Skills
* Strong experience producing Incident Response plans & playbooks for medium-to-large organisations
* Deep understanding of modern threat actors & IR lifecycle
* Experience across cloud (Azure, AWS) and on-prem enterprise environments
* Experience in regulated sectors (financial services, healthcare, government, critical infrastructure)
* Hands-on involvement in real-world incident response
* Familiarity with EDR, SIEM, identity governance & cloud security architecture
* GCIH, GCFA, CISSP (or equivalent), is nice to have
Role
You’ll collaborate with technical and business stakeholders to assess Incident Response maturity and deliver a robust, audit-ready incident response framework, including:
* IR Technical Capability Maturity Assessment
* IR plan enhancement
* Communication workflows
* Scenario-based playbooks (ransomware, BEC, data breach, etc.), structured containment, eradication, and recovery procedures
* Support tabletop exercises and ensure alignment with CIS Controls and regulatory expectations