About Bridewell
One of the most exciting prospects in the UK cyber security sector today, Bridewell is a leading cyber security services company specialising in protecting and transforming critical business functions for some of the world's most trusted organisations. We are the trusted partner for operators of essential services and provide end-to-end cyber security capabilities that help our clients overcome their security challenges, allowing them to operate safely and securely.
Bridewell holds the Gold level, Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly one team.
Who are we looking for?
Due to continued growth, Bridewell's CSIRT is looking for a Principal Incident Responder to serve as a technical leader and trusted advisor for our CNI and other clients. This role will be responsible for developing and maturing our enterprise incident response capabilities, leading a team of incident responders, and strengthening our clients' security posture through incident preparation, response, and recovery activities.
What you'll be doing
This role focuses on building and maintaining incident response capabilities across endpoint, network, and cloud environments for both our SOC services and consulting engagements, working to enhance our clients' security programmes whilst developing our internal expertise.
You will need to have experience in:
* Develop and mature incident response service offerings, including creation of technical documentation, playbooks, and response procedures tailored for enterprise endpoint, network, and cloud environments within CNI and client organisations.
* Build and implement incident response processes for SOC analysts, including triage procedures, investigation methodologies, and escalation paths specific to modern hybrid IT infrastructures.
* Lead technical investigations into complex security incidents across endpoint, network, and cloud platforms, providing expert guidance on containment and remediation strategies whilst considering operational impact and business continuity requirements.
* Manage complex investigation, containment and eradication activities of high priority incidents across enterprise environments at scale.
* Develop a team of incident responders, providing technical mentorship and ensuring consistent delivery of high-quality services across multiple client environments.
* Support and guide customers in the development of detection and response capabilities across their IT estate.
* Design and maintain incident response plans and playbooks, incorporating industry standards and best practices for enterprise security.
* Develop and execute threat hunts across endpoint, network, and cloud environments.
* Perform malware analysis and reverse engineering as required during incident response activities.
* Serve as a thought leader in enterprise security through creation of blogs, whitepapers, and participation in industry webinars and speaking engagements.
* Act as senior incident coordinator during active incidents, managing stakeholder communications and ensuring appropriate balance between security measures and operational continuity.
Experience:
* Extensive experience with enterprise endpoint technologies, network infrastructure, and cloud platforms (AWS, Azure, GCP), including understanding of common protocols and technologies.
* Relevant certifications such as GEIR, GCFA, GNFA, GCFR, Security Blue Team Level 2, or equivalent incident response and digital forensics qualifications.
* Experience in MSSP and/or security consulting roles, with demonstrated ability to build and develop service offerings.
* Strong background in incident response and crisis management within regulated CNI environments.
* Knowledge of frameworks such as NIST CSF, ISO 27001, NIS Regulations, and industry-specific security standards.
* Experience in leading technical teams and developing junior staff members.
* Demonstrated ability to communicate complex technical concepts to various audiences through presentations, written content, and training materials.
* Background in developing and implementing SOC processes and procedures for security monitoring and incident response across hybrid IT environments.
* Experience with threat hunting methodologies and tools across enterprise environments.
* Strong understanding of attack techniques and TTPs across the cyber kill chain.
This position requires travel to client locations, approximately 20-25% of working time, with expenses. The role may require on-call responsibilities as part of the incident response rotation
What's in it for you?
Our vision is to create a safe, inclusive digital world where people and organisations can thrive. Our values of Do the Right Thing, One Team and Above and Beyond emphasises the importance of the part we play in society, and our commitment to our people and clients. Our story to-date has been phenomenal, but success doesn't end here and as we continue to grow and scale, we want to keep the same culture, passion and commitment to high quality that has enabled us to get this far. Bridewell will provide a great career opportunity with continual development as well as the following:
* 25 Days Holiday - Plus buy and sell options
* Flexible Working (around core office hours)
* Performance Incentive Bonus
* Company Pension
* Employee Shareholder Scheme
* Personal Day & Birthday Off - After 1 year of service
* Family Leave - After 1 year of service
* Enhanced Maternity based on length of service
* Dedicated Training Budget
* Life Assurance
* Electric Vehicle Scheme & Cycle to Work Scheme
* Private Healthcare (incl. Gym discounts and vison care)
Location: Bridewell operates a hybrid and flexible working policy, however you will be required to travel to different sites on occasion.
Note: To be eligible for this job you must either hold SC or be eligible and willing to go through security clearance.
Bridewell values diversity in the workplace and is a fair and equal opportunity employer. We are committed to creating an equal and inclusive working environment, with the aim that our employees will be truly representative of all sections of society and each person feels respected and able to give their best.