Job Description
Senior Cyber Incident Responder
* Daily Rate: Inside IR35
* Location: Sheffield
* Job Type: Hybrid (2-3 days on-site)
Join our Cyber Defence Centre (CDC) as a Senior Cyber Incident Responder. This senior, business-facing role within Security Operations & Engineering focuses on end-to-end cyber incident management, coordination, and stakeholder engagement across complex environments. You will lead the response to high-severity cyber incidents, ensuring effective command, communication, and decision-making throughout the incident lifecycle.
Day-to-day of the role:
Incident Leadership & Management:
* Lead the coordination of high-severity cyber incidents from initiation through to resolution.
* Act as the central point of control for incident command and control activities.
* Manage incident bridges, ensuring effective communication and structured execution.
Stakeholder Engagement:
* Engage and communicate effectively with technical teams, business stakeholders, and senior leadership.
* Operate confidently within a Bronze-Silver-Gold command structure.
* Support escalation into crisis management frameworks where required.
Communication & Coordination:
* Coordinate internal and external communications during incidents.
* Ensure alignment across multiple teams, partners, and third parties.
* Facilitate consensus-driven decision-making in time-critical environments.
Operational Control:
* Prioritise and manage competing incident demands.
* Drive structured incident response processes and adherence to best practice.
* Act as the Cyber Response lead within broader crisis scenarios (e.g., ransomware events).
Continuous Improvement:
* Capture and contribute to lessons learned and post-incident reviews.
* Identify process, capability, or control improvements.
* Work with internal teams to enhance overall cyber resilience.
Required Skills & Qualifications:
Core Experience:
* Proven experience in Cyber Incident Response or Major Incident Management.
* Experience operating in a SOC or Security Operations environment.
* Strong understanding of incident management frameworks and escalation models.
Stakeholder & Leadership Skills:
* Excellent communication and interpersonal skills.
* Ability to influence, negotiate, and gain consensus under pressure.
* Experience working with senior stakeholders (including C-suite exposure).
Operational Capability:
* Experience running incident bridges / war rooms.
* Strong decision-making ability in high-pressure situations.
* Understanding of crisis management structures and frameworks.
Technical Understanding (Desirable):
* Solid grounding in cyber security concepts and threats.
* Experience with Endpoint Detection & Response (e.g., CrowdStrike), SIEM platforms (e.g., Microsoft Sentinel), and ServiceNow (Security Operations).
* Ability to engage with technical teams and interpret technical data.