CrawlJobs Logo
Douglas Scott Logo Douglas Scott · Legal

Cyber Incident Response

United Kingdom, Greater London 140000.00 - 170000.00 GBP / Year · Job Posted May 30, 2025
Apply Position
Job Link Share

Job Description

A leading global law firm is seeking a skilled associate to join its dynamic Cybersecurity & Data Privacy team in London. This role offers the opportunity to work on high-profile, cross-border incident response matters, advising clients across various sectors including financial services, technology, healthcare, and energy.

Job Responsibility

  • Lead and support clients through complex cybersecurity incidents, including data breaches and ransomware attacks
  • Advise on regulatory compliance and risk mitigation strategies
  • Collaborate with multidisciplinary teams to develop and implement incident response plans
  • Contribute to thought leadership and business development initiatives

Requirements

  • Strong academic credentials
  • 4–7 PQE in incident response within a national or international law firm
  • Demonstrated ability to manage complex, cross-border cybersecurity incidents
  • Excellent communication and client management skills

What we offer

  • Collaborative environment
  • Continuous professional development
  • Opportunity to work on high-profile, cross-border incidents
Douglas Scott - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cyber Incident Response

8 matching positions

Cyber Security Consultant (Cyber Incident Response)

We’re supporting a major, ZERO CARBON energy organisation at the forefront of bu...
Location
Location
United Kingdom , City of London
Salary
Salary:
Not provided
morson.com Logo
Morson Talent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in cyber incident response, crisis management, or incident management leadership roles
  • Demonstrated success in transforming or maturing an incident management capability within a complex organisation
  • Strong understanding of the incident management lifecycle, including preparation, detection, response, and post-incident improvement
  • Experience operating within regulated or critical infrastructure environments (energy, utilities, government, etc.) is highly desirable
  • Ability to translate complex technical incidents into clear, actionable insights for senior stakeholders
  • Strong stakeholder management skills, with the ability to influence across technical and business teams
  • Familiarity with frameworks such as ISO 27001, NIST, or similar
Job Responsibility
Job Responsibility
  • Define and deliver a multi-tier Cyber Incident Management strategy, aligned to enterprise risk and integrated with wider incident and crisis frameworks
  • Drive the maturity and optimisation of the existing incident management function, identifying gaps and implementing improvements
  • Own and maintain the Incident Management standards, policies, and processes within the ISMS, ensuring alignment with best practice and regulatory expectations
  • Establish metrics, KPIs, and reporting to measure capability effectiveness and drive continuous improvement
  • Manage budgets and resource planning to support capability development and ongoing optimisation
  • Ensure comprehensive incident response and crisis management plans are in place across all levels of the organisation
  • Design and deliver a structured exercising programme (tabletop, simulation, red team scenarios) aligned to real-world threats in the energy sector
  • Embed a culture of continuous learning, ensuring lessons learned are captured and translated into measurable improvements
  • Develop executive-level communication strategies, including briefing packs and reporting frameworks for major incidents
  • Act as a key point of coordination during high-severity incidents and crisis scenarios
  • Fulltime
Read More
Arrow Right

Cyber Incident Response Commander

The Cyber Incident Response Commander plays a critical leadership role in managi...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent) in Cybersecurity, Computer Science, or related STEM field
  • Minimum 5 years of experience in cybersecurity roles such as CERT / CSIRT, SOC / SecOps, GRC (Governance, Risk & Compliance)
  • Required Certifications (or equivalent experience): GCFA, CIH, CISSP, CEH, ECSA, ITIL Foundation
  • Strong knowledge of incident response methodologies (e.g., NIST, ISO 27035, SANS)
  • Experience with SOC operations and forensic investigations
  • Good understanding of security tools, detection, and response techniques
  • Ability to communicate complex cybersecurity topics to senior leadership and executives
  • Professional proficiency in English (written and spoken)
Job Responsibility
Job Responsibility
  • Maintain and continuously improve the Incident Response Plan (IRP) and its appendices
  • Ensure alignment between the IRP and other relevant security policies and frameworks
  • Develop and refine incident response playbooks to ensure clarity of roles and operational efficiency
  • Collaborate with Legal and Communications teams to strengthen response processes
  • Tailor IRPs to specific scopes (e.g., regions, subsidiaries, maritime operations)
  • Capture lessons learned from incidents and provide actionable improvement recommendations
  • Identify links and patterns between incidents to improve detection and response strategies
  • Support internal and external audits by providing required documentation and evidence
  • Act as Incident Commander during security incidents, coordinating cross-functional teams
  • Assess incident severity and determine appropriate escalation levels
What we offer
What we offer
  • Strong base salary
  • Annual performance bonus
  • Fully covered benefits package including life insurance, long-term disability, health, dental, and vision coverage, plus a health spending account
  • Sopra Steria covers 100% of premiums
  • Generous paid time off including sick leave, personal days, and 3 weeks of vacation
  • Monthly transportation allowance
  • Excellent learning, development, and career advancement opportunities
  • Hybrid work environment
  • All necessary equipment provided
  • Fulltime
Read More
Arrow Right

Cyber Incident Response Manager

We are seeking a Cyber Incident Response Manager to strengthen and scale Fever’s...
Location
Location
Argentina
Salary
Salary:
Not provided
https://feverup.com/fe Logo
Fever
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of modern security tooling, including SOAR platforms, cloud-native detection services, EDR solutions (e.g. CrowdStrike), SIEM platforms and automation technologies
  • Skilled in analyzing and correlating large-scale security telemetry across cloud, SaaS, and endpoint sources using languages and tools such as Python, AWS Athena, Google BigQuery, etc.
  • Ability to rapidly automate data handling, detection logic, and remediation workflows
  • Hands-on experience responding to security incidents in cloud environments
  • Ability to design, document, and maintain IR runbooks, playbooks, and tabletop exercises
  • 5+ years of experience in cybersecurity, with at least 2–3 years dedicated to leading an incident response process
  • Fluent in English (written and spoken)
  • An analytical mindset and strong problem-solving skills
  • Excellent communication skills
Job Responsibility
Job Responsibility
  • Strengthen and scale the incident response program
  • Design, update, and maintain IR processes, playbooks, and runbooks tailored to cloud and corporate IT environments
  • Enhance detection engineering capabilities by collaborating with infrastructure, data, and engineering teams
  • Lead response coordination efforts during incidents, ensuring rapid containment, eradication, and recovery
  • Enhance monitoring and detection with integrated threat intelligence and advanced threat detection capabilities
  • Manage and mentor a specialized incident response team
  • Continuously assess and improve IR metrics, KPIs, dashboards, and reporting methodologies
  • Conduct IR training, simulations, and preparedness exercises across the organization
What we offer
What we offer
  • "Relación de dependencia" contract
  • Opportunity to have a real impact in a high-growth global category leader
  • 40% discount on all Fever events and experiences
  • Osde 410 as medical insurance
  • Home office friendly anywhere in Argentina
  • Responsibility from day one, and professional and personal growth
  • Great work environment with a young, international team of talented people to work with!
  • English Lessons
  • Gympass
  • Attractive compensation package consisting of base salary and the potential to earn a significant bonus for top performance (including Base, Variable, and Stock Options)
  • Fulltime
Read More
Arrow Right

Cyber Security Incident Response Lead

The Microsoft Detection and Response Team (DART) are seeking a skilled and exper...
Location
Location
United Kingdom , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Computer Science, Computer Security, or related field
  • Master's Degree in Computer Science, Computer Security, or related field AND several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • Bachelor's Degree in Computer Science, Computer Security, or related field AND several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • equivalent experience
  • Experience in high pressure incident response environments
  • Lead and manage high-profile incident response efforts for some of the world’s largest businesses
  • Coordinate and lead all key stakeholders as the primary point of contact for major incidents
  • Identify gaps early in the engagement process and request appropriate resources to fill those gaps
  • Balance the need for rapid recovery with data collection and evidence preservation
  • Direct activities to secure Enterprise-scale environments and assess potential data exfiltration or data collection
Job Responsibility
Job Responsibility
  • Contextualizing and prioritizing findings to put together a comprehensive account and briefing of the events that transpired during a security incident
  • Pulling together multiple disparate events to build and communicate a cohesive timeline of activity
  • Collaborating with stakeholders at every level of the business, including legal, compliance, cybersecurity, engineering, and executive functions
  • Communicating key objectives and results with clarity and context
  • Managing all of the complexities of large-scale cybersecurity investigations for global multi-national organizations, serving as the primary point of contact
  • Leading research and analysis of security threats, and sharing findings across the team
  • Identifying, conducting, and supporting others in conducting research into critical security areas, such as current attacks, adversary tracking, and academic literature
  • Analyzing complex issues using multiple data sources to develop insights and identify security problems and threats
  • Creating new solutions to mitigate security issues
  • Recommending prioritization and validation methods for technical indicators, developing tools to automate analyses
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

Senior Cyber Incident Management, Operations & Response Specialist - VOIS

We are seeking a Senior Cyber Incident Management, Operations and Response Speci...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in a Security Operations Centre, operating at senior analyst level
  • Strong expertise in SIEM platforms (such as ArcSight, Splunk, QRadar or LogRhythm)
  • Proven experience in security incident investigation, response and management
  • Understanding of malware behaviour, advanced persistent threats and complex attack techniques
  • Skilled in SIEM correlation logic, rule tuning and detection optimisation
  • Ability to create structured workflows, playbooks and triage processes
  • Confident mentoring, coaching and motivating analysts within the team
  • Strong written and verbal communication skills, including the ability to present technical findings to senior stakeholders
  • Degree in Computer Science, Information Technology, Engineering or a related field
  • Prior experience in cloud technologies and the information security domain
Job Responsibility
Job Responsibility
  • Investigate, analyse and accurately triage security alerts and incidents across CSOC platforms
  • Perform deep-dive incident analysis, identify root causes and assess business risk
  • Lead daily stand-ups and act as an escalation point for functional and technical queries from Cyber Defence Analysts
  • Produce clear, high-quality technical and operational reports for stakeholders
  • Maintain and continuously enhance alert triage quality and operational deliverables
  • Develop, document and maintain playbooks, runbooks, SOPs, KEDB articles and knowledge base content
  • Proactively fine-tune detection rules and identify opportunities for alert reduction and effort optimisation
  • Monitor and protect digital systems against unauthorised access, modification or data loss
  • Analyse security breaches and recommend appropriate tools, controls and countermeasures
  • Collaborate closely with Local Market CSIRT teams to manage ongoing cases and reduce backlog
What we offer
What we offer
  • Opportunity to work at the forefront of cyber defence within a global telecommunications organisation
  • Exposure to complex threat landscapes and enterprise-scale security environments
  • A role that combines technical depth with leadership, mentoring and operational ownership
  • The ability to influence detection strategy, incident response quality and process maturity
  • Fulltime
Read More
Arrow Right

Business Command Center Major and Cyber Incident Region Lead (SVP)

The Business Command Center (BCC) is a critical function supporting Citi's Servi...
Location
Location
Ireland , Dublin
Salary
Salary:
119760.00 - 179640.00 EUR / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven Leadership Experience: Extensive experience in the financial services industry, with a focus on cash management, transactional banking, and trade operations
  • Stakeholder Management and Senior Leadership: Demonstrated expertise in managing executive-level communications and fostering alignment among diverse stakeholder groups and senior leadership
  • Global Collaboration Experience: Demonstrated experience working with global, multi-region initiatives, projects, and teams, including large matrix organizations
  • Influence and Collaboration: Ability to influence partners and drive cross-functional work to achieve optimal solutions to complex problems
  • Detail-Oriented and Results-Driven: Exceptional attention to detail, comprehensiveness of content, and ability to manage multiple assignments to completion under tight deadlines
  • Incident/Crisis Management Expertise: Deep understanding of incident and crisis management principles, including ownership, classification, initial support, escalation/notification, business impact analysis, and resolution tracking
  • Rapid Remediation & Escalation: Drive rapid engagement of key remediation resources and subject matter experts across functional groups to proactively avoid or minimize client-visible service disruptions. Ensure timely and effective escalation to key decision-makers and senior management
  • Severity Assessment & Communication: Establish and enforce consistent severity assessment across all regions and lines of business throughout the incident lifecycle, leveraging client impact and franchise risk criteria. Oversee the timely publication of content-rich incident status updates tailored for client-facing Service teams and regulatory-facing Product Management teams
  • Strategic Incident Preparedness: Coordinate proactive virtual war rooms for significant planned releases or anticipated market events to ensure preparedness and swift response
  • Enhanced Escalation Frameworks: Develop, implement, and manage enhanced client escalation models for key platinum clients, as well as robust internal escalation models for critical internal flows, such as Genesis Liquidity reporting
Job Responsibility
Job Responsibility
  • Proven Leadership Experience: Extensive experience in the financial services industry, with a focus on cash management, transactional banking, and trade operations
  • Stakeholder Management and Senior Leadership: Demonstrated expertise in managing executive-level communications and fostering alignment among diverse stakeholder groups and senior leadership
  • Global Collaboration Experience: Demonstrated experience working with global, multi-region initiatives, projects, and teams, including large matrix organizations
  • Influence and Collaboration: Ability to influence partners and drive cross-functional work to achieve optimal solutions to complex problems
  • Detail-Oriented and Results-Driven: Exceptional attention to detail, comprehensiveness of content, and ability to manage multiple assignments to completion under tight deadlines
  • Incident/Crisis Management Expertise: Deep understanding of incident and crisis management principles, including ownership, classification, initial support, escalation/notification, business impact analysis, and resolution tracking
  • Rapid Remediation & Escalation: Drive rapid engagement of key remediation resources and subject matter experts across functional groups to proactively avoid or minimize client-visible service disruptions. Ensure timely and effective escalation to key decision-makers and senior management
  • Severity Assessment & Communication: Establish and enforce consistent severity assessment across all regions and lines of business throughout the incident lifecycle, leveraging client impact and franchise risk criteria. Oversee the timely publication of content-rich incident status updates tailored for client-facing Service teams and regulatory-facing Product Management teams
  • Strategic Incident Preparedness: Coordinate proactive virtual war rooms for significant planned releases or anticipated market events to ensure preparedness and swift response
  • Enhanced Escalation Frameworks: Develop, implement, and manage enhanced client escalation models for key platinum clients, as well as robust internal escalation models for critical internal flows, such as Genesis Liquidity reporting
What we offer
What we offer
  • competitive base salary (which is annually reviewed)
  • hybrid working model (up to 2 days working at home per week)
  • additional benefits that support you (and your family) to be well, live well and save well
  • Fulltime
Read More
Arrow Right

Sr Incident Response Analyst

We have a 3 month contract with opportunity to extend or convert for a seasoned ...
Location
Location
United States
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) and Requires 4 – 6 years of related experience
  • 5+ years of Security Operations, Incident Response, and/or Digital Forensics Experience
  • Prior Incident Response Experience in a hybrid enterprise environment
  • Experienced with utilizing security tooling such as: Splunk, EDR, Tanium, etc
  • Strong understanding of cloud environments
  • SANS GIAC Security Essentials (GSEC), SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent, SANS GIAC Certified Incident Handler (GCIH) or equivalent required
  • Must be located in CST or EST
Job Responsibility
Job Responsibility
  • Reviews current configurations of the production information systems and networks against compliance standards
  • Prepares the prevention and resolution of security breaches and ensure incident and response management processes are initiated
  • Implements and discuss security service audit schedules, review access authorization, and perform the required access controls testing to identify security shortfalls
  • Designs of automated scripts, contingency plans, and other programmed responses which are launched when an attack against the company’s systems has been detected
  • Collaborates with Information Security Architects, Information Security Engineers, and software or hardware stakeholders
  • Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, triaging of security alerts, events, and notifications
  • Ties third party attack monitoring services and threat reporting services, into internal CIRT (Cyber Incident Response Team) communications systems
  • Performs post-mortem analysis with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users
  • Performs other duties as assigned
  • Complies with all policies and standards
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right