AddressHead of Cyber Incident Response
Solihull- hybrid
Full Time, Permanent
Between £45,000 to £58,000 per annum (depending on experience)
Here at Serco, we are seeking an experienced Head of Cyber Incident Response to be responsible for Serco UK & Europe Incident response activities. This role will be responsible for the process, the integrations and engagements across Serco Worldwide. It will work closely with the Serco regions (Asia Pacific, Middle East and North America). You will be responsible for working closely with our outsourced partners and with the Threat intelligence and SOC teams to ensure effective management and communications.
As part of this you’ll:
- Understand and develop the Incident Response processes and implementation. Including supporting SOC and wider business around its mechanisms and logic
- Manage the various available resources (Internal and external) to deliver the quality of Incident Response mature services
- Develop/manage and advance Incident Response Playbooks, perform proactive threat hunts based on threat intelligence gathered
- Guide delivery of playbooks, automate routine processes, create or enhance detection and response capabilities
- Understand the principles analysis of network traffic and output from various network-centric technologies driving good behaviours and skills in others
- Be able to support technical analysis and assessments of security-related incidents, including malware analysis, packet-level analysis, and system-level forensic analysis.
What you’ll need to do the role:
- Previous experience handling cybersecurity related incidents
- Technical proficiency in a minimum of at least one of the following domains: Malware Analysis, Digital Forensics, Log Analysis, Red Teaming/ Penetration Testing, or related domains
- Understanding of networking protocols, traffic analysis, and network security tools (e.g., WAF, NDR)
- Strong Linux fundamentals, experience operating and investigating incidents in *NIX environments
- Familiarity performing log analysis using SIEM tools (e.g., Microsoft Sentinel)
- Experience with scripting languages (e.g., Python, Go and PowerShell) for automation and analysis
- Excellent communication (verbal and written), teamwork and collaboration skills
- Ability to communicate technical concepts to a broad range of technical and non-technical staff
Candidates should have one of the following:
- Bachelor's degree in Cybersecurity, Computer Science, or a technical field (or equivalent work experience in related field).
- Professional certifications in Cybersecurity (OSCP, GCIH, GREM, GNFA or other relevant certifications).
- Experience in working and investigating incidents in a global organisation.
Why Serco:
Meaningful and vital work: In this position, your work is vital to the business, in terms of decisions and growth. You will gain a world of opportunity working for a globally operating business delivering essential services across 5 vital sectors, personal growth, achievement and development won’t be hard to find. You'll also work with great people. You’ll find yourself working in a highly motivated, supportive environment where no two days are the same, with experienced colleagues who strive for excellence.
What we offer:
- Flexible working considered
- Pension – 6%
- Employee Assistance Programme
- Chance to contribute to innovation in the public services
- A company passionate about diversity and inclusion
- Serco Benefits
About Serco
At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services. We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services. We are innovators, committed to redesigning and improving public services for the benefit of everyone.
Apply
Please click on the apply button to be taken to our careers website
Serco is a Disability Confident Employer committed to employing and retaining people with disabilities. Disabled applicants who meet the minimum criteria for the job will be given the opportunity to demonstrate their abilities at an interview. For help with your application please contact 0345 010 4000.
We see people first and foremost for their performance and potential. We are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates. We’re a proud holder of the Silver Inclusive Employer Standard and we actively encourage applications from females, those with disabilities or from an ethnic minority background.
