Security Incident Manager

My client a large governmental department are looking to recruit and experienced Cyber Security Incident manager to work alongside 3 SOC analysts dealing and triaging threats and vulnerabilities

Although processes and policies are in place these will also need to be reviewed and improved by the incoming candidate therefore i need a good mixture of technical incident response experience couple with good process review and improvement expedience.

Duties and Responsibilities

• Lead on security incidents and provide end to end to resolution.
• Work with business and technical stakeholders to reduce technical vulnerabilities.
• Provide cyber threat intelligence the carry out threat hunting.
• Create security incident playbooks and workbooks etc.
• Support the SOC to improve process and automate monitoring and reporting.
• Minimise the security incident lifecycle from identification to resolution.
• Review, update and create, test, and implement security incident management policies and processes across the IT organisations.
• Work with Service Management to integrate Security Incident Management with the ITIL Major Incident Management.
• Work in collaboration with diverse global IT and businesses to ensure security incidents are identified, reported, and managed in a timely manner.
• Proactively identify gaps and make improvements.
• Define the skills, roles and tools to establish security incident management and response.
• Create Security Incident collateral working with different teams and colleagues, including the SOC.
• Support the SOC to improve process and automate monitoring and reporting.
• Work with business and technical stakeholders to reduce technical vulnerabilities.
• Provide quality reports on security management and incident response, improvements.
• Engage and build relationships with internal and external stakeholders.
• Minimise the security incident lifecycle from identification to resolution.

Essential experience

• Global SOC experience
• CISSP or CISM qualified
• Experience with SPF and NCSC frameworks
• Proven experience of creating, testing establishing security incident management and response policies and processes, playbooks.
• Hands on experience of leading on and managing security incident response.
• Technical IT and cyber security background
• Extensive knowledge of threat and vulnerability, attack types and response.
• Cyber intelligence and threat hunting.
• Experience in reviewing and making enhancements to security processes and policies