collaborate closely with product teams to provide guidance and encourage adoption of security best practices. You'll also take part in an on-call rotation to … support timely and effective incidentresponse when needed. What we're looking for Cloud engineering experience with security tooling and cloud workload protection Skilled in DevOps, AWS, Infrastructure as Code (Terraform), and scripting (Python, Bash) Knowledge of secure engineering standards (OWASP, CIS, NIST) and Agile/DevOps practices Experienced with CSPM, CNAPP, security incidentresponse, and More ❯
Washington, Washington DC, United States Hybrid / WFH Options
Blue Rose Consulting Group, Inc
Us Join a mission-driven team supporting the U.S. Department of Health and Human Services (HHS), Administration for Children and Families (ACF), Office of Human Services Emergency Preparedness and Response (OHSEPR). We provide critical emergency management and repatriation support services to safeguard vulnerable populations during crises and disasters. Blue Rose Consulting Group, Inc. (Blue Rose) is seeking a … qualified Planning Manager to serve as a key personnel leader in support of emergency preparedness, planning, and incidentresponse operations. This is a full-time, onsite position during steady-state operations and requires the ability to deploy during emergencies. Key Responsibilities Lead incident-related data gathering and analysis related to emergency operations and resources. Facilitate planning meetings … and develop Incident Action Plans (IAPs) for operational periods. Coordinate and synchronize planning across jurisdictions and stakeholders. Develop long-term and transition plans for incidents based on complexity. Contribute to the development and delivery of steady-state and incident-specific planning tools, job aids, and SOPs. Serve as a subject matter expert for planning during emergency repatriation operations. More ❯
setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit … preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements IncidentResponse & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incidentresponse and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and More ❯