This job is no longer available.
You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

Incident Response Team Leader - London - MSSP

£70000 - £80000 per annum

Managing this Role

Josh Keeley

Manager - Cyber Specialist 0207 759 7878

With six years’ experience as an IT engineer within the Royal Marines, Josh has a strong network of ex-services CTI analysts and CCTIM qualified managers. Bringing sound technical knowledge and in-depth market expertise, Josh works with consultancies, defence, MSSPs and TIPs; from rapidly-growing start-ups to established global enterprises.


Roles recruited: CTI analysts, CCTIM managers

Seniority: Junior-Senior

Job Type: Permanent

Geographical coverage: London

Market: Cyber threat intelligence, TIP’s and Professional Services

We have partnered with a global Cyber Security Consultancy who are currently looking for an Incident Response Team Leader to compliment an already world class Incident Response team. This team respond to and contain security incidents for their clients with a particular focus on advanced targeted attacks.


As a Team Lead you will focus on strategic initiatives and operational management to deliver sustainable capability improvement over time. Your key focus areas are innovation and optimisation of our services; development of junior team members; and coordination and integration with global teams.

While the role is predominantly managerial, for effectiveness it requires a strong technical background in Incident Response, and the Team Lead will be expected to be able to demonstrate experience dealing with many different types of compromises in different environments, including advanced nation state attacks.


A deep understanding of the motivations and methods adopted by a range of threat actors with an understanding of how exploitation of systems occurs is essential. You will have experience in examining data from various sources including network traffic, volatile memory, host data, log files and other sources of information.

  • Significant industry experience as part of a CSIRT, Security Operations or Investigations team in a data regulated and mission-critical environment.
  • Experience responding to and containing live security incidents such as crimeware, data breaches and advanced targeted attacks following a standard incident handling lifecycle.
  • Solid understanding of technical and security domains fundamental to investigations and incident response, including:
    • Client-server infrastructures, security architectures and related logging and alerting
    • TCP/IP networking with the ability to perform deep-dive network forensic analysis
    • File-system analysis including FAT, NTFS, HFS and/or EXT2/3/4 and ability to find and extract common disk-based indicators of compromise
    • Windows, Linux and/or OS X internals with emphasis on memory structures and ability to find common memory-based indicators of compromise
    • Malware analysis activities using behavioural techniques. Ability to perform dynamic and static analysis is an advantage
  • Ability to report key findings in a clear and concise manner both at technical and senior management level.
  • Vendor independent qualifications in Incident Response and Forensics such as SANS and CREST.

If you are a senior IR Consultant or SOC Analyst looking for that step up towards leadership then this could be a perfect role for you. Apply to find out more information.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

No jobs found