Incident Response Manager

  • Salary:£50,000 - £80,000
  • Location:London, England, United Kingdom
  • Job Type:Permanent, Full time
  • Company:Alexander Ash Consulting
  • Updated on:11 Dec 17

The role will be working in the Cyber Defence Services (CDS) Team within the Risk Consulting practice. Cyber security is one of the areas which the client has identified for tremendous investment and growth, as clients face a challenging cyber threat and look to them to help them understand and respond to that threat. This is a hands-on role with a view to transitioning to team management as the team grows. The successful candidate is expected to manage cyber-security incidents as well as perform elements of digital forensics (disk, volatile memory, network packets, logfiles).

When not responding to incidents, you will help clients to build their in-house incident response capabilities, which will include: authoring and adapting runbooks/playbooks, assessing the incident response maturity, assisting in table-top cyber-scenario exercises.


• Management and co-ordination of cyber security incidents on behalf of clients, working closely with the incident management lead within the team.
• Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). 
• Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them.
• Assessing client incident response capability maturity.
• Helping stand-up or improve clients’ own incident response capabilities.
• Project management of engagements to deliver high quality work.

Experience and Background

• A broad understanding of the cyber security threat landscape and experience in developing tailored threat assessments for organisations.
• Strong technical background in computers and networks.
• Experience of dealing with cyber security incidents and associated response measures.
• Experience of being part of an incident response team, either holding a formal role, or being able to evidence their personal contribution to the team.

The successful candidate will demonstrate strong technical background in computing and networks as well as in cyber-security either by having the relevant work experience, completed a degree or obtained industry relevant certification.