Incident Response Lead

Incident Response Lead

Posted 4 days ago by HW Interim Solutions

Apply
Negotiable
Undetermined
Undetermined
North West, England, United Kingdom
Apply
Certified Information Systems Security Professional (CISSP) Crisis Communications Crisis Management Cyber Incident Response Cyber Security Digital Forensics Information Systems Management Operational Technology (OT) Security Root Cause Analysis Stakeholder Management

Summary: The Cyber Incident Response Lead is tasked with overseeing the organization's response to cyber security incidents, ensuring effective containment, eradication, and recovery in both IT and OT environments. This role is vital for safeguarding essential services and maintaining compliance within a Critical National Infrastructure (CNI) regulatory framework. The position requires strong leadership during incidents and collaboration with various teams to manage and mitigate cyber threats effectively.

Key Responsibilities:

  • Lead response to P1/P2 cyber incidents including ransomware, supply chain compromise and OT disruption.
  • Act as Incident Commander during major cyber events.
  • Coordinate technical, legal, communications and operational teams.
  • Lead incident response across IT/OT environments.
  • Ensure minimal disruption to safety-critical systems.
  • Work closely with engineering and operations teams.
  • Manage reporting obligations under Network and Information Systems Regulations 2018 and UK regulatory and law enforcement requirements.
  • Liaise with National Cyber Security Centre during nationally significant incidents.
  • Develop and test the Cyber Incident Response Plan.
  • Run tabletop and live simulations (including OT scenarios).
  • Ensure lessons learned are embedded into security controls.
  • Mature digital forensics and evidence handling processes.
  • Oversee the SOC.
  • Lead response to nation-state and organised crime campaigns.
  • Oversee forensic investigation and root cause analysis.
  • Support recovery planning and resilience improvements.

Key Skills:

  • 7+ years cyber security experience.
  • 3+ years leading incident response.
  • Experience operating in a Critical National Infrastructure environment.
  • Strong knowledge of ransomware response and crisis management.
  • Experience managing cross-functional crisis teams.
  • OT / ICS incident response experience (desirable).
  • Knowledge of industrial protocols and safety systems (desirable).
  • CREST, GCFA, GCIA, CISSP or equivalent certifications (desirable).
  • Experience in regulated sectors (ports, energy, utilities, transport) (desirable).
  • Decisive leader in crisis situations.
  • Strong stakeholder management skills.
  • Clear communicator under pressure.
  • Highly organised and structured thinker.

Salary (Rate): undetermined

City: North West

Country: United Kingdom

Working Arrangements: undetermined

IR35 Status: undetermined

Seniority Level: undetermined

Industry: Other

Detailed Description From Employer:

Cyber Incident Response Lead

Role Purpose

The Cyber Incident Response Lead is responsible for leading the organisation’s response to cyber security incidents, ensuring rapid containment, eradication and recovery across both IT and OT environments. This role is critical in protecting essential services and ensuring compliance within a CNI regulatory landscape.

Key Responsibilities

  • Incident Leadership
  • Lead response to P1/P2 cyber incidents including ransomware, supply chain compromise and OT disruption.
  • Act as Incident Commander during major cyber events.
  • Coordinate technical, legal, communications and operational teams.
  • CNI & OT Incident Management
  • Lead incident response across IT/OT environments.
  • Ensure minimal disruption to safety-critical systems.
  • Work closely with engineering and operations teams.
  • Regulatory & External Coordination
  • Manage reporting obligations under:
  • Network and Information Systems Regulations 2018
  • UK regulatory and law enforcement requirements
  • Liaise with National Cyber Security Centre during nationally significant incidents.
  • Process & Capability Development
  • Develop and test the Cyber Incident Response Plan.
  • Run tabletop and live simulations (including OT scenarios).
  • Ensure lessons learned are embedded into security controls.
  • Mature digital forensics and evidence handling processes.
  • Oversee the SOC.
  • Ransomware & Advanced Threat Handling
  • Lead response to nation-state and organised crime campaigns.
  • Oversee forensic investigation and root cause analysis.
  • Support recovery planning and resilience improvements.

Skills & Experience

Essential

  • 7+ years cyber security experience.
  • 3+ years leading incident response.
  • Experience operating in a Critical National Infrastructure environment.
  • Strong knowledge of ransomware response and crisis management.
  • Experience managing cross-functional crisis teams.

Desirable

  • OT / ICS incident response experience.
  • Knowledge of industrial protocols and safety systems.
  • CREST, GCFA, GCIA, CISSP or equivalent certifications.
  • Experience in regulated sectors (ports, energy, utilities, transport).

Personal Attributes

  • Decisive leader in crisis situations.
  • Strong stakeholder management skills.
  • Clear communicator under pressure.
  • Highly organised and structured thinker.
Apply
Similar Jobs
Loading data...