Team Lead - Cyber Incident Response Specialist (CIRT)

  • Job ref:


  • Location:

    Warwickshire, England

  • Sector:

    Defence and Security

  • Job type:


  • Salary:

    £65000 - £70000 per annum + Car allowance + Competitive package

  • Contact:

    Sean Hendon

  • Email:

  • Published:

    about 2 years ago

CBSbutler are delighted to partner with one of the UK's largest & most successful Digital Forensics and Cyber Security service providers. Due to the increasing growth of cyber-attacks and data breach incidents, our client are looking for a Principal Incident Response specialist to join their advanced Digital Forensics facility team in Warwickshire.

The successful candidate will actively lead and deliver a high-quality, customer focused Cyber Incident Response service, working closely with clients to respond, advise, guide and support them in the event of a suspected or confirmed cyber security incident. Reporting directly to the Chief Security Officer, this role is pivotal to the Cyber Security business unit and the successful applicant will enjoy the opportunity to be a critical and influential asset in the delivery of a dynamic service.

Key responsibilities

  • Management of the cyber security team (IR, SOC/SIEM and Pentest)

  • Onsite attendance providing initial response to reported cyber incidents

  • Identification and forensic acquisition of digital material

  • Analysis, investigation and reporting of security incidents

  • Conducting research and maintaining knowledge of current and emerging cyber threats

  • Procedural and documentation development

Skillsets, Knowledge & Experience

  • Ability to lead, mentor, coach and manage a team of professional Cyber Security professionals

  • Demonstrable hands-on experience and accreditation in the fields of incident response, cyber security investigations, digital forensic investigations.

  • Experience of volatile memory acquisition and analysis

  • Thorough understanding and demonstrable experience of dealing with cloud and on-premise network architecture, web applications and associated host devices

  • In-depth understanding of Operating Systems & underlying hardware (Windows, Linux, MacOS, etc.)

  • Familiarity with industry standard SIEM solutions (i.e. Alien Vault, Splunk, LogRhythm etc.)

  • CREST Certified Network (CREST Certified Incident Manager Desirable)

  • Excellent report writing and verbal communication skills

  • Conversant with the ISO 9001 and 27001 Standards

  • Full UK driving license

Desirable Skillsets

  • Experience and qualification in Penetration testing disciplines

  • Experience of the delivery of Cyber Essentials certifications

  • Knowledge of common programming/Web languages

Technical & professional Qualifications

  • SC Clearance is required for this positon