Cyber Security Operations Incident Manager, CISO Function, Open to flexible working

London (Greater)
09 Jun 2021
08 Jul 2021
Contract Type

Cyber Security Operations Incident Manager, CISO Function, Enabling Functions

Your opportunity

To work in the innovative and creative Cyber Security Function (CISO) team. A world class operation with extensive knowledge and experience. Interfacing with business and technical teams and bringing about change and influence across the whole world of Deloitte. Apply your skills here to make things happen, great people, great purpose and passionate about our work.

We encourage consideration of flexible ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients. If this opportunity is of interest to you with some flexibility, please do discuss with us.

Your role


  • Consistently looking for ways to improve our Security Incident Response procedure and Threat monitoring services
  • Assists in preparation of internal and external communications
  • Maintains chain of custody of Security incident evidence
  • Provides physical security of collected data and devices
  • Provides recommendations to resolve security incidents and/or reduce impact of incident, to bypass and/or prevent future similar issues


  • Service manager for Cyber Intelligence Centre threat monitoring and analysis services for the CISO function
  • Responsible for Security related Service Reviews & KPI reporting
  • Providing support to the Senior Manager and CISO and wider information security function 
  • Provides technical services needed for cyber incident response investigations including, containment, eradication and remediation activities
  • Responsible for assessing scope of security incident impact
  • Assists in determination of security incident severity
  • Responsible for maintaining documentation throughout a security incident
  • Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation
  • Assists with perform digital forensic services including, but not limiting to, collection, documentation, preservation and analysis of incident evidence

Relationship Management

  • Provides direct guidance and oversight to Coordination Specialist – Incident Response
  • Maintains on-call availability for a 24x7x365 coverage

Your work, your choice

In the CISO team we are results focused and believe in excellence in respect in all aspects of our work and interaction with each other. We make full use of technologies that help support different ways of working. At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk.

We, therefore, carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. If the working pattern you are looking for is not specifically indicated below, we are happy to discuss alternative arrangements.

Location: London with occasional domestic and international travel

Suggested work pattern: Permanent full time

Your professional experience

  • Considerable and combined experience in the Information Security / Cybersecurity domain with experience of cyber incident response.
  • Demonstrated understanding of the incident lifecycle and security operations, working knowledge of triage and analysis tools, and a strong understanding of cybersecurity threats.
  • Demonstrated understanding of incident response casework, including maintaining case information, chain of custody reporting, and full documentation of issues from identification through remediation
  • Proven track record and experience of the following in a highly complex and global organization:
  • Strong problem solving and troubleshooting skills with experience exercising mature judgement
  • Excellent teamwork and interpersonal skills


  • Professional security management certification preferred, such as GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE),  Certified Information Systems Security Professional (CISSP), or other similar credentials


  • Bachelor’s degree: degree in a technology-related field, or equivalent education-related experience


  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical level
  • Possess strong organizational skills to facilitate management and tracking of large numbers of incidents, events, and efforts.
  • Ability to adapt and operate in a high-tempo, dynamic and stressful environment
  • Sound knowledge of business management and an expert knowledge of information / cybersecurity strategy and governance
  • Operational knowledge of preventive and detective security controls (e.g., firewalls (preferred CheckPoint), advanced endpoint solutions (preferred: Cylance), Web Application Firewalls (WAF), Data Loss Prevention (DLP), web security solutions, email gateways, Security Information and Event Management (SIEM))
  • Operational knowledge of general IT technologies and concepts (e.g., routers, switches, messaging systems, server operating systems (Windows, Linux, Unix), desktop and mobile operating systems (Windows, macOS, iOS, Android), cloud services and architecture, and vulnerability management.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework
  • Experience recording and maintaining incident documentation within a ticketing system (preferred: ServiceNow)
  • Understanding of incident response in a Cloud based environment and experience with cloud solutions (preferred: Microsoft Azure, AWS)
  • Experience leading cyber security incident response during normal daily operations or against advanced persistence threats.
  • Ability to quickly analyse large amounts of information and formulate action plans based on that analysis.
  • Strong understanding of SIEM technologies

Your service line: Enabling Functions

At Deloitte, we’re all about making an impact that matters, together. And nowhere is this more apparent than among our 2,000 strong Enabling Functions teams. With our combined specialist skills and business partnering expertise, we provide all the essential strategy, support and advice our client-facing colleagues need, right across the firm. This enables them to focus all of their efforts on delivering the best service possible to their clients. So not only will you be providing world-class support to our internal clients, you’ll be making an impact for all the hugely influential organisations Deloitte works with too.  Covering all our distinct areas: Human Resources, Clients & Industries, Finance & Legal, Central Business Services, National Quality & Risk Management, Technology & Digital Services, and Real Estate, the opportunities here are vast. And what’s more, you can grow your career in whatever direction you choose. We’ll support you all the way. 

Personal independence

Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm.  The recruitment team will provide further detail as you progress through the recruitment process.

About Deloitte

Our Purpose & Strategy

To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent.

What do we do?

Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Legal, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world.

Beyond the UK: Deloitte North and South Europe

The UK is part of Deloitte North and South Europe (NSE), the second largest member firm in the Deloitte network. Deloitte NSE combines operations in Belgium, Central Mediterranean (Italy, Greece, Malta), Ireland, the Middle East (Bahrain, Cyprus, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Oman, Palestinian Ruled Territories, Qatar, Saudi Arabia, United Arab Emirates, Yemen), the Netherlands, the Nordics (Denmark, Finland, Iceland, Norway and Sweden), Switzerland and the UK. Deloitte NSE brings together 2,700 partners and over 50,000 people, combining our unmatched breadth and depth of capabilities in audit and assurance, consulting, financial advisory, risk advisory, and tax and legal across the region. Being part of Deloitte NSE supports our aspiration to be the undisputed leader in professional services and will create more opportunity and growth for our people.

What do we value?

What brings us all together at Deloitte? It’s how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for maximum impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most.

Being a Leader at Deloitte

Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work – and value them as individuals; always finding opportunities to develop them while showing respect and appreciation.

We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we’re looking for:

  • We live our purpose: we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make
  • We develop talent: we develop high-performing people and teams through challenging and meaningful opportunities
  • We drive performance: we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders
  • We believe positive influence can make an impact that matters: we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
  • We move, together, towards a strategic direction: we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction.


Similar jobs

Similar jobs