Head of Cyber Incident Response
Hybrid - Solihull
Full Time, Permanent
Up to £58,000 (depending on experience)
Here at Serco, we are seeking an experienced Lead Cyber Incident Responder to be responsible for Serco UK & Europe Incident response activities. This role will be responsible for the process, the integrations and engagements across Serco Worldwide. It will work closely with the Serco regions (Asia Pacific, Middle East and North America). You will be responsible for working closely with our outsourced partners and with the Threat intelligence and SOC teams to ensure effective management and communications.
As part of this you’ll:
- Understand and develop the Incident Response processes and implementation. Including supporting SOC and wider business around its mechanisms and logic
- Manage the various available resources (Internal and external) to deliver the quality of Incident Response mature services
- Develop/manage and advance Incident Response Playbooks, perform proactive threat hunts based on threat intelligence gathered
- Guide delivery of playbooks, automate routine processes, create or enhance detection and response capabilities
- Understand the principles analysis of network traffic and output from various network-centric technologies driving good behaviours and skills in others
- Be able to support technical analysis and assessments of security-related incidents, including malware analysis, packet-level analysis, and system-level forensic analysis.
What you’ll need to do the role:
- Previous experience handling cybersecurity related incidents
- Technical proficiency in a minimum of at least one of the following domains: Malware Analysis, Digital Forensics, Log Analysis, Red Teaming/ Penetration Testing, or related domains
- Understanding of networking protocols, traffic analysis, and network security tools (e.g. WAF, NDR)
- Strong Linux fundamentals, experience operating and investigating incidents in *NIX environments
- Familiarity performing log analysis using SIEM tools (e.g., Microsoft Sentinel)
- Experience with scripting languages (e.g., Python, Go and PowerShell) for automation and analysis
- Excellent communication (verbal and written), teamwork and collaboration skills
- Ability to communicate technical concepts to a broad range of technical and non-technical staff
Candidates should have one of the following:
- Bachelor's degree in Cybersecurity, Computer Science, or a technical field (or equivalent work experience in related field).
- Professional certifications in Cybersecurity (OSCP, GCIH, GREM, GNFA or other relevant certifications).
- Experience in working and investigating incidents in a global organisation.
What we offer:
- 25 days annual leave plus bank holidays.
- Annual leave purchase scheme.
- Up to 6% contributory pension scheme
- Flexible working options.
- A Serco benefits portal offering a wide range of discounts for major high street brands in Retail, Leisure & Hospitality.
- A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Health Cash Plans, free flu jabs and more.
- A wealth of career development training to suit your future aspirations. These range from role specific training, leadership coaching, formal study and much more to support you to build your career with Serco.
- A safe and supportive culture.
- A company passionate about diversity and inclusion.
About Serco
At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services. We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services. We are innovators, committed to redesigning and improving public services for the benefit of everyone.
By joining Serco you will have unlimited access to our Global Employee Networks – SercoInspire (Gender), SercoEmbrace (Multicultural), SercoUnlimited (Disability) and In@Serco (LGBT & Networks). Serco Employee Networks, led by colleagues who are passionate about diversity, inclusion and belonging.
Apply
Please click on the apply button to complete your application. Occasionally we receive a large volume of applications for our roles and when that happens we sometimes bring the closing date forward, so please apply promptly to avoid disappointment.
At Serco, we see people first and foremost for their performance and potential. We are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates and strongly encourage applications from a diverse candidate pool. We are open to discussions around flexibility and flexible working. We operate a hybrid work structure in many of our business areas. We are proudly Disability Confident Leader employers and holder of the Gold Inclusive Employer Standard. Disabled applicants who meet the minimum criteria for the job will be given the opportunity to demonstrate their abilities at an interview. For help with your application please contact 0345 010 4000.
At Serco we support fair access to employment for those with unspent criminal convictions through the ‘Ban the Box’ pledge (some may be exempt due to the nature of the role and the security clearance required). Please contact our recruitment team directly on 0345 010 4000 to discuss.
753 jobs found