cyber incident responder - Manchester, United Kingdom - Locke and McCloud

    Locke and McCloud
    Locke and McCloud Manchester, United Kingdom

    2 weeks ago

    Locke and McCloud background
    Description

    Job Description

    Role Overview

    In response to ongoing growth, we seek an experienced Cyber Incident Responder to join our team. The ideal candidate will possess at least 2 years' experience in responding to and investigating cyber incidents. Deep technical knowledge in incident response, digital forensics, M365, cloud environments, and investigations processes is required. Strong client-facing skills, flexibility, commitment, and integrity are also essential.

    In return, you'll receive a competitive salary, along with training, overtime, and excellent career prospects. You'll enjoy a varied and fulfilling role in a supportive environment. This presents a unique opportunity to join a successful business that prioritizes its team members.

    Security Clearance

    Please note that this role requires NPPV3 clearance in addition to National security clearance to SC level. Applicants must have been continuously resident in the United Kingdom for the last 5 years.

    Responsibilities

    • Perform emergency incident response for customers, including containment and gathering of forensic evidence.
    • Investigate forensic evidence from compromised devices and networks to determine incident root causes.
    • Analyze server logs, firewall logs, and other system data to identify impacted data during cyber incidents.
    • Conduct forensic acquisitions from relevant servers and workstations.
    • Analyze malware and deliver high-quality technical investigation reports to clients.

    Skills and Experience

    • Experience in collecting forensic evidence from compromised systems.
    • Understanding of the Cyber Kill Chain, MITRE ATT&CK, and other information security frameworks.
    • Knowledge of incident handling, threat hunting, and intelligence.
    • Experience in cloud-based infrastructure, including Microsoft Azure, Office 365, Amazon AWS, and Google Cloud.
    • Strong client-facing skills and adaptability in communication.
    • Excellent written and verbal communication skills.
    • Ability to plan and coordinate projects effectively.
    • Attention to detail, flexibility, and self-motivation.
    • Ability to exercise discretion and confidentiality.

    Desirable Skills

    • Exposure to enterprise-scale infrastructure and technology stacks.
    • Relevant incident response certifications (e.g., CREST Intrusion Analyst or Incident Manager).
    • Experience with endpoint protection solutions (e.g., SentinelOne) deployment and monitoring.

    Benefits

    • Flexible working arrangements.
    • Company pension scheme (3% employer contribution).
    • 24 days annual holiday plus bank holidays.
    • Additional holiday on your birthday.
    • Annual holiday loyalty bonus (increasing to 30 days after 3 years).
    • MediCash Cashplan.
    • Life Assurance (Death in Service).
    • Annual media subscriptions (from a choice of Netflix HD, Amazon Prime, etc.).