Incident Response Manager - Work from home with required travel to London Office and Client Sites

Job Description

More than you expected Grant Thornton UK LLP is part of a global network of independent audit, tax and advisory firms, made up of some 58,000 people in over 135 countries. Were a team of independent thinkers who put quality, inclusion and integrity first. All around the worldwe bring a different experience to our clients. A better experience. One that delivers the expertise they need in a way that goes beyond. Personal, proactive, and agile. Thats Grant Thornton.Job DescriptionNEW GROUND WONT BREAK ITSELF. Every day our teams help people in businesses and communities to do what is right and achieve their goals.The Grant Thornton Cyber Defence Centre are an established MSSP at the forefront of Cyber solutions, working with industry leading technologies. We offer a path for progression and invest in our workforce. Initiative is encouraged and support is always availableacross the team and wider group. We work collaboratively and cross functionally, boasting a healthy ethos whereby we aim to promote the best version of ourselves and you.In this role you will work with fully fledged Incident Response teams across a traditional working week. There will be instances (in the event of a breach) where its all hands-on deck and overtime is expected, which may include deployment during weekends.Given the nature of this role, this should come as no surprise. Most importantly, expect to work on some of most intriguing and relevant jobs within this sector.A look into the role As an Incident Response Manager within the Cyber Defence Centre, you will:

• Manage a team across our reactive and proactive incident response services, including client management: acting as the key point of contact for client technical teams, setting daily direction for GTs technical teams, and being accountable for the technicalexcellence of our delivery.
• Perform proficient technical analysis, helping our clients to understand what happened during a cyber security incident or data breach.
• Produce and contribute high quality output in a variety of formats, from daily update slides to full technical investigation reports.
• Work directly with clients to understand their needs and build relationships.
• Contribute to capability development and proposition development
• Work alongside client teams and manage risk appropriately throughout the project lifecycle, following GTs processes for client and engagement acceptance.
• Provide mentoring and oversight to the incident response practice to help the team grow and develop.
• Collaborate and build relationships with GTs wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work.
• Play a role in GTs global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues.

Knowing youre right for us Joining us as an Incident Response Manager, the minimum criteria youll need is 3+ years of experience in Digital Forensic Incident Response (DFIR) fields with a degree, preferably in Digital Forensics/Computer Science or other technology relatedfield. Alternatively, we will consider applicants with 5+ years of vocational experience in Digital Forensic Incident Response. Any additional relevant IT / Security qualifications will set you apart but please appreciate it is not essential. It would be greatif you had some of the following skills, but dont worry if you dont tick every box, well help you develop along the way.Essential:

• Strong practical experience of managing cyber crises and data breach situations as a subject matter expert or technical lead - providing support in executing DFIR processes to ensure timely and secure remediation and recovery from cyber security incidents
• Coordinate written and verbal briefings to a variety of key stakeholders, including business executives, IT staff, insurers, or legal counsel
• Flexible working with a requirement to travel to client sites where applicable
• Have a robust understanding and up-to-date experience with Digital Forensics and in-depth Incident Response strategies relating to enterprise networks as well as knowledge common attacker techniques found within known threat landscape frameworks and TTPs(such as MITRE ATT&CK)
• Strong written/verbal skills and an ability to utilise these capabilities to communicate complex ideas effectively
• Experience in working with industry standard tools, for example, FTK, X-Ways, Volatility, Thor etc
• Able to work effectively both individually and as part of a team
• Have a detail orientated, investigative mindset with strong problem-solving skills
• Ability to work under pressure and within strict time constraints
• Keen on self-development and obtaining new skills

Nice to have:

• Background in consultancy or similar vocational experience
• Ability to automate tasks through programming or scripting
• Show experience in the Incident Lifecycle, including knowledge of common methodologies, which should encompass enterprise security operations capabilities and tooling, enterprise IT networks and Cloud Services such as Azure, GCP and AWS
• GCFE, GCFA, GREM, GNFA, GCIH, CISSP, or equivalent professional qualifications

Knowing were right for youEmbracing uniqueness, the culture at Grant Thornton thrives on the contributions of all our people, we never settle for what is easy, we look beyond to deliver the right thing, for everyone. Building an inclusive culture, where we value difference and respectour colleagues helps our people to perform at the best of their ability and realise their potential.Our open and accessible culture means youll interact with leaders who are interested in you and everything you bring to our firm. The things that set you apart, we value them. Thats why we give you the freedom to bring your whole self to work and pursueyour passions inside and outside of work.Beyond the job Life is more than work. The things you do, and the people youre with outside of work matter, thats why were happy to look at flexible working options for all our roles, and well always do our best to keep your work and life in balance. The impact you can make here will go far beyond your day job. From secondments, to fundraising for local charities, or investing in