Overview
As a Cyber Security Incident Manager, you will play a pivotal role in enhancing and maintaining the cyber incident management framework. Collaborating closely with various stakeholders, including incident management teams and external providers, your mission is to ensure that the processes and playbooks are aligned with current best practices and operational requirements. You will focus on continuous improvement and the sustainability of cyber incident processes while contributing to the overall safety and security standards of the organization.
Responsibilities
- Review and update the Cyber Incident Management Plan to reflect current operational requirements.
- Define scope, roles, responsibilities, and interfaces among stakeholders.
- Ensure incident management processes are aligned with NCSC Cyber Assessment Framework requirements.
- Assess existing incident response playbooks and identify gaps for improvement.
- Develop and standardise playbooks for key incident scenarios.
- Collaborate with stakeholders to validate and embed playbooks.
- Design and implement a structured Post-Incident Review framework.
- Deliver comprehensive documentation and handover materials to support BAU operations.
Requirements
- Active SC Clearance is required for this role.
- Proven experience in Cyber Incident Management and Response.
- Strong Cyber Security domain knowledge and understanding of SOC/CSOC operations.
- Hands-on experience with incident management processes and playbooks.
- Strong stakeholder management and communication skills.
- Excellent analytical and organisational skills to manage complex incidents.