Trident are on the look out for a Lead Security Incident Response Manager to join a growing CSG. Our client has offices all over the UK and their HQ based in Hertfordshire, they are offering a flexible hybrid working setup, along with a car allowance.

As a Lead Security Incident Manager, working within the Cyber Security Group (CSG), you’ll be responsible for managing, documenting, communicating, and tracking all security incidents and event impacts. You’ll work closely with Group Information Assurance teams, as well as other Operational teams, to support operations and service resilience.

You’ll be leading them through efficient response and communication, to contain and eradicate cyber threats, as well as assist the business with recovery.  You’ll have or be able to obtain relevant security clearance

What you’ll be doing

• Play a key role in the Cyber Security Incident Response Team (CSIRT) and Security Operations.

• Coordination of post-incident activities to move incident to closure.

• Conduct post incident reviews and create post incident report with recommendations to avoid future occurrence.

• Provide regular oral/written reporting and analytics to a broad range of stakeholders which includes technical staff and senior leadership.

• Develop and distribute executive-level summaries of cyber incidents and events which impact assets, data, and third parties.

• Create strong and supportive working relationships across a broad range of internal stakeholders within their geography, including Major Incident Management (MIM) and Crisis Management teams.

• Participate in proactive security incident management exercises (red / blue teaming) including scenario development and feeding findings into service improvement initiatives.

• Participate in Business Continuity / Disaster Recovery exercises including scenario development and feeding findings into service improvement initiatives.

• Support the global implementation and continuous improvement of the security incident management operating model, framework, associated processes and tooling.

• Apply knowledge of complex IT networks to reduce risk across.

• Deliver specialist investigation and analysis on cyber security incidents to support the Cyber Security Incident Response Team (CSIRT).

• Analyse incident management performance; observe trends, identify and prioritise corrective actions.

• Identify and enhance processes where automation has the potential to improve efficiency

What you’ll bring

• Significant experience in end-to-end information security incident management, mitigating and addressing threat vectors including but not limited to infrastructure, applications, network and cloud solutions.

• Strong attention for detail and the ability to manage multiple simultaneous incidents

• Experience with Security Incident response frameworks such as NIST and SANS

• Understanding of information assurance standards and frameworks including ISO 27001, CIS, NIST, Cyber essentials/Essentials Plus, GDPR.

• Recognised information security and/or information technology industry certification (CISSP, CISA, CISM, GIAC or equivalent

• Good presentation, communication and report writing skills with the ability to present complex technical details in a simple business context .

• Good organisational and time management skills.

• Ability to take responsibility for own actions and ability to perform in a structured manner and to strict deadlines with ability to build open and constructive working relationships with support teams

• Proven experience in the creation of security processes, playbooks and collateral Ability to produce meaningful MI to present to different levels of key stakeholders

• Working in a fast paced, shared services matrix environment.

If you think you have what it takes to succeed in this role, apply now!