10 Incident Response jobs in London

Thanks to continued growth we are now seeking a Consultant to join our Cyber Incident Response team in London. As the Consultant you will have responsibility for delivering Control Risks' cyber response projects to our clients. This involves undertaking compromise assessments, business email compromise investigations and leading the technical response on complex cases. This role will report to the Associate Director of Cyber Response (Technical) and work closely with the Cyber Crisis Management team. The successful candidate will have an investigative background, a technical skill set and a deep understanding of current and emerging threat actors.

Role tasks and responsibilities

Technical response

• Leading and assisting with host and network-based investigations. Collaborating with the Digital Forensics Incident Response (DFIR) team to deliver the work you are engaged on.
• Threat hunting using EDR Tooling to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity.
• Perform live compromise assessments for organisations who suspect a compromise.
• Detect and hunt unknown live, dormant, and custom malware in memory across multiple systems in an enterprise environment.
• Assist with commercialising the technology and automation developed to ensure it is fit for purpose.
• Demonstrate an understanding of both existing and emerging threat actors, as well as experience identifying rapidly changing tools, tactics and procedures of attackers.
• Work with the Cyber Threat Intelligence team to identify where they could benefit from the technical information acquired during Cyber Response cases. Also identify and implement where threat intelligence can be leveraged through tooling and automation.
• Advise on the safe technical recovery of an organisations IT systems balancing the need to understand what has happened but speed up recovery.

Client Management

• Ensure tooling and automation developed is customer friendly to deploy and use. Be responsible for any customer queries that arise from the use of the technology and automation.

Reporting

• Provide situation reports and other significant case related material to the client and the Head of Cyber Response.
• Provide documentation to the relevant consultants in sufficient time to allow review and feedback, before submitting to a client.
• Supporting the growth of the Cyber Response practice
• Discuss and input into Control Risks’ cyber response methodologies and approaches and tailoring the approach in changing market conditions.
• This role has a requirement to be on call.
• Identifying potential new areas of growth and opportunity.

Requirements

Essential

• Proven experience leading investigations of cyber incidents
• Technical degree or demonstrated knowledge of common networks, software and hardware used in business environments
• Experience in conducting log analysis and digital forensics following a cyber incident
• Proven experience in responding to cyber-attacks
• Demonstrable experience of operating within a Security Operations Centre
• Fluent in English (written and spoken)
• Excellent presentation skills
• Excellent analytical skills

Preferred Qualifications and specialist skills

• Strong understanding of MITRE ATT&CK techniques / sub-techniques. The ability to articulate TTPs to clients in non-technical terms.
• Experience in generating SIGMA rules for host detection, SNORT rules for network detection and YARA Signatures for file and memory artefact identification.

Benefits

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
• We operate a discretionary global bonus scheme that incentivises, and rewards individuals based on company and individual performance.
• Control Risks supports hybrid working arrangements, wherever possible, that emphasise the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
• As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.

Job Title: Information Security Compliance Analyst

Location: Hertfordshire, UK (Hybrid)

Contract: 12-Month Fixed Term (Salaried)

Are you passionate about cybersecurity, compliance, and driving risk management strategies? We’re seeking an experienced Information Security Compliance Analyst to join a dynamic team supporting the development and maintenance of an EMEA-wide Information Security Management System.

This role plays a critical part in maintaining ISO 27001:2022 certification, ensuring compliance with legislation including NIS 2, GDPR, and the AI Act, and promoting a strong security culture across the business.

Requirements:

• ISO 27001 Lead Implementer or Auditor certification (essential).
• Demonstrated experience in an Information Security or IT Governance role.
• Strong knowledge of frameworks like ISO 27001/27002, NIST, GDPR, and related standards.
• Proven ability to manage audits, compliance reporting, and security training programs.
• Excellent stakeholder management, communication, and analytical skills.

This is an exciting opportunity for someone who thrives in a fast-paced, regulated environment and wants to make a real impact in protecting systems, data, and operations across multiple regions.

If you'd like to hear more about the roles and discuss an application, Click APPLY or reach out directly with your CV and a good time to speak at .

About Planet Pharma:

Planet Pharma is an American parented Employment Business/Agency that provides global staffing services with its head-quarters in Chicago and our EMEA regional office located in Central London. We have invested significantly in creating a robust international platform that enables us to work compliantly in 30+ countries with a current network of 2500+ active contractors globally as well as a very strong permanent / direct hire recruitment offering.

Our specialist knowledge and close relationships with our clients and the wider industry really makes us unique in our field. Just recently we were recognised by FORBES as the 17th best professional staffing firm, and have won multiple awards from industry accredited bodies for our commitment to excellence and service delivery. We have extensive functional expertise including: Regulatory Affairs, Pharmacovigilance, QA, QC, Submissions experts, Clinical development, Quality, Biostatistics, and Medical Affairs / Writing.

We are an equal opportunities Recruitment Business and Agency. We welcome applications from all suitably qualified candidates regardless of their race, sex, disability, religion/belief, sexual orientation or age.

Job Title:

Senior SOC Analyst

Role :

We are rapidly expanding our Security Operations Centre (SOC) team and are looking for driven SOC Analysts who thrive in fast-paced, high-tech environments. This is a fantastic opportunity to support multiple high-profile clients across enterprise-scale environments while using industry-leading tools like Microsoft Sentinel, Splunk, and MISP. If you're ready to lead from the front, contribute to national security, and grow your cybersecurity career—this is the role for you.

Responsibilities:

Monitor, triage, and investigate security incidents on critical client infrastructure.

Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities.

Provide Incident Response support and maintain thorough incident documentation.

Continuously improve SOC tool usage, operational practices, and knowledge-sharing across the team.

Prepare and present reports for managed clients, tailoring content for both technical and non-technical stakeholders.

Skills/Must have:

Proven experience working in a Security Operations Centre.

Hands-on experience with Microsoft Sentinel and Splunk.

Familiarity with the Mitre ATT&CK framework.

Strong understanding of networking fundamentals (TCP/IP, WANs, LANs, common Internet protocols).

Knowledge of enterprise-grade security tools such as firewalls, VPNs, AV, IDS/IPS, and log management.

Experience analysing log data and network security events.

Desirable Skills:

Understanding of static malware analysis and reverse engineering.

CREST Practitioner Intrusion Analyst certification.

Familiarity with additional SIEM tools such as QRadar.

Benefits:

25 days annual leave, with the option to purchase more

Health cash plan

Life assurance

Pension scheme

Generous flexible benefits fund

Salary:

Competitive

Security Cleared Business Analyst - SharePoint Specialist - London, remote. Start date ASAP. Up to £80,000.

I am working closely with a client of mine who are a consultancy within the public sector, they're on the lookout for a SC Business Analyst.

You will lead a SharePoint Governance and Reporting project within a government department.

This role ensures Microsoft 365 and SharePoint environments meet compliance, retention, and governance standards.

Key Responsibilities

• Define and deliver governance and reporting requirements.
• Align SharePoint Online and M365 with compliance frameworks.
• Communicate progress through clear, targeted reporting.
• Bridge business needs with technical implementation.
• Advise on SharePoint architecture and records management.
• Ensure environments meet internal and regulatory standards.

Requirements

• 8+ years with SharePoint and M365 governance.
• Strong grasp of compliance tools (labels, retention policies).
• Proven stakeholder engagement and reporting skills.
• Government or public sector experience preferred.
• Active SC clearance required.

They are looking for someone to join their team ASAP, if you are interested in the above opportunity please reach out!

Apply below or share your CV to

Join to apply for the Senior Director Analyst, Security Architecture and Cloud Security (Remote Canada and EMEA) role at Gartner

Join to apply for the Senior Director Analyst, Security Architecture and Cloud Security (Remote Canada and EMEA) role at Gartner

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Gartner

What makes Gartner Research and Advisory a great fit for you?
Not sure what skills you will need for this opportunity Simply read the full description below to get a complete picture of candidate requirements.

• You are a team player who values expert insights, bold ideas, and intellectual courage.
• You are always learning and looking to discover whats next in technology.
• You believe that good technology needs to be balanced with good governance, planning and process.
• You pursue personal excellence through team collaboration and consensus.
  

• Develop new research and ideas through thought leadership and offer compelling, actionable approaches to client's needs and requests that accelerate the client's ability to act.
• Create innovative, thought provoking, actionable, and highly leveraged must-have research content.
• Present best practices and emerging trends to security technical professionals in virtual meetings and conferences.
• Create and deliver high value presentation materials on and off stage for Gartner events and briefings.
• Actively participate in innovation, ideation, and research discussions and collaborate effectively with peers in the research community.
• Remain ahead of the curve on developments and issues within these specified areas as well as applicable adjacent areas.
  

• Subject matter expertise and hands-on experience in enterprise security architecture and architecture frameworks such as SABSA and NIST CSF.
• Experience with applying security architecture end-end; from business analysis to technical component selection.
• Subject matter expertise in cloud security, with the ability to demonstrate understanding of the business requirements and opportunities in that market.
• Knowledge of the native security controls for the leading infrastructure-as-a-service providers.
• Knowledge of CNAPP, CSPM, CWPP, SSE and related cloud security control technologies as well as container security concepts.
• Knowledge of the global landscape, and the competitive interplay between incumbents, emerging providers, disruptors and outsourcers in the cloud security market.
• Strong organizational skills; ability to work under tight deadlines and produce high quality deliverables.
• Demonstrate excellence in research and writing ability.
• Strong written and verbal proficiency, analytical and presentation skills; ability to engage clients and respond effectively to questions.
• Proficient in analyzing and synthesizing data; can effectively apply patterns and frameworks while drawing and defending conclusions to client challenges.
• Strong communicator who is able to explain complex concepts concisely and simply.
• Subject matter expert comfortable presenting at large and small-scale speaking engagements.
• Demonstrated superior analytical skills, applying conceptual models, recognizing patterns while drawing and defending conclusions.
• Minimum of 12 years of experience in a security architecture/engineering/operations or technology related role.
• Bachelor's or equivalent experience, masters degree preferred.
• Ability to conduct occasional travel, regionally and globally.
  

• Seniority levelNot Applicable

• Employment typeFull-time

• Job functionFinance and Sales
• IndustriesIT Services and IT Consulting, Information Services, and Research Services

Referrals increase your chances of interviewing at Gartner by 2x

Get notified about new Investment Analyst jobs in London, England, United Kingdom.

London, England, United Kingdom 2 weeks ago

London, England, United Kingdom 1 week ago

London, England, United Kingdom 2 weeks ago

Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

• Support the first line Technology & Cyber Issue, Audit and Regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with standard methodology.
• Support the governance of technology & cyber related Self-Identified Issues as well as Internal Audit and External audit actions undertaken
• Perform quality reviews of all Technology and Cyber Security related Audit Observations and Self-Identified Issues to ensure accuracy and appropriate severity and ownership assignment.
• Oversee the implementation of action plans to remediate both Self-Identified Issues and Audit Issues.
• Perform issue closure validation for both Self-Identified Issues and Audit Issues.
• Support the maintenance of a centralised repository of Engineering audit & regulatory evidence and responses for re-use and with reporting.
• Maintain a centralised repository of Customer RFI responses for re-use and with reporting.
• Support the work of wider GRC teams where required and in areas of interest and expertise.
• Work with partners to ensure conformance with Regulatory, Company and Industry standards.
• Supporting the production of required Metrics at committees and forums, as well as representing the team where required.

• Support the ongoing and periodic regulatory and compliance responses and engagements
• Audit management and coordination
• Issue remediation oversight and closure validation
• Responding to customer RFIs using standardised formats and frameworks
• Quality assurance on library of responses required for customer RFIs etc.

• The development of the Audit and Regulatory Governance within Technology and Cyber Security divisions will have a significant impact on the resources of other teams in cyber. The GRC team especially need to assure the remediation activity conducted in response to findings.

• Awareness and working knowledge of control frameworks based on industry standard methodologies such as NIST, COBIT, and ISO27001.
• Awareness of key regulatory requirements for technology and cyber security in the main LSEG operating centres - UK, Europe, US & Asia
• Cyber security qualification e.g. CISMP / Apprenticeship (desirable)
• Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
• IT and cybersecurity policies and standards
• Operational risk frameworks
• Regulatory compliance
• Operational Resilience
• Good understanding of data protection controls
• Financial Services sector experience
• Technology & Cyber Security

• Not essential but experience will be recognised, greater focus on work experiences and ability to engage and drive initiatives.

• Critical thinking
• Objective analysis of poorly defined problems
• Ability to provide robust challenge
• Proficient understanding of financial institutions and underlying business processes
• Partnership and influence
• Resource management
• Negotiation and Partner management
• Resolving Conflicts
• Working with senior stakeholders