1,700 Incident Response jobs in the United Kingdom

About the Role:

We are seeking an experienced Incident Response Analyst for an established utilities business in Newport. This position plays a crucial part in enhancing the cyber resilience of the business by providing actionable insights, informing decision-making, and proactively contributing to mitigating potential threats.

The success candidate will collaborate with various teams, both internal and external, to ensure a comprehensive understanding of the threat landscape and response to any incidents. Working within the security operations centre (SOC), the primary responsibility is to rapidly investigate and document cybersecurity incidents within the organisation.

Key Responsibilities: (not limited to)

• Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents.
• Investigate alerts and suspicious activity to determine if an incident has occurred.
• Contain affected systems and networks to prevent the incident from spreading.
• Implement temporary measures to mitigate the impact of the incident.
• Work with other teams, such as IT and security operations, to develop and implement a containment strategy.
• Analyse incident data to determine the root cause of the incident and identify recommendations for improvement.
• Document and report incidents to the incident response team and other relevant stakeholders.
• Develop and implement security plans, policies, and training to prepare the organization to respond efficiently and effectively to cyber threats.

Qualifications:

• Proven experience operating in a SOC or a related cyber security role.
• In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice.
• Strong analytical and problem-solving skills.
• GIAC Certified Incident Handler
• Bachelor's or Master's degree in Cyber Security or related field. (desired)

Benefits:

• 25 days annual leave plus

Incident Response Analyst

Permanent - 52k - 57k + strong benefits

Location: Hybrid - South Wales

Your new company

I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback.

Your new role

This is an interesting opportunity to help deliver strategy which will enhance the organisation's security resilience, proactively contributing to mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role:

• Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents.
• Investigate alerts and suspicious activity to determine if an incident has occurred.
• Contain affected systems and networks to prevent the incident from spreading.
• Implement temporary measures to mitigate the impact of the incident.
• Work with other teams, such as IT and security operations, to develop and implement a containment strategy.
• Analyse incident data to determine the root cause of the incident and identify recommendations for improvement.
• Document and report incidents to the incident response team and other relevant stakeholders.
• Stay informed about emerging cyber threats and vulnerabilities.

What you'll need to succeed

• Experience in a similar role, ideally around CNI and OT, with exposure to cyber plans.
• Proven experience operating in a SOC or a related cyber security role.
• In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice.
• Strong analytical and problem-solving skills.
• Ability to work independently and as part of a team.
• Excellent communication and interpersonal skills.
• Ability to obtain UK Security Clearance

What you'll get in return

• Salary of between 52k-57k
• Hybrid working 2/3 days in South Wales per week
• Possible bonus
• 5% pension contribution from you, the company pays 10%
• Enhanced pay for parental leave
• And more!

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)

About the Role:

We are seeking an experienced Incident Response Analyst for an established utilities business in Newport. This position plays a crucial part in enhancing the cyber resilience of the business by providing actionable insights, informing decision-making, and proactively contributing to mitigating potential threats.

The success candidate will collaborate with various teams, both internal and external, to ensure a comprehensive understanding of the threat landscape and response to any incidents. Working within the security operations centre (SOC), the primary responsibility is to rapidly investigate and document cybersecurity incidents within the organisation.

Key Responsibilities: (not limited to)

• Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents.
• Investigate alerts and suspicious activity to determine if an incident has occurred.
• Contain affected systems and networks to prevent the incident from spreading.
• Implement temporary measures to mitigate the impact of the incident.
• Work with other teams, such as IT and security operations, to develop and implement a containment strategy.
• Analyse incident data to determine the root cause of the incident and identify recommendations for improvement.
• Document and report incidents to the incident response team and other relevant stakeholders.
• Develop and implement security plans, policies, and training to prepare the organization to respond efficiently and effectively to cyber threats.

Qualifications:

• Proven experience operating in a SOC or a related cyber security role.
• In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice.
• Strong analytical and problem-solving skills.
• GIAC Certified Incident Handler
• Bachelor's or Master's degree in Cyber Security or related field. (desired)

Benefits:

• 25 days annual leave plus

About the Role:

We are seeking an experienced Incident Response Analyst for an established utilities business in Newport. This position plays a crucial part in enhancing the cyber resilience of the business by providing actionable insights, informing decision-making, and proactively contributing to mitigating potential threats.

The success candidate will collaborate with various teams, both interna.

Cyber Incident Response Lead

60,000 - 70,000 + bonus + extensive benefits

Full Time / Permanent

Hybrid / West Midlands - 1 day a week in the office

The Role and Company:

I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands.

As the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face.

We are ideally looking for someone Midlands based who can be on site in Warwickshire 1 day a week on average.

Key Responsibilities:

• Lead and mentor a small but growing team of Incident Responders.
• Lead the coordination of incident response efforts related to Cyber Security incidents.
• Plan and deliver incident readiness activities such as exercises.
• Facilitate and manage relationships with required stakeholders.
• Lead in-depth post incident reviews to understand root cause and identify improvement opportunities.
• Work with the appropriate stakeholders to ensure all improvement opportunities identified during incident response are remediated accordingly.
• Own Incident Response documentation ensuring its regularly reviewed and updated where required.
• Prepare and deliver incident reports to required stakeholders.

Experience required:

• Proven experience coordinating complex Cyber Security Incident Response in an enterprise organisation.
• Extensive experience leading post incident review and root cause analysis efforts.
• Experience leading a small team is preferred but are open to developing the right person looking to move into leadership.
• Experience implementing ITIL best practices within an enterprise organisation is preferred.

Please apply via the link or contact (url removed) for more information

Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law.

Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers.

By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.

Cyber Incident Response Lead

60,000 - 70,000 + bonus + extensive benefits

Full Time / Permanent

Hybrid / West Midlands - 1 day a week in the office

The Role and Company:

I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands.

As the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face.

We are ideally looking for someone Midlands based who can be on site in Warwickshire 1 day a week on average.

Key Responsibilities:

• Lead and mentor a small but growing team of Incident Responders.
• Lead the coordination of incident response efforts related to Cyber Security incidents.
• Plan and deliver incident readiness activities such as exercises.
• Facilitate and manage relationships with required stakeholders.
• Lead in-depth post incident reviews to understand root cause and identify improvement opportunities.
• Work with the appropriate stakeholders to ensure all improvement opportunities identified during incident response are remediated accordingly.
• Own Incident Response documentation ensuring its regularly reviewed and updated where required.
• Prepare and deliver incident reports to required stakeholders.

Experience required:

• Proven experience coordinating complex Cyber Security Incident Response in an enterprise organisation.
• Extensive experience leading post incident review and root cause analysis efforts.
• Experience leading a small team is preferred but are open to developing the right person looking to move into leadership.
• Experience implementing ITIL best practices within an enterprise organisation is preferred.

Please apply via the link or contact (url removed) for more information

Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law.

Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers.

By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.

Cyber Security Manager | Financial Services | Hybrid

Do you want to be a driving force in my client's DFIR team?

About the Role:

As a Cyber Security Manager, you will be responsible for monitoring, analyzing, and improving the security posture of the organization. You will drive the maturity of security monitoring, incident response, and threat intelligence capabilities, working closely with technical and business teams.

Key Responsibilities:

• Develop and refine security monitoring controls and use-cases to detect threats and anomalies.
• Investigate security incidents, conduct forensics analysis, and manage incident response processes.
• Collaborate with independent penetration testing programs and support risk assessment processes.
• Implement and mature threat intelligence capabilities and integrate with security monitoring frameworks.
• Develop and oversee vulnerability management programs, ensuring alignment with industry standards.
• Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies.

About You:

• Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence.
• Strong knowledge of security technologies, including SIEM tools, network security, IAM solutions, and DLP tools.
• Hands-on experience with incident investigation tools and network protocol analysis (e.g., Wireshark).
• Familiarity with cloud security assessments and industry benchmarks such as CIS.
• Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain.
• Certifications such as GCIA, GCIH, or GCFA are highly desirable.

Package:

• £70,000 - £5,000 Junior
• 0,000 - 0,000 Senior (I need some man management experince here)
• Bonus
• Hybrid: 3 days on site (London) 2 days WFH

If you'd like to hear more I encourage you to apply today!

Incident Response Assistant Manager (Client facing)

Hybrid/ flexible on location - London, Manchester, Birmingham, ect

£50k – £60k

A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment.

This is an excellent opportunity for exposure and growth! If you’re looking for the next step in your incident response career, we’d love to talk to you.

Day to day Responsibilities of an Incident Response Assistant Manager

• Manage cyber security incidents for clients, including digital forensics of relevant data
• Act as an advisor to clients on current cyber threats
• Liaise with clients on delivery and implementation

Requirements for an Incident Response Assistant Manager

• Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape
• Strong technical background (networks and programming knowledge)
• Proven experience working within Incident management and response
• Excellent communication both written and verbal.
• Incident Management Certifications are not necessary but are a nice to have! Such as CREST certified incident manager (CCIM) or GIAC Certified Incident Handler (GCIH)

If this looks interesting to you, please apply or reach out to Georgia at

Cyber Security Manager | Financial Services | Hybrid

Do you want to be a driving force in my client's DFIR team?

About the Role:

As a Cyber Security Manager, you will be responsible for monitoring, analyzing, and improving the security posture of the organization. You will drive the maturity of security monitoring, incident response, and threat intelligence capabilities, working closely with technical and business teams.

Key Responsibilities:

• Develop and refine security monitoring controls and use-cases to detect threats and anomalies.
• Investigate security incidents, conduct forensics analysis, and manage incident response processes.
• Collaborate with independent penetration testing programs and support risk assessment processes.
• Implement and mature threat intelligence capabilities and integrate with security monitoring frameworks.
• Develop and oversee vulnerability management programs, ensuring alignment with industry standards.
• Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies.

About You:

• Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence.
• Strong knowledge of security technologies, including SIEM tools, network security, IAM solutions, and DLP tools.
• Hands-on experience with incident investigation tools and network protocol analysis (e.g., Wireshark).
• Familiarity with cloud security assessments and industry benchmarks such as CIS.
• Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain.
• Certifications such as GCIA, GCIH, or GCFA are highly desirable.

Package:

• £70,000 - £5,000 Junior
• 0,000 - 0,000 Senior (I need some man management experince here)
• Bonus
• Hybrid: 3 days on site (London) 2 days WFH

If you'd like to hear more I encourage you to apply today!