Cyber Incident Response Lead Our client are experts in defence, aerospace, security and related markets. We draw on our extensive technical knowledge and intellectual property to provide the know-how and support to solve some of the world's most challenging problems. Our people make the critical difference to customers by providing unique approaches to problem solving. Why don't you join some of the world's finest scientific and technical minds and help us make tomorrow work today?The Role This is an exciting opportunity for an experienced Incident Response Leader to shape and lead a cyber incident response capability within an established cyber function. The capability will integrate with our cyber defence managed services and make a significant contribution to the digital resilience of our clients. This is a senior level position with opportunity to take significant responsibility, with a high degree of autonomy and influence in the context of the organisation's overall cyber security proposition. We're looking for a leader with a mix of business / operational management capabilities and a strong understanding of incident response concepts as you'll be required to develop the new incident response service at pace and scale, with significant customer-facing responsibilities. You'll have the opportunity to recruit and develop the necessary team with the required specialist skills to create a leading and sustainable capability. This individual will be central in the selection of the tools & technologies, as well as collaborate with the wider Cyber business i.e. Threat Intelligence and SOC to create a transactional, high volume service which provide short rapid transactions for our customers. You'll also be responsible for leading and performing Incident Response Readiness Assessments for our customers within the Defence and Government sectors. The role will involve working on the design and development of incident response strategies, plans and managed service offerings, therefore previous experience of organising and leading response to cyber incidents will be essential. You'll have a previous track record of inspiring, motivating and managing teams using clear written, verbal and presentation skills. Key Skills Designing and participating in Tabletop Exercises with customers.Willing to work flexible hours to meet the needs of a given incident response scenarioPrepare reports and prepare and deliver presentations for both expert and senior audiencesGuide, influence and provide thought leadership within incident response servicesCompetent handling evidence and able to meet formal standards for handling evidenceWell-presented professional client facing demeanourDesirable Skills Able to proactively hunt for adversaries using a variety of tools and techniquesUnderstand how advanced, real world attack footprints look like and how to identify tools techniques and procedures within log dataExperience and knowledge of threat intelligence techniques, honeypots and 3rd party threat feedsKnowledge of current threat groups, their trade craft, and analysis techniquesPractitioner with incident response toolsets and investigation techniquesHost centric analysis utilising a variety of toolsNetwork centric analysis utilising a variety of toolsExperience working in a commercial managed service environmentExperience leading complex incident response investigationsAble to explain technical threat and impact to board level managementWorking location may be flexible once the role is established but the candidate will be expected to initially embed themselves within the business, become familiar with the cyber capability, processes and ways of working etc. with significant time based at our Malvern site required at least initially.