Incident & Response Director, Cyber Security
£130,000 - £150,000 per annum
A well-regarded global consulting client currently is recruiting an Incident & Response Director to form part of their UK cyber security leadership team. The role, while remote for now, will be flexiblly split across office, client, remote and agile-based during hours which suit you. The basic salary will be c£130-150,000 excluding car, cash choices, flexible benefits, pension, healthcare plus extras.
Our client assists organsisations in crisis across our global network to respond, remediate and recover from cyber attacks. They are accredited by the UK National Cyber Security Centre under the Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national significance. R
* Acting as a trusted advisor to senior stakeholders (CISO, CIO, CTO etc.) in crisis and breach situations, and providing strategy and decision support to enable them to successfully resolve and remediate security incidents, or rapidly recover IT environments after ransomware attacks.
* Planning and coordination of large-scale security incident response efforts involving multiple parties and teams, aligned to good practice methodologies.
* Formal line management responsibilities for technical crisis response or investigative teams. * Coordinating written and verbal briefings to a variety of audiences, including boards, law enforcement, intelligence agencies, insurers, or legal counsel.
* A robust understanding of the principles of:
- digital forensics, technical incident response and remediation/containment strategies;
- crisis and incident lifecycle management methodologies;
- enterprise security operations capabilities and tooling;
- enterprise IT networks and Active Directory;
- cloud services such as Azure, GCP, and AWS; and,
- common attacker techniques and associated frameworks (such as MITRE ATT&CK). * Familiarity with, or experience delivering, incident readiness and preparedness services, such as tabletop exercises, threat briefings, incident playbooks or runbooks, and capability gap analysis.
- Lead client engagements across our reactive and proactive incident response services portfolio, acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery;
- Provide oversight, challenge and input to capability development, proposition development and thought leadership initiatives;
- Provide mentoring and oversight to the incident response practice to help the team grow and develop;
- Act as a leader within our client's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work;
- Originate, cultivate and maintain relationships with clients and prospects, and support outreach and business development efforts in collaboration with other teams, such as our Threat Intelligence practice;
- Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption; Shape business strategy and its execution, for example through relationships with law firms, insurers, or technology alliance partners; and,
- Help to grow the reputation in the cyber security market, building trusted relationships with clients and external partners.