Whitehall Resources currently require an experienced Cyber Incident Response Lead
Please note this will require 4 days onsite in Liverpool
Role Purpose
The Cyber Incident Response Lead is responsible for leading the organisation’s response to cyber security incidents, ensuring rapid containment, eradication and recovery across both IT and OT environments. This role is critical in protecting essential services and ensuring compliance within a CNI regulatory landscape.
Key Responsibilities
Incident Leadership
* Lead response to P1/P2 cyber incidents including ransomware, supply chain compromise and OT disruption.
* Coordinate technical, legal, communications and operational teams.
* Lead incident response across IT/OT environments.
* Ensure minimal disruption to safety-critical systems.
* Work closely with engineering and operations teams.
Regulatory & External Coordination
* Manage reporting obligations under:
* Network and Information Systems Regulations 2018
* UK regulatory and law enforcement requirements
* Liaise with National Cyber Security Centre during nationally significant incidents.
Process & Capability Development
* Develop and test the Cyber Incident Response Plan.
* Run tabletop and live simulations (including OT scenarios).
* Ensure lessons learned are embedded into security controls.
* Mature digital forensics and evidence handling processes.
* Oversee the SOC.
Ransomware & Advanced Threat Handling
* Oversee forensic investigation and root cause analysis.
* Support recovery planning and resilience improvements.
* Lead response to nation-state and organised crime campaigns.
Skills & Experience
* 7+ years cyber security experience.
* 3+ years leading incident response.
* Experience operating in a Critical National Infrastructure environment.
* Strong knowledge of ransomware response and crisis management.
* Experience managing cross-functional crisis teams.
* Knowledge of industrial protocols and safety systems.
* CREST, GCFA, GCIA, CISSP or equivalent certifications.
* Experience in regulated sectors (ports, energy, utilities, transport).
#J-18808-Ljbffr