Incident Response Manager, CISO function, Internal Services

Job Description

Your opportunityTo work in the innovative and creative CISO team. A world class operation with extensive knowledge and experience. Interfacing with business and technical teams and bringing about change and influence across the whole world of Deloitte. Apply your skills here to make things happen, great people, great purpose and passionate about our work.We encourage consideration of flexible ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients. If this opportunity is of interest to you with some flexibility, please do discuss with us.Your roleStrategic• Consistently looking for ways to improve our incident response procedure and Threat monitoring services• Assists in preparation of internal and external communications• Maintains chain of custody of incident evidence• Provides physical security of collected data and devices• Provides recommendations to resolve incident and/or reduce impact of incident, to bypass and/or prevent future similar incidentsOperational• Service manager for CIC threat monitoring and analysis services for the CISO function• Responsible for Service Reviews & KPI reporting• Providing support to the Senior Manager and CISO and wider information security function• Provides technical services needed for cyber incident response investigations including, containment, eradication and remediation activities• Responsible for assessing scope of incident damage• Assists in determination of incident severity• Responsible for maintaining documentation throughout a cyber incident• Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation• Assists with perform digital forensic services including, but not limiting to, collection, documentation, preservation and analysis of incident evidenceRelationship Management• Provides direct guidance and oversight to Coordination Specialist - Incident Response• Maintains on-call availability for a 24x7x365 coverageYour work, your choiceIn the CISO team we are results focused and believe in excellence in respect in all aspects of our work and interaction with each other. We make full use of technologies that help support different ways of working. At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk.We, therefore, carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. If the working pattern you are looking for is not specifically indicated below, we are happy to discuss alternative arrangements.Location:London with occasional domestic and international travelSuggested work pattern: Permanent full timeYour professional experienceEducation• Bachelor’s degree: degree in a technology-related field, or equivalent education-related experienceWork experience• Recommended minimum of 5 years of combined experience in the Information Security / Cybersecurity domain with a minimum of 2-3 years in cyber incident response.o Demonstrated understanding of the incident lifecycle and security operations, working knowledge of triage and analysis tools, and a strong understanding of cybersecurity threatso Demonstrated understanding of incident response casework, including maintaining case information, chain of custody reporting, and full documentation of issues from identification through remediation• Proven track record and experience of the following in a highly complex and global organization:o Strong problem solving and troubleshooting skills with experience exercising mature judgemento Excellent teamwork and interpersonal skillsCertification• Professional security management certification preferred, such as GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), Certified Information Systems Security Professional (CISSP), or other similar credentialsSkills/abilities• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels• Possess strong organizational skills to facilitate management and tracking of large numbers of incidents, events, and efforts.• Ability to adapt and operate in a high-tempo, dynamic and stressful environment.• Sound knowledge of business management and an expert knowledge of information / cybersecurity strategy and governanceFor full job description please see our Career SiteWPFULL SLICSS BAITEC CFTECHRequisition code: 178485