Cyber Incident Response Team Manager

This is a highimpact greenfield role ideal for a strategic and handson cybersecurity professional. As an individual contributor you will be responsible for defining and implementing the endtoend operating model for collaboration between the central Security Operations Center (SOC) and supporting functions. You will formulate all core processes define areas of handover with the core SOC and establish the technology stack and deliverables necessary to enable scalable and effective security operations.

A key early responsibility will be contributing to the selection and onboarding of a new Managed Security Services Provider (MSSP). You will work closely with the chosen vendor to define operational procedures service delivery models key performance indicators (KPIs) and service level agreements (SLAs). Building a strong collaborative relationship with the MSSP will be a critical shortterm goal.

In the longer term this role will take ownership of developing the business case for building and strengthening internal capabilities laying the foundation for a future inhouse team and transitioning key functions where strategically appropriate. You will also be expected to build trusted relationships with external stakeholders across operating companies to ensure SOC services are aligned with business risk and operational priorities

Qualifications :

Qualifications

Educated to degree level or equivalent experience

Desired qualification

• Recognized Security qualifications desirable e.g. CISM CISSP (preferred)
• Experience in leading complex of Security focused teams or Level 3 Senior Security Analyst / Senior Incident responder / forensic investigator
• Project Management experience and certification (preferred)
• Ability to lead and manage a large team of security analysts and specialists.
• Expertise in incident detection analysis and response methodologies.
• Proficiency in coordinating and leading incident response efforts during security breaches and incidents.
• Deep understanding of cybersecurity principles technologies and best practices.
• Knowledge of security tools and technologies used in a SOC environment such as SIEM (Security Information and Event Management) IDS/IPS (Intrusion Detection and Prevention Systems) and EDR (Endpoint Detection and Response) solutions.
• Ability to assess and prioritize security risks based on their potential impact and likelihood.
• Knowledge of relevant regulatory requirements and industry standards (e.g. GDPR PCI DSS).
• Experience in ensuring SOC operations comply with legal regulatory and contractual obligations
• Strong verbal and written communication skills to articulate complex technical concepts to diverse audiences.
• Ability to communicate effectively with senior management stakeholders and external partners.
• Adaptability to rapidly changing threat landscapes and evolving technologies.
• Capacity to adjust SOC strategies and operations in response to emerging threats and organizational needs.

Experience

• Extensive experience in Security Operations
• Prior experience in a CIRT Team
• Leadership in Security Incident Response (SIR)
• Expertise in SIEM/SOAR tools
• Broad knowledge of security concepts (threat intel vulnerability management network security)
• Experience in threat analysis & security alert detection
• Familiarity with security frameworks (MITRE ATT&CK NIST CSF)
• Security team leadership or strong leadership potential
• Experience in performance management
• Excellent communication & collaboration skills
• Security scripting and automation skills (Python Bash) (Optional)
• Knowledge of cloud security concepts and best practices (Optional)
• Understanding of security compliance regulations (PCI DSS ) (Optional)

Additional Information :

• The chance to enjoy a challenging career in an exciting fastmoving environment in a dynamic industry
• The opportunity to work in a multicultural environment with great offices in many locations. We aim to provide all our people with a work/life balance as well as the many benefits offered by a global organisation including health insurance pension and performance bonuses
• We are an equal opportunities employer and all qualified applicants will receive consideration for employment without regard to race colour religion sex national origin disability status protected veteran status or any other characteristic protected by law.

Remote Work :

No

Employment Type :

Fulltime