CIRT Manager

monitoring, forensic investigation, security operations tooling orchestration and automation. In addition, this role will be key for supporting product development of cyber security related products and services as well as accountable for building the tooling and response packages for any product(s) that need to be supported by Security operations teams.The CIRT Manager will be adaptable to the changing Security landscape and have excellent verbal and written presentation skills in relation to communication of technical findings to senior stakeholders. They will enjoy mentoring more junior colleagues to promote growth and development within the team. The role is based in the PXC main office, in Salford, and is aligned with PXC's dynamic working policy.About the Team The CIRT team identifies and responds to security threats affecting the PXC and partner environments, though interaction with disparate sources, including cyber threat sensors and threat intelligence data. We implement containment, eradication, recovery, forensic and post incident measures commensurate with the threat to business operations, whilst coordinating and escalating to business partners as appropriate. The team is also responsible for ensuring that effective and efficient incident response platforms and controls are available to all colleagues across Technical and Security Operations (TSOC) and CIRT. This includes identification, development and implementation of appropriate Security technologies, processes and procedures, onboarding of Technologies initiated by other areas requiring Security monitoring, as well as driving the CIRT Strategy for the business. In addition the team is also responsible for several areas of testing / simulation to ensure that our Team and Controls are operating optimally, as well as driving evaluation and implementation of new security products PXC wish to offer to its customers in the future.Key ResponsibilitiesDefine the yearly CIRT strategy, aligned to the wider Security team strategy and aimed at identifying key opportunities for continual improvement across Detect and Respond capabilities.Responsibility for ensuring our responses (both TSOC and CIRT) are adaptable & optimised to current external threats, based on up-to-date and reliable Cyber Threat intel sources.Ensure Incident response and related communication procedures are adhered to throughout incident lifecycles, whilst leading on complex incident response and related post-incident activities following incident resolution.Lead the Operational Security team onboarding of new services or platforms aligned to the Security Programme, providing complex engineering analysis and support for the establishment of operational security controls.Maximise current security technology investments, ensuring their full capabilities are realised whilst embracing the potential to develop additional associated automation capabilities in relation to incident response maturity and are managed in line with established quality and operational requirements throughout their lifecycle, including change management, appropriate Operational processes and via defined SLAs.Lead the technical development of specialist operational roles (e.g. security monitoring, forensics, malware analysis, threat intelligence, proactive hunting) to ensure we have highly skilled, situationally aware personnel.Work with the TSOC team and Security SMEs to ensure all day-to-day operational Security activities are delivered in an efficient and effective manner, ensuring that in-scope knowledge transfer and training has been provisioned to all operational Security teams, to support the Strategic aim of Cross Skilling the 24x7 team whilst identifying and leading on CSI for the team.Ensure that the Security Ops knowledge management system for Security processes, operating procedures, knowledgebase and interface documents for external Security partners, can be used intuitively and efficiently by all Security Ops personnel.Manage the Blue team response to Red team testing, ensuring Post Incident Reviews and appropriate Lessons learnt actions are completed.Ensure appropriate CIRT team involvement in the development and implementation of Cyber Threat Tabletop and Simulation testing exercises, whilst working with SMEs to define and maintain Mitre Att&ck framework-based security control testing.Lead on Security Case Management control selection initiatives accounting for current and future team, industry and business demands, and including but not limited to gathering of Functional and Non-Functional requirements for new internal Security products, in addition to leading on renewal conversations for existing Security controls.Lead the establishment of new Security Managed Services and Products, liaising with Pre-Sales, Sales, Product Managers, Account Managers, Commercial teams, Ops Centre Management and Security SMEs to ensure appropriately scoped, revenue generating products are available to our customers, with developed support processes and procedures for the PXC TSOC.Involvement in preparing for and attending regular audit meetings on behalf of SOAR dept regarding tooling and Security Ops Procedures.What Will Make You Successful in this RoleProven experience leading a cyber incident response teamL3/Tier 3 incident response experienceKnowledge and understanding of threat and intelligence processes, playbooks and detection engineeringKnowledge and understanding of digital forensics pipelines and processesSIEM & SOAR experience (ideally Google SecOps)Telco experience preferred but not essentialHow we look after our employeesOur hybrid working policy offers you flexibility to work from home as well as connecting with your colleagues in one of our accessible and collaborative office spacesA starting holiday allowance of 25 days* holiday and up to 10 extra days* leave via our holiday purchase schemeFlex30, an additional 30 hours* of leave every year for you to use how you wishFree private healthcare for all employees, competitive pension scheme and the opportunity to earn bonusFree broadband for all employees plus gifts for major life events such as marriages and birthsFlexible salary sacrifice scheme including dental, gym plus a huge range of shopping and leisure discounts so you can save even more cashAt PXC, we know that diversity means success and innovation. We want our workplace to reflect the communities and customer we serve. Being inclusive is part of our DNA; we are all 100% human, and we create a culture where you can truly be yourself.We're also not your usual 9-5. We are a dynamic workplace and we want to talk to you about how you like to work.#J-18808-Ljbffr Similar jobs, Senior Security Consultant - Incident Response Management****Cheltenham/Manchester - Hybrid working with travel to client sitesIn this role at NCC Group you'll help clients design, refine, and test their incident management capabilities through pragmatic planning and..., A leading consulting firm in London seeks a Cyber Incident Response Advisory Senior Manager to enhance their cybersecurity offerings. You will lead proactive and reactive services, manage client relationships, and contribute to business development and team growth...., A leading housing association in Greater Manchester is seeking an experienced Cyber Security Manager to lead their network and security functions. This role involves both strategic oversight and hands-on technical work, focusing primarily on managing risks and developing..., Role: Incident & Problem Management Analyst (SC Eligible/Clearance) Job Type: Permanent Location: Warrington Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We don't just help businesses to transform through technology. We..., A recruitment agency is seeking a Security Operations Team Lead to oversee the Security Operations Team. Responsibilities include managing day-to-day operations, leading incident response, and ensuring the security of key business assets. Candidates should have over 5 years..., Job Title: Major Incident Manager Location: Remote, UK Duration: 6months+ 500GBP/Day Inside IR35 Banking Client Experience required Job Summary: We are seeking a highly skilled and experienced Major Incident Manager to join a dynamic team supporting one of the leading..., A major retailer seeks a Response Specialist in Manchester to oversee safety incident management. The role requires communication across various teams and thorough analysis of risk data. Candidates should have a background in retail or logistics, strong investigative..., A leading UK investment platform is seeking a Security Operations Team Lead to join their Information Security Team. This hybrid position, based in Leeds or Manchester, involves leading the SecOps team to monitor and respond to security incidents, manage external Security...

Incident Response Lead

Virgin Media O2

Summary As our Incident Response Lead, you'll be at the forefront of defending our organisation against cyber threats, leading the charge when it matters most. This is a pivotal role within our Cyber Defence team, where precision, leadership, and clarity are key. You'll be..., A leading UK connectivity provider in Manchester seeks a CIRT Manager to lead their cyber incident response team. This pivotal role involves defining yearly strategies, managing complex incidents, and ensuring adherence to security protocols. Candidates should have...

Senior Manager-Associate Director, Cyber Incident Response Advisory and Incident Management, Re[...]

Deloitte

OverviewCyber Risk & Security. Everybody's talking about it. Every major corporation is concerned by it. The Government is investing £1.9 billion in tackling it. We're shaping strategies and transforming technology to minimise it and we need you to join us. You'll build...

A leading telecommunications company in the UK is looking for an Incident Response Lead to spearhead its cyber defense efforts. The ideal candidate will have extensive experience in cybersecurity incident response, outstanding communication skills, and the ability to lead..., A leading connectivity provider in the UK seeks a CIRT Manager to lead the incident response team and develop security strategies. The role requires proven experience in cyber incident response, with a focus on adapting to emerging threats. This position offers a hybrid...

Deloitte drives progress. Our firms around the world help our clients become market leaders wherever they compete. Deloitte invests in outstanding people with diverse talents and backgrounds, empowering them to achieve more than they can elsewhere. Our work combines consulting with action and integrity. We believe that when our clients and society are stronger, so are we.