1 to 25 of 103 Incident Response Jobs in London

The Role The Cyber Response & Recovery Senior Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. … a broad range of cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s incident response processes and methodologies. In this role we are looking for a person who can demonstrate strong technical background, significant experience in incident response and digital forensics and is looking to grow into an incident response leadership role as part of a growing team. You will be expected to lead a number of incident response case managers and practitioners, as well as have the opportunity to work more »

organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world. Your Role and Responsibilities As an Incident Response Consultant for the IBM Security X-Force Incident Response (X-Force IR) team, you will be responding to high profile … IBM stakeholders to provide integrated solutions to our clients’ most challenging problems. In this role you will have demonstrated skills in various elements of Incident Response, conducting computer intrusion investigations, and have a strong foundation in cyber security policy, operations and best practices, ideally in large enterprise environments. … CyberReason, Carbon Black, CrowdStrike and ReaQta as well as familiarity with forensic analysis tools such as X-Ways, EnCase Forensic or FTK and live response analysis. Furthermore, familiarity with Windows and Linux enterprise environments and systems such as Active Directory, Office 365, FWs, IPS/IDS, SIEMs, etc. is more »

Cyber Incident Response Lead, Information Security Working at our iconic office in Morley, Leeds, and virtually via Microsoft Teams Your new role at NewDay You are an integral part of how we keep NewDay safe by leading our response to cyber incidents. You will work with a … versatile team of engineers to understand adversary tactics, and techniques, develop our response approach and playbooks and roadmap for visibility of security events. You’ll deliver Leading and inspiring a team of security engineers to deliver innovative solutions, drive automation and continuously improve ways of working. An effective and … efficient response to security incidents and threat-related events by taking the lead on incidents, and collaborating with incident management, engineering and response teams. Leadership and direction to deliver our cyber incident response capability - playbooks, incident response testing programme, and operational practices. Incident more »

Information Security team, we work to protect the platforms that support investment solutions for over 20 million people.We are looking for proven Cyber Security Incident Response and Operations Manager to join our team.Reporting directly to the Head of Cyber Fusion Centre you will be responsible for manging security … Security Operations Team to protect FNZ against cyber threat.You will have demonstrable track record of building effective SOC teams and creating and leading cyber incident handling activities in a multinational organisation. You will have expertise in containing, responding and recovering from cyber incidents. You will be able to learn … quickly and adopt to dynamic and complex global organisation.Specific Role ResponsibilitiesLead and supervise a team to enable prompt detection, investigation, and response to security incidents. Ensure the appropriate escalation procedures are followed when necessary and coordinate incident resolution efforts effectively.Oversee the security operations day-to-day activities, ensuring more »

line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incident response processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. … Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this … position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incident response process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incident more »

Manager, you will be responsible for overseeing the day-to-day security operations, implementing security measures, and mitigating security risks. Your expertise in cybersecurity, incident response, and team leadership will be crucial in ensuring the protection of the organisation's assets, information, and systems.Key ResponsibilitiesSecurity Operations Leadership: Lead … and manage the security operations team, providing guidance, mentorship, and performance feedback to ensure the team's effectiveness and efficiency.Incident Response Management: Develop and implement incident response procedures to promptly identify, assess, and respond to security incidents. Lead the team in conducting thorough investigations and root cause … and remediate identified vulnerabilities.Security Policies and Procedures: Establish and maintain security policies, standards, and procedures in line with industry best practices and compliance requirements.Security Incident Reporting: Provide timely and accurate reports on security incidents, threat trends, and the effectiveness of security measures to senior management.Security Awareness Training: Collaborate with more »

Global Information Security Operations ManagerThis is a senior technical lead position that will focus on MLP’s security incident response and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment … activities across our log aggregation and SIEM platforms.Recommend, test, tune and implement SIEM and other tooling correlation rules.Identify false-positives from alerting, and perform incident response, triage, incident analysis and remediation tasks.Recommend and develop new SIEM use cases/rules with engineering teams.Maintain documentation for the SOC … function, including training program for new Security Operations personnel.Participate in Information Security Incident Response activities for the Firm’s environment.Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries.Perform threat and vulnerability management functions including vulnerability scans and/or analyze results more »

Senior Incident Response Analyst Hybrid – Twice a week in the office (Heathrow Airport) Up to £80,000 + up to 20% bonus + Benefits ------------------------------------------------------------------------------------- Are you ready to tackle cyber threats head-on in a dynamic and high-stakes environment? Joining as a Senior Incident Response … on exceptional customer service and operational excellence. ------------------------------------------------------------------------------------- Skills and experience Minimum of 5 years’ experience in endpoint security, malware analysis, threat hunting, penetration testing, incident response, reverse engineering, or digital forensics. Must have strong experience in the operational side. Comprehensive knowledge of AWS cloud infrastructure, including monitoring logs more »

Cyber Incident Manager with excellent stakeholder and team management skills as well as a technical mindset. This role will require you in the office at least twice a week and be on-call one in every four weeks. You will be required to go through SC clearance so need … to have been a UK resident for the past five years, unfortunately we will not be able to provide sponsorship. The Cyber Incident Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. … threat. Responsibilities Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on more »

is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incident response, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incident response procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incident response management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »

are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and Incident Response team, along with a number of incident response vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal Incident Response Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »

the automotive industry. They are looking for an experienced Security Operations Specialist to join them and assist them in developing and enhancing their Cyber Incident Response plan. This is a crucial role for the business as you will be implementing processes to ensure that the organization is prepared … to deal with any Cyber Security threats. Key Responsibilities Include: Developing Cyber Incident response plans and organizing Cyber Incident response exercises. Develop and implement Security Monitoring processes to detect and respond to cyber security incidents Working closely with engineering team to create robust vulnerability management processes. … The successful Candidate will have: Proven experience with Managed Detection and Response providers (MDR). Hands on experience with Endpoint Detection and Response tools such as SentinelOne or CrowdStrike. Strong communication skills Relevant certifications such as CISSP/CISM etc would be highly beneficial. This is an excellent more »

The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and Incident Response Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incident response playbooks and procedures. Lead incident response efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »

Be the Hero Behind the Walls Passionate about stopping cyber threats? Join our elite team and spearhead proactive security, wielding platform expertise and leading incident response like a champion. Main Responsibilities • Mastermind Incident Response: Dive into alerts, wield the MITRE ATT&CK framework, and lead the … the fabric of every project. Be the trusted advisor, guiding us towards a more secure future. About You • 3+ years of cyber security experience • Incident response methodologies (MITRE ATT&CK, D3FEND) • Microsoft 365 Security • DMARC, SPF, DKIM • Strong Scripting (e.g., PowerShell or Python) • Security automation frameworks • Security platform more »

Senior Incident Response Analyst – Cybersecurity - Up to £80k - Hybrid - up to 35% bonus - Excellent Benefits. My client one of the world’s most renowned aviation groups in the world is searching for a Senior Incident Response Analyst to join their team! Skills: Able to serve as … to all levels of hierarchy, including senior leadership. Experience: Minimum of 5 years of experience in endpoint security, malware analysis, threat hunting, penetration testing, incident response, reverse engineering, or digital forensics. Familiarity with AWS cloud infrastructure, with hands-on experience monitoring associated logs, including GuardDuty, CloudTrail, and VPC more »

I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated Incident Response Consultant. This role is varied, offering the incumbent an opportunity to conduct incident response and threat hunting engagements. Some of your responsibilities will be more »

vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves as an expert on cybersecurity protection, detection, response, and recovery. This individual is responsible for coordinating penetration testing and managing internal and external cybersecurity analysts to detect, mitigate, and analyze threats. Works … developing selection criteria to identify appropriate security solutions to support strategic, operational needs, and security requirements.Participate in the development and testing of the security incident response plan, act as the incident response leader. Develop security, risk, and compliance reports and alerts.Participate in the yearly review of … includes a minimum of 5-years experience in Information Security.Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirus\antimalware, IDS more »

This pivotal role will contribute to safeguarding the organization's digital assets and infrastructure from cybersecurity threats, ensuring a robust security posture and effective incident response. Starting ASAP, paying up to £90,000 per annum. Role Overview: As the SOC Manager, you will be responsible for providing strategic leadership … oversight to the Security Operations Center (SOC) team. Your role will involve managing both external and internal SOC personnel, overseeing security monitoring and analysis, incident response, threat intelligence, and vulnerability management activities. Key Responsibilities: Act as the subject matter expert on SOC matters for the organization. Manage the … ensure compliance with requirements. Set clear goals and objectives for the SOC team, providing guidance, support, and training as needed. Oversee detection, analysis, and response to security incidents and breaches, coordinating incident response efforts. Conduct post-incident reviews and implement corrective actions to prevent recurrence. Stay more »

Operations Team. This is a hands-on role that involves responding to cyber threats and incidents, performing digital forensics and investigations, and automating threat response playbooks. As a member of the team, you will have the opportunity to work on complex security challenges and work with engineers across the … of Klaviyo’s product, corporate, and cloud environments. What you’ll be doingTriage and respond to cyber threats, alerts and incidentsDrive end-to-end incident response investigationsPerform host and network based log analysis in a cloud first environmentDevelop and codify threat response processes and playbooksPerform digital forensic … investigations to include analysis, collection, and preservation of evidenceBuild security tools to automate threat response tasksDevelop detailed post incident and investigation reportsCollaborate with detection engineers to identify threat detection use cases Work with engineering stakeholders to improve security posture post investigationsWe’d love to hear from you if more »

the central point of contact during critical situations, including but not limited to technology, financial, security, privacy, and people, to ensure swift and effective response, addressing people safety issues, minimizing addressing service downtime, and restoring normal operations in alignment with predefined service level agreements (SLAs). The role requires … experts, support functions, and business units, to investigate, diagnose, resolve major incidents efficiently, and ensure regulatory requirements are considered. Root Cause Analysis: Facilitate post-incident reviews and root cause analysis (RCA) sessions to identify the underlying causes of crises and issues and implement preventive measures to avoid recurrence. Drive … continuous improvement through post-incident review reports. Documentation and reporting: Maintain accurate records of crises and major incidents, including incident details, actions taken, resolutions, and post-incident analysis findings, adhering to regulatory and compliance requirements. Monitor key performance indicators (KPIs) and metrics related to incident management more »

scope of pentests and manage the process with engineering. Once issues are identified SecOps work closely with operations and engineering teams to resolve them. Incident management. The team manage our security incident response activities, investigating alerts using tools such as Azure Sentinel. SecOps will coordinate the incident response with resolving teams and engage with key stakeholders for updates. As the team works office hours, engaging a managed SOC provider who cover 24/7 incident management. Beyond close daily collaboration with other security teams, SecOps engages with all teams across the business at every more »

Learn to prioritise events based on severity and impact to ensure timely responses. Develop Security Playbooks: Assist in the creation and maintenance of event response playbooks to standardize and streamline the handling of common security scenarios. Respond to Inquiries: Address business-related requests and inquiries concerning security events, providing … clear and concise information to stakeholders. Support Incident Response: Participate in incident response efforts as needed, applying playbooks, and contributing to after-action reviews to improve future responses. Collaborate on Projects: Work closely with experienced analysts and engineers on projects to enhance security measures and implement more »

the Technology sector, offering excellent career development opportunities. About the Role As a Cyber Security Engineer your primary responsibility will be Security Operations and Incident Response as well as Vulnerability Management and Threat Intelligence. In addition, you will work closely with the Cyber Security Manager and Security Architect … to independently resolve complex issues. Key Responsibilities Respond to security alerts and incidents, following established protocols and best practices. Create response playbooks and standard operating procedures to streamline incident response processes. Work independently to resolve complex security issues, with support and guidance from the Cyber Security Manager … be an added benefit. Skills and Qualifications Significant experience working in a security operations centre (SOC) and responding to security alerts. Experience in creating response playbooks and handling escalations. Additional experience in EDR, M365 security, SIEM, Vulnerability management, MITRE attack framework, and Incident response. Strong stakeholder engagement skills more »

of security solutions impact business strategies Create documentation of findings and recommendations (root cause and risk analysis as needed Assist with forensic investigations and incident response team (CIRT) activities. Assign work to Cyber SOC for remediation Escalate pertinent findings in a timely manner Leverage vendors and internal resources … to interface various security tools to automate critical response tasks Support Compliance managers in providing Cybersecurity artifacts Align information cybersecurity operations with NIST, and ISO 27001 requirements Establish role as a local presence and focal point for business and IT contact. Create the relationships. As the local Cyber management … controls, processes, and policies to improve security posture and identify gaps in existing controls. Assist with Cyber security awareness initiatives and events Assist with incident response planning and activities Essential Qualifications and Education: Bachelor’s Degree in Information Technology (minimum) or equivalent experience and certifications 7 or more more »

the public sector requires a Senior Cyber Security Specialist to work alongside and lead the Cyber Defence team delivering cyber threat intelligence, threat detection, incident response, and vulnerability management capabilities for the organisation.you will be leading the defence function, by providing strategic direction and coordinating day-to-day … delivery of threat intelligence, threat detection, incident response, vulnerability management and ethical hacking capabilities identify and deliver opportunities for continual improvement of the cyber defence function brief senior stakeholders on the cyber threat to the organisation take a leadership role in the cyber security team, the organisation, and … the government security and risk management communitiesSkills and experience you should have a breadth of experience across cyber threat intelligence, detection, and response experience investigating, managing, and coordinating the response to, major cyber incidents have an in-depth understanding of the tools, techniques, and procedures used by threat more »