Head of Incident Response

Goodman Masson
London (Greater)
£110,000 - £119,999, £130,000 - £139,999, £140,000 - £149,999, £150,000 Plus
06 Nov 2017
16 Dec 2017
Contract Type
Full Time

Head of Incident Response

A specialist Cyber Investigations firm are currently looking for a Head of Incident Response to head up and build out their growing Incident Response function. This individual will take ownership of and lead the most complex of investigations, acting as the face of the business on all Incident Response engagements whilst building out and growing a practice underneath them.


  • Take ownership of the most complex of investigations, responding to and containing security incidents such as crimeware, advanced targeted attacks and data breaches.
  • Deconstruct complex tasks into its component parts and deliver an analytic output.
  • Ability to look and explore beyond the obvious to identify opportunities to gain various analytic insights.
  • Reverse engineering of families of malware in order to deliver outstanding cyber intelligence reporting.
  • Manage all cyber intelligence requests from start to finish without supervision.
  • Strategically engage with various open source intelligence forums and their communities, and show an awareness of cross-border legal frameworks of internet resource interaction.
  • Demonstrating quality control of reporting across all activities and recommending and developing new reporting products.
  • Act as an escalation point to the more junior members of the team, mentoring and guiding them through some of the more technical concepts.
  • Guide clients through the implementation of response and containment procedures, translating technical concepts into business language.

Desired Skills

  • Advanced knowledge of operating systems, databases, malware analysis, cyber forensics and network protocols.
  • Deep understanding of TCP/IP networking with the ability to perform deep-dive network forensic analysis.
  • Advanced analytical and problem solving skills.
  • Strong communication skills both written and verbally when engaging with customers.
  • Significant experience working within a SOC/CSIRT environment or specialist investigations team.
  • Previous experience of acting as the Technical SME / escalation point within the team.
  • Relevant certifications:

If you feel like you have the technical expertise and gravitas to lead a team of skilled Incident Response Specialists, and are ready for the challenge of heading up and building out what is an already rapidly expanding Cyber Security Investigations firm please do get in touch on: