Information Security Incident Lead

Information Security Incident Lead

We are looking for an individual with high integrity and drive who has a real passion for Information Security. Likely to be a seasoned career Information Security professional, educated to degree standard with current CISSP and/or CISM qualifications or related experience across the Information Security domains or similar.

Job Content:
As an Information Security Incident Lead you will become part of a dynamic team, pro-actively protecting our client's customers, employees and information from a wide range of threats. Your responsibilities will include:
*Ownership and management of the company response to Cyber & Information Security incidents and related investigations
*Compliance with Legal & Regulatory incident and investigation requirements (eg Chain of Evidence, Dawn Raid, Legal Privilege, Forensic capture, etc)
*Ensuring the incident management framework, processes and procedures align to industry good and best practice
*Ownership and engagement with relevant external individuals, organisations and 3rd Party vendors including Law Enforcement who provide support and services to the incident management processes
*Testing of the controls which would be relied upon in responding to an incident (covering People, Process & Technology)
*Ownership of the relationship and associated activities to ensure alignment with the wider Business Continuity Planning & Resilience function and processes
*Assessment of current and future landscape and advising on the required control improvement plans to ensure the incident response capability remains robust
*Providing effective information security advice and expertise to company employees at all levels
*Representing the company at many industry wide information and cyber security forums and groups.

Attributes of the Information Security Incident Lead:
Essential -
*Practical experience of the Information Security domains and detailed knowledge of the following: Security Incident Management; Data Security & Privacy, Network Security, 3rd Party Security, Cryptography
*Working knowledge of information security related policy, standards and methodologies and associated information security legislation and scheme standards
*Detailed understanding of the attack vectors, methods and actors in relation to cyber and information security and experience in developing and testing incident scenarios and red team exercises
*Proven capability and experience of managing information security (including cyber security) incidents with an ability to make sound decisions and judgements under stress
*Broad understanding of the related technical controls which prevent Financial Crime
*Highly developed analytical and problem solving skills
*Good understanding of the Financial Services regulated environment within the UK and the requirements of Information Security within it
*Good understanding of Financial Services concepts and sound business acumen and judgment. Ability to see and communicate information security challenges in business terms; ability to understand and deliver business value
*Highly effective interpersonal skills, relationship skills, and written/verbal communications skills; ability to motivate and influence others/negotiate and build consensus
*Working knowledge of security incident toolsets and analytical toolset (eg SIEM) and associated operational processes
*Ability to work as part of a virtual team
*Leading a team in responding to security incidents

Desirable -
*Certified incident handler qualification or similar
*Certified forensic investigation qualification or similar
*Affiliation to appropriate industry body

If you are an experienced Information Security Incident Lead looking to take on a new role in a successful financial services company, please apply today.