Cyber Incident Response Lead

Description:

You'll manage SPEN’s Cyber Incident Response Framework, Cyber Incident Response Plan, and Scenario-based Playbooks, with clear hand-offs and hand-ins with corporate emergency plans, business unit cyber and business incident response plans.

Leading reviews in collaboration with engineering, product, and operations teams, to identify and manage gaps, dependencies, process improvements, and constraints between business plans and ensure learnings are incorporated into future planning.

Communicating the results of investigations and risk mitigation outcomes to improve and maintain a robust response to new threats and attack vectors.

Identifying and evaluating risks that could impact the availability of applications to inform IT resilience strategies.

Conducting regular testing and exercising involving senior leadership, technical response teams, and third party support providers to practise a range of scenarios to identify and document critical business impacts, recovery plans and priorities of organisational readiness, ensuring recovery plans are fit for purpose and that the team is in a state of readiness.

Leading the front line response team coordinating and managing incident resolution with speed, cross-functional collaboration, and accuracy in line with appropriate regulatory standards.

Supporting the Operational Incident Response Team (OIRT) during incident response and, where command is passed to the Strategic Incident Response Team (SIRT), coordinate response efforts between the OIRT and the SIRT.

Driving engagement on security and privacy incidents ensuring the processes and methods defined in SPEN’s Playbooks are followed to facilitate an efficient and effective response.

What You’ll Bring
 

• Experience of Incident Response within a complex technology environment.
• A technical understanding of how IT/OT controls are implemented and operated.
• Awareness of legislation and regulation impacting IT/OT General Controls.
• An understanding of common system platforms (Linux/Windows)
• An understanding of security architecture across different deployments (On-Prem, Cloud)