Incident Manager

Join our Cyber Defence Centre (CDC) as a Senior Cyber Incident Responder. This senior, business-facing role within Security Operations & Engineering focuses on end-to-end cyber incident management, coordination, and stakeholder engagement across complex environments. You will lead the response to high‑severity cyber incidents, ensuring effective command, communication, and decision‑making throughout the incident lifecycle.

Day-to-day of the role:

Incident Leadership & Management:

• Lead the coordination of high‑severity cyber incidents from initiation through to resolution.
• Act as the central point of control for incident command and control activities.
• Manage incident bridges, ensuring effective communication and structured execution.

Stakeholder Engagement:

• Engage and communicate effectively with technical teams, business stakeholders, and senior leadership.
• Operate confidently within a Bronze‑Silver‑Gold command structure.
• Support escalation into crisis management frameworks where required.

Communication & Coordination:

• Coordinate internal and external communications during incidents.
• Ensure alignment across multiple teams, partners, and third parties.
• Facilitate consensus‑driven decision‑making in time‑critical environments.

Operational Control:

• Prioritise and manage competing incident demands.
• Drive structured incident response processes and adherence to best practice.
• Act as the Cyber Response lead within broader crisis scenarios (e.g., ransomware events).
• Capture and contribute to lessons learned and post‑incident reviews.
• Identify process, capability, or control improvements.
• Work with internal teams to enhance overall cyber resilience.

Required Skills & Qualifications:

Core Experience:

• Proven experience in Cyber Incident Response or Major Incident Management.
• Experience operating in a SOC or Security Operations environment.
• Strong understanding of incident management frameworks and escalation models.

Stakeholder & Leadership Skills:

• Excellent communication and interpersonal skills.
• Ability to influence, negotiate, and gain consensus under pressure.
• Experience working with senior stakeholders (including C‑suite exposure).

Operational Capability:

• Experience running incident bridges / war rooms.
• Strong decision‑making ability in high‑pressure situations.
• Understanding of crisis management structures and frameworks.

Technical Understanding (Desirable):

• Solid grounding in cyber security concepts and threats.
• Experience with Endpoint Detection & Response (e.g., CrowdStrike), SIEM platforms (e.g., Microsoft Sentinel), and ServiceNow (Security Operations).
• Ability to engage with technical teams and interpret technical data.

#J-18808-Ljbffr…