Job Title:
Incident Response Analyst | UK Remote
Role:
This role sits within a specialist cybersecurity consultancy, supporting organisations through high-impact security incidents where speed, clarity, and technical depth matter. You will lead investigations across the full incident lifecycle—working directly with clients to identify the root cause, contain the threat, and guide recovery.
The environment is fast-paced and varied. You’ll be exposed to a broad range of incident types across endpoint, network, and cloud, while also contributing to improving how organisations detect and respond to threats. Alongside hands-on response, you’ll help shape playbooks, support readiness activities, and elevate overall response capability.
Responsibilities:
* Take ownership of cyber incidents from initial triage through to containment, eradication, and recovery
* Lead detailed investigations across endpoint, network, and cloud environments
* Conduct compromise assessments to validate and scope potential breaches
* Act as a key technical contact during incidents, providing clear and structured updates to stakeholders
* Produce high-quality incident reports, including root cause analysis and remediation guidance
* Develop and enhance incident response playbooks and procedures
* Support junior analysts on complex investigations where required
* Contribute to readiness initiatives such as tabletop exercises and incident simulations
* Identify opportunities to improve detection and response capabilities across client environments
Skills / Must Have:
* 4+ years’ experience in incident response, SOC, or security consulting with a strong investigative focus
* Demonstrable experience handling complex or high-severity security incidents
* Strong technical grounding in networking, endpoint security, and digital forensics
* Hands-on experience with EDR and SIEM platforms (e.g. Microsoft Defender, Sentinel, CrowdStrike, SentinelOne)
* Good understanding of attacker behaviour and incident response methodologies
* Ability to work methodically under pressure and manage multiple active incidents
* Clear communication skills, with the ability to translate technical detail into business context
* Relevant certifications (e.g. GCIH, ECIH) are beneficial but not essential
Benefits:
* Remote-first working with periodic in-person collaboration
* Exposure to a wide range of real-world incident scenarios
* Ongoing training and professional development
* Opportunity to progress into senior incident response roles
* Collaborative, technically focused team environment
Salary:
£45,000 - £55,000