Cyber Incident Response Team Lead

  • Job ref:


  • Location:

    Bristol, England

  • Sector:


  • Job type:


  • Salary:


  • Contact:

    Abbie Levens

  • Email:

  • Published:

    about 1 year ago

  • Consultant:


Cyber Incident Response Team Lead

Perm - Full time

SC Clearance will be required

Based in Bristol

Competitive Package

Key Responsibility Areas

  • Leading the professional delivery of all Cyber Incident Response and Digital Investigation services
  • Acting as the subject matter specialist in cyber incident response and related disciplines to the wider business
  • Providing specialist cyber knowledge, insight, and training to clients and to internal teams on an ad-hoc basis and through the delivery of formal training courses
  • Developing threat intelligence capabilities and strategies in conjunction with other operational teams and customers
  • Advising clients on how to best respond to any given incident, from boardroom to boots-on-the-ground, with excellent technical leadership to promote confidence based on your skills and experience
  • Advising clients on how to best implement mitigation measures which might prevent or limit future incidents, working with customer and internal teams to create effective response strategies
  • Authoring and reviewing customer Cyber Incident Response Plans
  • Leading threat hunting programmes across available security devices and through operating system native or custom tooling
  • Managing a small team of technical specialists and supporting their professional development through coaching, training, and performance reviews

Skills, Qualifications & Knowledge Required

  • Excellent knowledge of the inner workings of Windows Operating Systems
  • Excellent knowledge of how malware works and some experience in tearing it apart
  • Good knowledge of the fundamentals of Unix systems including MacOS and Linux distributions
  • Excellent knowledge of host-based investigations including digital forensic principles and practices
  • Good knowledge of Cyber Threat Intelligence capabilities and strategy implementation
  • Excellent knowledge of common networking and routing protocols (e.g. TCP/IP), services (e.g. TLS, DNS, SMTP) and how they interact to provide network communications
  • Good experience in packet-level analysis, firewall and hypervisor administration, network appliance log analysis, and management of network intrusion detection and prevention systems
  • Excellent knowledge of Cyber Security Incident Response processes and procedures with real-world application
  • Experience in winning commercial bids and leading the delivery of technical consulting services
  • Some practical programming knowledge or experience in writing scripts in languages such as Python, PowerShell and Bash
  • Report writing and reviewing skills
  • Some experience of creating and delivering technical and managerial training courses to internal teams and customers