WHAT YOU'LL DO
Participate as an integral part of the Cyber Security Incident Response Team
Support cyber incident response actions to ensure proper assessment, containment, mitigation and documentation
Support cyber investigations and contribution to large and small scale computer security incidents
Review and analyze cyber threats and provide support, mentorship, and training to junior level security analysts
Work closely with CSIRT team & technology to detect, investigate, and communicate cyber threats
Update the Security Team and other groups on industry trends and recommend initiatives to help lower risk
Proactively monitoring and analyze logs via the SIEM for indicators of attack
Want more jobs like this?
Get Software Engineering jobs in London, United Kingdom delivered to your inbox every week.
Proactively identifying process improvements and taking initiative to implement changes.
Contribute to develop our standard operating procedures and playbooks.
Maintain up-to-date knowledge of the cyber security industry
YOU'RE GOOD AT
The Incident Response Manager is an experienced position within the CSIRT that requires a thorough understanding of Incident Response (IR) operations and best practices, including triage and escalation.
They work with various teams inside BCG and with vendors and partners to support the CSIRT mission of preventing, detecting, and responding to cyber threats.
This role requires advanced analytical and methodical skills coupled with strong, detail-oriented documentation skills that together yield consumable and comprehensive investigation reports. In addition, it requires the ability to assess multiple incidents at a given time. This means the candidate should be able to quickly and effectively prioritize actions based on incident severity while incorporating risk to BCG and communicating to relevant stakeholders in a timely manner. The Incident Response Manager will be working heavily within the CSIRT's suite of tools, including SIEM, EDR, Case Management, and Cyber Threat Intelligence technologies.
YOU BRING (EXPERIENCE & QUALIFICATIONS)
Minimum of 5 to 7 years of information security experience, with a very strong technical background
Significant information security and risk management experience in a multinational enterprise
Demonstrated Incident Response experience (from a Consultancy or SOC environment)
Good verbal and written communications skills
Calm demeanor, grace under fire, outstanding listening skills
Good problem solving, analytical skills and decision making
Experience with Security Information and Event Management (SIEM) monitoring tools and their use (Splunk, Arcsight, QRadar or similar)
Experience with Endpoint Detection and Response tools (Crowdstrike, Carbon Black, Microsoft Defender, or similar)
Security certification like CISSP, CEH, GCIA or GCIH or equivalent a plus
YOU'LL WORK WITH
BCG's information technology group collaboratively delivers the latest digital technologies that enable our consultants to lead and our business to grow. For our IT jobs, we seek individuals with expertise in the areas of IT infrastructure, application development, business systems, collaborative and social technologies, information security, and project leadership.