61 Incident Response jobs in London

**Minimum qualifications:**
+ Bachelor's degree or equivalent practical experience.
+ Certification in Certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC) or Computing Technology Industry Association Security+ (CompTIA Sec+).
+ 2 years of experience in similar SOC related roles, explicitly in responding to and actioning on security incidents.
+ Experience in technical troubleshooting and writing code in one or more programming languages.
+ Eligibility to obtain UK Developed Vetting (DV) security clearance; British Citizenship is required for this role.
**Preferred qualifications:**
+ Certifications in Security+ or similar Cyber Security/Incident Response.
+ Experience responding to security incidents on Kubernetes.
+ Experience analyzing, triaging, and remediating common information security incidents.
+ Understanding of common attacker tactics, tools, and techniques.
+ Excellent problem-solving and investigative skills.
+ Current and active UK Developed Vetting (DV) Security Clearance.
The UK Security Operations (SecOps) team in Google Public Sector delivers, operates and secures private cloud services. We aim to provide the flexibility, reliability, and scalability of public cloud for customers with exceptionally high security requirements that can only be met in a private cloud environment. We deliver and operate these private cloud deployments for the most critical customers, helping scale, secure and maintain the deployment whilst working closely with Google product teams to continually improve our technology.
Security Operations plays a critical role in safeguarding Google's public sector customers by proactively monitoring, detecting, and investigating security incidents around the clock. Operating 24/7, the team ensures comprehensive coverage of environments and swiftly responds to suspicious activity. In this role, you will respond to escalated security incidents and proactively enhance the Security Operations Center (SOC) by building platform efficiencies, conducting threat hunting, and participating in purple team events. You will participate in a rotating on-call schedule outside of core business hours and over the weekend to ensure security incidents can be swiftly resolved.
**Responsibilities:**
+ Respond to security incidents escalated from the front line 24/7 team.
+ Build and develop security efficiencies on the platform to improve the overall security operations center (SOC).
+ Conduct threat hunting activities on the platform and participate in purple team events.
+ Review and develop security operations center dashboards for anomalous activity.
+ Be a subject matter expert (SME) across typical security disciplines, vulnerability, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM) etc.
Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also and If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form:

Company Description:
McDonald's is proud to be one of the most recognised brands in the world, with restaurants in over 100 countries and billions of customers served each year. As the global leader in the food and service industry, we have a legacy of innovation and hard work that continues to drive us. Today, we are growing with velocity and are passionate about modernising our experiences, not to make a different McDonald's, but to build a better McDonald's.
We are moving fast and are adding to our outstanding team. Joining McDonald's means thinking big every day and preparing for a career that can impact around the world. We are customer obsessed, committed to being leaders and believe we are better when we work together. Over the last couple years, we've launched home delivery, modernized our restaurant experience through digital enhancements and have so much more to come.
We are dedicated to using our scale for good: good for people, our industry and the planet. From ambitious recycling initiatives and balanced sourcing efforts to our partnership with Ronald McDonald House Charities, we are constantly improving. We see every single day as an opportunity to have an impact on our customers, our people and our partners.
Company Vision and Culture
Our Global vision is to build a better McDonald's and we are working hard to be the best-loved restaurant company.
Our values drive our culture and shape our beliefs, our priorities and our actions. They influence the decisions we make, how we treat one another and how we show up as a brand to the world.
Serve: We put our customers and our people first
Inclusion: We open our doors to everyone
Integrity: We do the right thing
Community: We are good neighbours
Family: We get better together
Job Description:
We are seeking a skilled Technical Product Manager, Reliability and Incident Response with experience in modern DevOps best practices, continuous deployment, and AI Ops platform use to join our major incidents team.
The Technical Product Manager, Reliability and Incident Response will be responsible for coordinating and leading the response to major incidents that impact our ecommerce platform. The successful candidate will ensure timely restoration of service, minimize the impact on customers, and prevent future incidents through AI Ops correlation improvements and advancement of service restoration tools.
Key Responsibilities:
+ Lead the response to major incidents impacting our ecommerce platform
+ Coordinate with technical teams across DevOps, AI Ops, distributed computing, and other areas to prevent future incidents through AI Ops correlation improvements and advancement of service restoration tools
+ Handle communication with collaborators, including customers, business partners, and senior management, to provide regular updates and level set expectations
+ Develop and implement processes for incident management, including escalation procedures, activation of service restoration processes and tools, validation of AI Ops correlation models
+ Continuously review and improve incident management processes to ensure efficiency and effectiveness
+ Collaborate with technical teams to identify areas for improvement and implement changes to prevent future incidents
+ Conduct incident trend analysis to identify recurring issues and proactively address them
+ Lead vendor relationships related to incident management tools and services
+ Provide guidance and support to incident management team members and other technical staff
Qualifications:
+ Bachelor's degree in Computer Science, Information Systems, or related field
+ Demonstrated success supporting reliability and uptime for cloud-based, distributed platforms
+ Experience in incident management or related technical fields
+ Strong knowledge of DevOps, AI Ops, distributed computing, and ecommerce platforms
+ Experience with incident management tools, such as ServiceNow, PagerDuty, and VictorOps
+ Excellent communication and collaboration skills, with the ability to manage partners at all levels of the organization
+ Strong problem-solving and analytical skills, with the ability to lead teams in resolving complex technical issues
+ Demonstrable ability to manage incidents and post-mortems and lead process improvement initiatives
+ Experience in agile methodologies is preferred
Additional Information:
At McDonald's we are People from all Walks of Life.
People are at the heart of everything we do, and they make the McDonald's experience. We embrace diversity and are committed to creating an inclusive culture that means people can be their best authentic self in our restaurants and offices, which helps us to better serve our customers. We have a strong heritage of diversity and representation within our communities, which we are proud of. The diversity of our people, customers, Franchisees and suppliers gives us strength.
We do not tolerate inequality, injustice or discrimination of any kind. These are hugely important issues and a brand with our reach and relevance means we have a very meaningful role to play.
We also recognise our responsibility as a large employer to continue being active in our communities, helping to develop skills and drive aspirations that will help people to be more aware of the world of work and more successful within it, whether with McDonald's or elsewhere."
Requsition ID: REF9448B_

Ankura is a team of excellence founded on innovation and growth.
Role Overview:
We are seeking a highly experienced and strategic cybersecurity and incident response expert to be a leader within our cybersecurity consulting practice. The ideal candidate will have significant experience in cybersecurity, with deep expertise in incident response, digital forensics, threat management, managed detection & response and business development. This leadership role requires a blend of technical acumen, executive-level consulting skills, and commercial strategy to expand our client base and deliver high-impact security solutions.
Responsibilities:
- Lead the incident response team, setting vision, priorities, and standards for delivery excellence.
- Develop and execute long-term strategies to scale the cybersecurity service line, aligning with company growth goals.
- Serve as a senior advisor to clients, providing guidance on cybersecurity strategy, governance, and risk management.
Incident Response & Technical Advisory
- Oversee and lead complex cybersecurity incident response engagements, including ransomware attacks, data breaches, and advanced persistent threats.
- Direct the investigation, containment, eradication, and remediation efforts during critical incidents applying sound Digital Forensics principles.
- Guide clients in developing and testing incident response plans and playbooks.
- Collaborate with threat intelligence and digital forensics teams to deliver timely and accurate incident assessments.
- Advise clients on containment, root cause analysis and remediation activity following common cyber incidents.
- Advise on containment, hunting, recovery and remediation strategies alongside Ankura's managed detection and response service.
Business Development
- Drive new business opportunities and expand relationships with existing clients across industries including cyber insurance, law firms and corporates.
- Lead proposal development, client pitches, and pricing strategies.
- Identify emerging client needs and align service offerings accordingly.
- Represent the firm at industry events, conferences, and in thought leadership publications.
Client Engagement & Delivery
- Manage a portfolio of client engagements with accountability for quality, timelines, and client satisfaction.
- Serve as a trusted advisor to executive stakeholders, including CISOs, CIOs, and Boards of Directors.
- Provide tailored cybersecurity solutions with a focus on incident response / pre breach preparation and post breach advisory services aligned with client business objectives and regulatory requirements.
Team Leadership
- Recruit, develop, and mentor a high-performing cybersecurity consulting team.
- Foster a culture of continuous learning, innovation, and collaboration.
- Ensure delivery teams are equipped with the tools, training, and methodologies to execute at the highest level.
Requirements:
- Minimum 10 years of experience in consulting environments, with a focus on incident response, cybersecurity and enterprise security strategy.
- Proven track record in leading and growing a consulting business or practice.
- Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, MITRE ATT&CK).
- Deep experience with digital forensics, incident response, malware analysis, and threat intelligence integration.
- Demonstrated success in business development, including generating and closing multimillion-dollar opportunities.
- Strong leadership presence, communication, and executive engagement skills.
- Relevant certifications preferred: CISSP, CISM, GIAC, GCFA, GCIH, or equivalent.
Preferred Attributes:
- Experience working in or with regulated industries (e.g., financial services, healthcare, critical infrastructure).
- Comfortable operating in high-pressure, time-sensitive environments.
- Analytical thinker with strong problem-solving and strategic planning skills.
- Strong people management experience and inter-personal skills.
- Entrepreneurial mindset and results-driven orientation.
Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email or call toll-free . This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.
Ankura Consulting Group, LLC is an independent global expert services and advisory firm that delivers services and end-to-end solutions to help clients at critical inflection points related to conflict, crisis, performance, risk, strategy, and transformation. The Ankura team consists of more than 2000 professionals serving 3,000+ clients across 55 countries who are leaders in their respective fields and areas of expertise. Collaborative Lateral Thinking That Deliversᵀᴹ, hard-earned experience, expertise, and multidisciplinary capabilities drive results and Ankura is unrivalled in its ability to assist clients to Protect, Create, and Recover Valueᵀᴹ. For more information, please visit, ankura.com.

Job Posting End Date: September 14
**Who are we?**
We're a specialist employee benefits provider, striving to create healthy, happy workplaces. As part of the international Unum Group, we're on a collective mission to help the working world thrive.
**The role**
**What will you be doing?**
11 Cyber Security Analyst X2
Hybrid - Dorking 3 days minimum
**What will you bring?**
We are a leader in employee benefits, protecting over 2 million people, creating security and peace of mind to individuals & families.
We are seeking a Security Analyst who will be responsible for delivering and overseeing business value through robust security administration support. This includes servicing internal and external auditors, business users, contractors, vendors, and IT staff. The role involves daily operational tasks such as responding to service requests, resolving incidents, and providing technical assistance for complex problems.
Key Responsibilities:
- Perform daily security administration operations and incident response.
- Provide support and troubleshoot security-related issues.
- Collaborate with global teams to ensure consistent service delivery.
- Support infrastructure services and products through operation, reporting, and continuous improvement.
- Interface with cross-functional teams and stakeholders to ensure alignment and effective communication.
Required Skills & Experience:
- Demonstrable work experience in security administration or related fields.
- Strong interpersonal and stakeholder management skills.
- Passionate, curious, and socially adept with excellent soft skills.
- Working knowledge of industry standards and methodologies such as ITIL, Agile, NIST CSF and ISO 27001.
- Ability to work independently while collaborating across global teams.
The successful Cyber Security Analyst can expect:
- Generous Bonus
- DC pension scheme
- Life, medical and income Insurance
- Access to remote GP, nutrition coaching, personal training, unlimited mental health support and medical 2nd opinion
- 27 days holiday with the option to buy and sell holiday up to 5 days (plus

Our client is seeking a highly skilled Blockchain Security Analyst to join their innovative team. This role is vital for ensuring the integrity and security of blockchain platforms and decentralized applications. The position is fully remote, allowing you to contribute your expertise from anywhere. You will be responsible for identifying vulnerabilities, conducting security audits of smart contracts, and implementing robust security measures to protect digital assets and user data. Your primary focus will be on proactive threat detection, penetration testing, and the development of secure coding practices within the blockchain ecosystem. The ideal candidate will possess a deep understanding of cryptography, distributed ledger technologies, and common blockchain security threats. You will collaborate with developers and engineers to integrate security best practices throughout the development lifecycle. This role requires exceptional analytical skills, meticulous attention to detail, and the ability to stay ahead of emerging security challenges in the rapidly evolving blockchain space. You will be involved in researching new security technologies and methodologies to enhance our client's security posture. This is a fantastic opportunity for a cybersecurity professional specializing in blockchain to contribute to cutting-edge projects and safeguard critical digital infrastructure. If you have a proven track record in blockchain security and are passionate about building a safer digital future, we encourage you to apply.

Responsibilities:

• Conduct security assessments and audits of blockchain networks and smart contracts.
• Identify and mitigate vulnerabilities in distributed ledger technology applications.
• Perform penetration testing and security code reviews.
• Develop and implement security protocols for blockchain solutions.
• Monitor blockchain transactions for suspicious activity and potential threats.
• Research and stay updated on emerging blockchain security risks and best practices.
• Collaborate with development teams to ensure secure coding standards.
• Contribute to incident response planning and execution.
• Advise on cryptographic techniques and their application in blockchain security.
• Prepare detailed security reports and recommendations.

Qualifications:

• Proven experience in cybersecurity, with a specialization in blockchain technology.
• In-depth knowledge of cryptography, smart contracts, and distributed ledger technologies.
• Experience with security auditing tools and methodologies.
• Proficiency in programming languages commonly used in blockchain development (e.g., Solidity, Rust).
• Strong analytical and problem-solving skills.
• Excellent understanding of common blockchain vulnerabilities and attack vectors.
• Ability to work independently and manage time effectively in a remote environment.
• Excellent written and verbal communication skills.
• Relevant certifications in cybersecurity or blockchain technology are a plus.
• Bachelor's degree in Computer Science, Cybersecurity, or a related field.

Description
Amazon Web Services (AWS) is the leading cloud provider, providing virtualized infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWS' multi-tenant infrastructure
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Key job responsibilities
As a Security Engineer, you'll help to build and manage services that detect and automate the mitigation of cybersecurity threats across Amazon's infrastructure. You'll work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions. Our services protect the AWS cloud for all customers and preserves our customers' trust in us. You'll get to use the full power and breadth of AWS technologies to build services that proactively protect AWS customers, both internally and externally, from security threats.
You will be working in a team of industry-leading security experts working with UK customers to operate and continuously improve industry-leading security programs and processes. This team manages the underlying security programs and processes for personnel security, physical and logical accreditations, education, awareness and training, assurance, and cyber security.
Basic Qualifications
Degree or Equivalent experience in a technical field. Experience of working in a Security Operations Centre (SOC) performing security investigations, penetration testing and/or incident response in the context of large organisations
* Understanding of security threats, hands-on experience detecting and defending from
cyber-attacks, and experience using big data analytics and orchestration to address security challenges
* Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
Preferred Qualifications
* Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)
* Have awareness and understanding of current cyber security threats, actors and their techniques
* Experience with data science, big data analytics technology stack, analytic development for endpoint and network security, and streaming technologies (e.g., Kafka, Spark Streaming, and Kinesis)
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and

**Summary:**
Meta Security is looking for a Security Analyst to join our Bug Bounty program. You will be responsible for communicating with and validating security vulnerabilities from a community of security researchers around the globe. You will gain insights of Meta's codebase to understand the root cause of each vulnerability, and have the opportunity to play a key role in one of the largest bug bounty programs in the world.The Bug Bounty program incentivizes security researchers to search for, find and report security vulnerabilities across Meta's family of products, including Facebook, Instagram, WhatsApp and Quest. The program serves as the final level of protection per Meta's Shift Left operating model, aiming to discover and resolve vulnerabilities that have landed in production and are at risk of being exploited, and acts as a feedback loop for other security efforts.
**Required Skills:**
Security Analyst, Bug Bounty Responsibilities:
1. Analyze, assess, and respond to various security vulnerabilities we receive as part of our Bug Bounty program
2. Follow up with researchers on unclear reports
3. Understand the root cause of security vulnerabilities to help the product team fix them
4. Play an active role in continuing to grow and develop the bug bounty program and other internal security and privacy initiatives
5. Own expansions to the program, including private bounties
6. Own critical submissions to resolution - liaise a plan with product teams, advise on the right mitigation strategy
7. Implement bug fixes and feature enhancements to the program's public and internal code base
**Minimum Qualifications:**
Minimum Qualifications:
8. Familiarity with web security issues (e.g. OWASP top 10)
9. Ability to follow bug reports, reproduce and triage them
10. Proficient in clear written and verbal communication
**Preferred Qualifications:**
Preferred Qualifications:
11. Participation in bug bounty programs (not necessarily Meta's bug bounty program)
12. Experience with analyzing source code to find security vulnerabilities
13. Contributions to the security community (public research, blogging, presentations, etc)
14. Experience writing in scripting languages and willingness to learn new languages
**Industry:** Internet

Our client, a prominent player in the financial technology sector, is seeking a highly skilled Senior IT Security Analyst to bolster their cybersecurity defences. This crucial role, based within our **London, England, UK** operations, will involve safeguarding our digital assets, identifying and mitigating threats, and ensuring compliance with industry security standards. You will be instrumental in developing and implementing robust security strategies, monitoring network activity, and responding effectively to security incidents.

Key responsibilities include:

• Developing, implementing, and managing security measures to protect computer systems, networks, and data.
• Monitoring network traffic and system logs for suspicious activity using SIEM tools.
• Conducting vulnerability assessments and penetration testing to identify security weaknesses.
• Investigating and responding to security breaches and cyber incidents, providing timely remediation.
• Implementing and maintaining security policies, procedures, and best practices.
• Ensuring compliance with relevant data protection regulations (e.g., GDPR, PCI DSS).
• Managing security awareness training programs for employees.
• Evaluating and recommending new security technologies and solutions.
• Collaborating with IT teams to integrate security into the software development lifecycle.
• Providing technical guidance and mentorship to junior security staff.

The ideal candidate will hold a Bachelor's degree in Computer Science, Cybersecurity, or a related field, along with relevant industry certifications such as CISSP, CEH, or Security+. A minimum of 5 years of progressive experience in IT security, with a focus on threat analysis, incident response, and network security, is required. Strong knowledge of security frameworks, risk management, and cybersecurity technologies (firewalls, IDS/IPS, endpoint protection) is essential. Excellent analytical, problem-solving, and communication skills are paramount. This role offers the flexibility of remote work, allowing you to contribute effectively from any location, while maintaining close collaboration with the London-based team when needed.

Our client is seeking a highly skilled and experienced Senior Information Security Analyst to join their dynamic team in London, England, UK . This pivotal role will involve safeguarding the company's digital assets, identifying vulnerabilities, and implementing robust security measures across various platforms and systems. The successful candidate will play a key role in developing and executing the company's information security strategy, ensuring compliance with industry regulations and best practices. Responsibilities include conducting risk assessments, vulnerability testing, penetration testing, and security audits. You will be responsible for managing security incidents, developing incident response plans, and leading recovery efforts. A significant part of the role will involve threat intelligence analysis, monitoring security alerts, and implementing proactive measures to prevent cyber-attacks. Collaboration with IT teams, development teams, and business stakeholders will be essential to integrate security into the entire software development lifecycle and business operations. The ideal candidate will have a strong understanding of network security, cloud security (AWS, Azure, GCP), endpoint security, and data loss prevention (DLP) strategies. Experience with security frameworks such as NIST, ISO 27001, and SOC 2 is highly desirable. You will also be involved in developing and delivering security awareness training to employees. This position offers a fantastic opportunity to make a significant impact within a leading organization. The role requires a proactive, analytical, and detail-oriented individual with excellent communication and problem-solving skills. If you are passionate about cybersecurity and looking to advance your career in a challenging and rewarding environment, we encourage you to apply.

Key Responsibilities:

• Develop and implement comprehensive information security policies and procedures.
• Conduct regular security audits and vulnerability assessments.
• Manage and respond to security incidents and breaches.
• Monitor security systems and identify potential threats.
• Collaborate with IT and development teams to ensure secure system design and implementation.
• Stay up-to-date with the latest security trends, threats, and technologies.
• Provide security training and awareness programs for staff.
• Ensure compliance with relevant security regulations and standards.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in information security.
• Proficiency in security technologies such as firewalls, IDS/IPS, SIEM, and endpoint protection.
• Experience with security frameworks and compliance (NIST, ISO 27001).
• Strong understanding of networking, operating systems, and web application security.
• Relevant security certifications (CISSP, CISM, CEH) are a plus.