Cyber Incident Response Lead - Defence - SC Cleared
Cyber Incident Response Lead – Defence – SC Cleared We’re supporting the delivery of a nationally significant defence programme that’s shaping the UK’s future capabilities in secure systems and platforms.As a Cyber Incident Response Lead Specialist, you will take the helm in managing and evolving a cutting-edge cyber response function, including the oversight of a WARP (Warning, Advice and Reporting Point) service to enhance threat visibility and collaboration across stakeholders and delivery partners.Key Responsibilities
- Lead and coordinate response to cyber security incidents across a complex and sensitive defence environment
- Manage and continually evolve the WARP function: providing proactive cyber threat alerts, guidance, and remediation advice to internal teams and partner organisations
- Develop, test, and maintain incident response playbooks, escalation workflows, and technical triage procedures
- Track and analyse threat activity using frameworks like MITRE ATT&CK, and contribute to lessons learned and root cause analysis
- Drive improvements in incident readiness, detection, containment, and post-incident recovery across the delivery environment
- Proven experience leading or significantly contributing to incident response and cyber operations within secure, regulated, or classified environments
- Experience in delivering and/or managing a WARP function, ideally within a government or defence context
- Deep understanding of incident lifecycle management, SIEM tooling, threat analysis, and cyber investigation processes
- Familiarity with frameworks such as NIST 800-61, ISO27035, and MOD JSP604
- Experience working across multi-vendor delivery teams and complex supplier ecosystems
- Active SC clearance is essential