Incident Response Lead

This job has now expired please search on the home page to find live IT Jobs.

Incident Response Lead - Defence Client, SC Cleared, Malvern

Our client's team comprises teams of dedicated people; experts in defence, aerospace, security and related markets. We draw on our extensive technical knowledge and intellectual property to provide the know-how and support to solve some of the world's most challenging problems. Our people make the critical difference to customers by providing unique approaches to problem solving. Why don't you join some of the world's finest scientific and technical minds and help us make tomorrow work today?

The Role

We're excited to be recruiting for an Incident Response Lead to establish, shape and lead a cyber incident response capability as part of our portfolio of cyber security services for our external clients. come in and stand up the capability. This will involve utilising technology, people, process, governance, commercials, marketing and messaging to create the capability from the ground up.

The capability will integrate with our established cyber defence managed services and make a significant contribution to the digital resilience of our clients. The role will be expected to recruit and develop the necessary team with the required specialist skills to create a leading and sustainable capability.

Your first 3-4 months will be implementing a technology called EDR (endpoint detection and response) and you will receive budget to procure and deploy this technology. During the second phase of this time period you will actually deliver incident response and understand how to roll it out to the business.

This opportunity offers the chance to work on greenfield incident response, making technical choices and influence on the strategic direction of the business, as you will drive the development of processes and implementation, overseeing the delivery across our estate.

Essential Skills, Knowledge & Experience

You will be required to lead and perform Incident Response Readiness Assessments for customers and design / develop incident response strategies, plans and managed service offerings. This position will also involve designing, leading and participating in Table Top Exercises with customers.

An essential part of the position will be having experience of organising and leading response to cyber incidents and willing to work flexible hours to meet the needs of a given incident response scenario. Clear written, verbal and presentation communication skills will be important to ensure successful delivery as you will be preparing reports and deliver presentations for both expert and senior audiences. You will be a well-presented professional with strong client facing skills in order to guide, influence and provide thought leadership within incident response services.

Desirable Skills, Knowledge & Experience

* Able to proactively hunt for adversaries using a variety of tools and techniques

* Understand how advanced, real world attack footprints look like and how to identify tools techniques and procedures within log data

* Experience and knowledge of threat intelligence techniques, honeypots and 3rd party threat feeds

* Knowledge of current threat groups, their trade craft, and analysis techniques

* Practitioner with incident response toolsets and investigation techniques

* Host centric analysis utilising a variety of tools

* Network centric analysis utilising a variety of tools

* Experience working in a commercial managed service environment

* Experience leading complex incident response investigations

* Able to explain technical threat and impact to board level management

Qualifications