Cyber Response Manager
Cyber Response Manager
My client, an international financial services organisation in Edinburgh are actively looking for a Cyber Response Manager to join their expanding CISO function. This role will offer you the opportunity to take the lead on attack monitoring, incident management and response, and cyber investigations. This is a Greenfield role with the opportunity to really help to shape the organisations capability in this space. They are ideally looking for someone who is technically focused and looking for a strategic role where you can be a part of educating the wider business, as well as driving initiatives in your own area.
You will take ownership for these areas:
Define and implement an effective, intelligence-led attack monitoring framework, driving the delivery of the monitoring, gathering, analysis, correlation, dissemination and remediation of indicators of cyber attack.
Incident Management and Response
- Developing and managing a Cyber Response Plan using appropriate incident management tools and processes.
- Overall accountability for first line incident handling, including call handling, triage, first pass analysis, and resolution or escalation to the right cyber security resolver team.
- Accountable for the planning, co-ordination and communication of the organisations cyber security incident management.
- Identify and escalating appropriately any incident/request that requires increased focus and actions necessary to meet committed service levels.
- Management of incident review and reporting on ticket resolution and KPIs.
- Lead the investigation of anomalous cyber incidents via root cause analysis (e.g. following on from major incidents) or through proactive trend analysis and monitoring. And
- Provide digital forensic investigation to incidents that occur.
- Experience with security services such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), Firewall logs, systems logs, web logs, application logs and Security Information and Event Management (SIEM) systems.
- Strong understanding and knowledge of incident management processes.
- Up-to-date knowledge of cyber and information security trends and threats facing financial services.
- One or more certifications such as CISSP, CEH, ITIL v3 and SANS.
To apply for the role please send your CV to Mary.Worthington@sandersonplc.com. Or for more information call Mary on 01179145273.