Willis Towers Watson Cyber Security Incident Response Manager in London, United Kingdom

Cyber Security Incident Response Manager

Date Posted: November 12, 2018


Not ready to Apply?


The Role

As the Cyber Security Incident Response Manager, you will be working as part of the Cyber Security team, responsible for the management and co-ordination of responses to Cyber Security incidents across the business. You will take ownership of incidents that occur and proactively work with other stakeholders to manage or remediate these incidents to closure. Ideally, you would have/had experience working within a Security operational position with a specific focus within Cyber Security Incident Response. This role is both hands on and managerial so experience of both is preferred.

You will work with geographically diverse teams within Cyber Security to respond to threats that may arise against our assets. Periodically, you will be required to participate as an escalation point of contact in the On-Call rotation, to ensure that business can respond to incidents in a timely manner, and you may be called upon to work outside of business hours in the event of a major security events.

  • Reporting to the Global Director of Cyber Security, managing team members located in both US and UK with a growing team.

  • Working collaboratively with Cyber Security members, and multiple stakeholders to ensure efficient and appropriate responses to Cyber Security Incidents.

  • Providing tactical and strategic recommendations for preventative controls to Operational teams based upon incident response findings and trends in realised threat activity

  • Requesting custom development for analytics and SIEM enhancement from the Cyber Systems team

  • Responds to detected incidents from initial detection, through containment and remediation, coordinating with technical teams to gather information and to assist with remediation planning and actions.

  • Communicates findings to stakeholders along with recommendations on posture improvements

  • Develop and provide Key Incident Metrics to Information Security Leadership.

  • Develop and improve incident response processes and procedures.

The Requirements

  • Strong communication skills and confident with stakeholders of all levels and ability to challenge constructively

  • The ability to build and maintain effective relationships with stakeholders to enhance and develop better cross functional working practices

  • Ability to manage time on multiple investigations, both personally and on behalf of team members.

  • Analytical thinking (including analysis of competing hypothesis and assessment based on limited information)

  • Hold professional qualifications in a related subject e.g. CISSP, Security+, GSEC, GCIH, CEH, or GCIA certification

  • Deep understanding of Cyber Security Incident Response Team processes and procedures.

  • The ability to lead a team of technical and non-technical resources and lead through influence the activities of other teams with regards to Cyber Security Incidents.

  • Knowledge of attack vectors, threat tactics and attacker techniques.

  • Understanding of Windows and Linux operating systems and command line tools.

  • Enterprise level analysis and defense experience are a plus.

The Company

Willis Towers Watson is a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. With roots dating to 1828, Willis Towers Watson has 40,000 employees serving more than 140 countries. We design and deliver solutions that manage risk, optimize benefits, cultivate talent, and expand the power of capital to protect and strengthen institutions and individuals. Our unique perspective allows us to see the critical intersections between talent, assets and ideas – the dynamic formula that drives business performance. Together, we unlock potential. Learn more at willistowerswatson.com .

Willis Towers Watson is an equal opportunity employer

Willis Towers Watson believes that effectively managing a diverse workforce is vital to our business strategy. We have an obligation to our organization, ourselves and our clients to hire and develop the best people we can find. We will continually review our policies and practices to ensure that all areas of the employment process (including recruiting, hiring, work assignments, compensation, benefits, promotions, transfers, company-sponsored development programs and overall workplace experience) are free from discriminatory practices. We are committed to equal employment opportunities at Willis Towers Watson.

Unsolicited Contact: Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Willis Towers Watson are considered property of Willis Towers Watson and are not subject to payment of agency fees. In order to be an authorized Recruitment Agency/Search Firm for Willis Towers Watson, any such agency must have an existing formal written agreement signed by an authorized Willis Towers Watson recruiter and an active working relationship with the organization. Resumes must be submitted according to our candidate submission process, which includes being actively engaged on the particular search. Likewise, for our authorized Recruitment Agencies/Search Firms, if the candidate submission process is not followed, no agency fees will be paid by Willis Towers Watson. Willis Towers Watson is an equal opportunity employer.


Not ready to Apply? at https://willistowerswatson.avature.net/WTWTalentNetwork


  • Share on Facebook

  • Share on Twitter

  • Share on Google+ Share on Pinterest

  • Share on Linkedin

  • Share by Mail


  • Location:London, England, GBPhiladelphia, PANashville, TNIpswich, EnglandReigate, England

  • Date Posted:November 12, 2018