Работа в Великобритании в IT: Incident Manager

Joining Information Security Running at the forefront of PMI's Digital Transformation, Information Security offers guidance, solutions and advisory all across PMI, supporting our secure journey towards a smoke-free future. Our scope ranges from security assessments, architecture, governance and risk advisory, through resilience, cyber threat intelligence and incident response, to supporting PMI Functions, Markets, and Platforms (e.g. Finance, People & Culture, Operations, Consumer or Product) and building an organizational security culture.


Your day to day:
• Lead and coordinate the technical response to serious cyber incidents, e.g. APT activity, targeted malware campaigns, vulnerability exploits and network-based attacks in order to contain, eradicate and recover from malicious activity.
• Lead technical bridge-lines to triage incidents and to define and implement containment strategies, which often involve multiple challenging priorities.
• Produce pristine communications to senior business partners in a timely manner to outline the anatomy of attack and the details of the response and remediation activity.
• Lead and take ownership for all incident response key decisions, ensure auditable records and logs are maintained and incident records are up to date.
• Drive post-incident review activity with a focus on root cause analysis and continuous improvement.
• Build and develop relationships with key business partners to promote the awareness of Incident Response processes.
• Produce weekly and monthly Management Information pertaining to incidents handled and the current threat landscape.
• Maintain up-to-date knowledge on the latest tools, tactics and procedures (TTPs) used by Threat Actors.
• Provide support for major incident escalations which may involve occasional out-of-hours activity.


Who we are looking for:
• 3+ years demonstrable experience in leading serious cyber incidents • Highly effective risk assessment, data analysis and communication skills.
• Ability to multitask in a high pressure, fast-paced environment.
• Ability to communicate complex topics to key partners whilst clearly articulating risk and impact.
• Problem-solving skills
• The ability to make quick, confident decisions.
• Solid understanding of Windows & Linux operating systems and network fundamentals
• Strong knowledge of the latest TTPs, especially in respect of nation-state level attacks.
• Experience of developing, implementing and continually improving IR playbooks.
• Experience of handling sensitive insider threat incidents.
• Knowledge of the NIST cyber security framework.
• Familiarity with SIEM (Sentinel, Splunk), Microsoft Defender Suite and computer forensic tools.
• Passion for the cyber security industry.

Be great to also have:
1. Practical experience with security vulnerabilities, exploits and malware.
2. Industry certification, e.g. GCIH, GCFA, CEH, CFE, GREM etc.


Here’s a glimpse of what’s in it for you upon joining us:
• Work-life balance: Wellbeing comes first. We offer a fantastic office environment and hybrid working options to ensure you have the best work-life balance possible.
• Learning & Development: Your growth is a priority. Our robust and varied learning & development ecosystem will help you strengthen your technical skills and enhance your soft skills and intuition for business. The capabilities you will acquire with us will support your life-time employability within IT, PMI, and beyond.
• Inclusion & Diversity: Our differences - much more than our similarities - generate the innovation we are looking for. We aspire to build a diverse and inclusive organization to access the breadth and depth of thinking and sensitivity necessary to thrive.

Связаться с автором