Banner Default Image

Senior Incident Response Manager

Back to job search

Senior Incident Response Manager

  • Location:

    London

  • Sector:

    Incident Response / Digital Forensics

  • Job type:

    Permanent

  • Salary:

    £65000 to £75000

  • Contact:

    Jess Bhard

  • Contact email:

    j.bhard@locke-mccloud.com

  • Contact phone:

    02038542230

  • Published:

    about 1 year ago

  • Expiry date:

    2023-10-07

​About the job

Role: Senior Incident Response Manager

Location: London

Salary: Up to £65,000-75,000 DOE


Locke & McCloud has partnered with a large audit, tax and consulting firm who is looking for an experienced Senior Incident Response Manager to join their Global Executive Office and Member Firms around the world to support information security initiatives and cyber incident response within the global network.


Key Responsibilities:

  • Lead and manage security incidents on behalf of the Global Executive Office, working with the CISO and Member Firm incident response team, providing guidance and mentorship

  • Develops and maintains the security incident response process, including all required supporting materials

  • Acts as a liaison between industry peers, legal, regulatory, compliance teams and government agencies (including law enforcement) and other specialists to ensure adherence to relevant laws and regulations

  • Utilises commercial intelligence providers to gain insight into adversary tactics, techniques and procedures, as well as planned activities and emerging motivations

  • Stay up to date with emerging cybersecurity threats and new vulnerabilities to enhance the incident response strategy.

  • Coordinates with the security operations centre and Member Firms to identify, assess, contain and mitigate the impact of security incidents.

  • Advises the security advisory board of significant emerging threats, and recommend both strategic and tactical steps to counteract these threats

  • Acts as a liaison throughout the entire organisation (including, but not limited to, IT, Member Firms, public relations, legal counsel)

  • Communicate with relevant stakeholders, including senior management and Member Firms, providing updates on incident response activities and outcomes

  • Initiates the security incident response process, and executes decision authority to the extent of their role within that process

  • Organises, participates in and, if required, chair post-incident reviews for presentation to senior management

  • Manage and ensure the documentation of incidents and responses, post incident analysis and lessons learned for future improvement

  • Ensures the delivery of threat intelligence collected from incident engagements to threat intelligence teams and content creators for the purpose of operationalising

  • Provides specialised security support for other events that fall outside the security incident realm, such as high-impact outages due to reasons other than security or technical security risk assessments

  • Assists in e-discovery procedures when necessary

  • Develop and conduct incident response training and tabletop exercises for the team and other relevant stakeholders

  • Work with key stakeholders and with member firms to recommend, implement and maintain security tools and technologies that aid in incident detection and response.

  • Responsible for the review of information from different sources such as firewalls to identify anomalies or evidence of compromise

  • Perform forensic analysis and triage of security incidents including identifying immediate corrective actions required to contain security incidents


Skills, knowledge and experience:

To succeed in this role, the individual will need:

  • Experience of investigating complex incidents cross jurisdictions by state-sponsored groups or targeted ransomware attacks

  • Knowledge and experience of security tooling including EDR, Firewalls, E-Mail Security and Networking

  • Must be skilled in stakeholder engagement at all levels, with people from business and technical backgrounds, internal and external facing

  • Experience of the end-to-end security incident lifecycle from containment to eradication and restoration

  • Methods and motivations adopted by adversaries to attack IT platforms and automated information systems

  • Security forensic techniques, tools and procedures for on-premises and cloud environments

  • IT end-to-end problem management and root cause analysis is desirable

  • Legal requirements for privacy of personal information from employees and customers

  • Proven ability to build relationships and influence individuals at all levels in a matrixed environment, as well as external vendors and service providers, to ensure that segregation and overlapping roles are identified and coordinated

  • Strong organizational skills and the ability to perform in a command-and-control role under pressure, and the ability to manage multiple priorities with competing demands for resources.

  • Ability to consume and synthesize intelligence about actors, techniques or situations to identify emerging risk scenarios

  • Strong analytical and problem-solving skills

  • Proficiency working in a fast-paced, complex, dynamic, multicultural business environment