Outbreach provides specialist Cyber Incident Response and Crisis Management services to our midsize clients spread across the world.
With offices in London, Dubai, and New York we are different from most other security companies in that we assume our clients will experience a security breach and we are here to help them recover as quickly as possible with as little damage or cost to their business.
Outbreach brings together specialists across IT, Digital Forensics, Law, Public Relations, Communications, and Operations Resilience to provide a single, trustworthy, and dependable partner to our clients that is available 24x7.
We are now recruiting for ‘bench’ staff to work on an ad-hoc basis for the company as consultants that can be called on to supplement our permanent teams when our clients experience incidents and engage Outbreach.
Role Description
The Incident Manager (IM) is the glue who holds together all other teams and stakeholders in a cyber incident. You can think of this role like a project manager but in a critical and fast-moving incident.
The IM will be expected to ensure all the other stakeholders know what is expected of them and ensure they are held accountable for their activities.
The IM will be extremely detail-oriented and comfortable with ensuring processes are appropriately followed and progressed as needed during the incident and quickly raising any challenges to the relevant owner.
IMs will generally only be working on one incident at a time though in some circumstances you may be asked to oversee multiple incidents concurrently which will involve heightened diligence.
Key Responsibilities
* Serving as the subject matter expert on incident response process and procedures.
* Capturing and documenting all information from triage calls into standardised documentation.
* Maintaining the incident log and ensuring key actions and deadlines are met.
* Ensuring the smooth and timely flow of information and communication across all involved.
* Managing the logistics of an incident such as ensuring meetings are scheduled, software/equipment is provided, travel is arranged, etc.
* Highlighting blockers or problems and ensuring they are appropriately prioritised.
* Supporting the incident resolution efforts.
* Preparing reports, providing notifications, and disseminating deliverables.
* Owning and operating any system critical to the operations of the incident (e.g. ticketing, monitoring, etc).
* Developing and refining the incident management processes as necessary during and after incidents. Learning and improving continuously.
Skills & Experience
* Preference will be given to candidates with prior experience in cyber incident response teams.
* 3+ Years Information Technology or Information Security support experience.
* Working knowledge of Public Relations, Communications, Marketing, and Law.
* Excellent telephone/video conference mannerisms and communication skills.
* Very strong verbal and written English, particularly spelling, grammar, and style.
* Good understanding of cyber security including TTPs (Tactics, Techniques & Procedures), common tools, and industry stakeholders.
* Formal document and report creation for senior executives and external clients.
* Experience within high pace, high pressure environments and desire to work in incidents and crisis management.
* ITIL or other similar incident management methodologies.
Highly Desirable but not Vital
* In-depth experience with regulations and legislations such as GDPR, HIPAA, DORA, and other data or privacy laws.
* Frameworks and governance such as NIST, SOCII, ISO27001, etc.
* Security certification such as CEH, CCNA, OSCP, GCIH, etc.
* Security tools/practices such as SIEM, EDR, NDR, OSINT, etc.
* Security clearance.
Commitment
As a ‘bench’ Incident Manager you will be called whenever a suitable incident is raised by our clients which matches your skill and experience level.
There is no expectation for you to remain on call or for you to accept any incident when you are not available. However, once you commit to an incident you will become a key member of the response team and will be expected to remain engaged for the duration of the incident. At the least this would be for 1 day, but in most cases will likely be for 2-4 weeks.
Full training and support will be provided to successful candidates who will be expected to attend regular (paid) meetings to ensure they are familiar with the company, its methodologies, and market.
* Hybrid working with much of your work being done where you please.
* Flexible hours that can be scaled up or down as suits you.
* Working in an expanding Cyber Security business where you can grow in your career and where you can help shape the business.
* Training and development budget aligned to formal relevant qualifications.
* Hourly pay equivalent to over £60,000pa with a significant increase for unsociable hours – if needed.
* Eligible for company stock options (subject to minimum hours).
Seniority level
* Mid-Senior level
Employment type
* Contract
Job function
* Information Technology
* Computer and Network Security
#J-18808-Ljbffr