Cyber Incident Response Specialist

Redcentric

  • Full Time
Technical Incident Response Consultant
Remote based (UK Only)

About Redcentric

Redcentric is a leading managed service provider with a rich end-to-end solution portfolio covering the spectrum of Connectivity, Cloud, Collaboration & Cyber Security, designed and delivered by our own highly skilled teams from our privately owned, UK based multi-million pound infrastructure.

Redcentric has annualised revenues in excess of £90million, more than 500 highly skilled employees serving around 2,000 customers across the UK.

With the IT landscape in constant evolution, Redcentric is built around today’s modern IT challenges offering application, collaboration, infrastructure, network and IT security services. Learn more about what we do on our website.
Job description

Aim of the role:

Redcentric is seeking a highly skilled, motivated, and experienced Incident Responder to join our Threat Analysis Centre (TAC) and Cyber Defence team. This pivotal role involves not only detecting, managing, and leading responses to security incidents for our clients but also driving forward the maturity of our TAC. We’re seeking a cybersecurity professional with a deep understanding of cybersecurity principles, Incident Response (IR) procedures, and forensics. Your contributions will be critical to advancing our IR capabilities and raising the bar for our Cyber Defence efforts.

You will be allocated tasks by the Head of Cyber Defence; these will vary in size and complexity and will involve a high degree of accuracy in a time sensitive target-driven environment.

Key Objectives:

Objectives will include, but are not restricted to the following:

  • Work with the Head of Cyber Defence within the TAC, continuously driving forward its maturity and enhancing our cybersecurity capabilities as a managed service provider.
  • Reverse engineer and analyse malware and other security threats, extracting relevant indicators of compromise to bolster our cyber defence capabilities.
  • Undertake detailed incident analysis by correlating data from different sources to determine if a critical system or data set has been affected.
  • Recommend remediation activities and coordinate response actions with various IT and security functions.
  • Leverage the MITRE ATT&CK framework to categorise, assess, and enhance our response capabilities to cyber threats. Keep up to date with any updates to the framework and ensure its full integration into our incident response and threat hunting activities.
  • Develop and update incident response playbooks to align response activities with best practices, minimise gaps in response, and mitigate threats effectively.
  • Conduct comprehensive root cause analysis to identify gaps and provide actionable recommendations to remediate risks.
  • Participate in a 24/7 Incident Response on-call rotation and perform out-of-hours work as needed.

This list of responsibilities is not exhaustive, and the role holder is expected to reasonably take on any other responsibilities required to support business activities within the Redcentric Group.

Candidate Specification
The ideal candidate will be a bright and enthusiastic individual who is dedicated to achieving great results. They will ideally have the following skills, attributes and experience:

  • Work with the Head of Cyber Defence within the TAC, continuously driving forward its maturity and enhancing our cybersecurity capabilities as a managed service provider.
  • Reverse engineer and analyse malware and other security threats, extracting relevant indicators of compromise to bolster our cyber defence capabilities.
  • Undertake detailed incident analysis by correlating data from different sources to determine if a critical system or data set has been affected.
  • Recommend remediation activities and coordinate response actions with various IT and security functions.
  • Leverage the MITRE ATT&CK framework to categorise, assess, and enhance our response capabilities to cyber threats. Keep up to date with any updates to the framework and ensure its full integration into our incident response and threat hunting activities.
  • Develop and update incident response playbooks to align response activities with best practices, minimise gaps in response, and mitigate threats effectively.
  • Conduct comprehensive root cause analysis to identify gaps and provide actionable recommendations to remediate risks.
  • Participate in a 24/7 Incident Response on-call rotation and perform out-of-hours work as needed.

Preferred Experience & Qualifications

  • Bachelors degree in Computer Science, Information Security, or a related field; or equivalent work experience.
  • 3+ years of experience in a cybersecurity incident response, security operations, or related role.
  • Experience with the Microsoft Security Stack, and open-source incident response tooling such as Velociraptor.
  • Relevant GIAC IR Certifications (GCFA, GCIH, GREM, GDAT, GCIA etc.) or other certifications from a reputable training provider/accrediting body (e.g., Security Blue Teams BTL2).
  • Deep understanding of network protocols, enterprise architecture, and security-related technologies.
  • Thorough understanding of the threat landscape and attacker methodologies.
  • Exceptional communication and leadership skills, with the ability to explain security-related concepts to a range of audiences.
  • DevOps and scripting knowledge is a plus (PowerShell/Python/Bash etc.).

They will also preferably have the following skills, attributes and experience:

  • Strong verbal and written English communication skills.
  • Must reside within the United Kingdom and be able to obtain and maintain Security Clearance (SC).
  • Ability to work in a fast-paced environment, making effective decisions quickly under high-pressure situations.
  • Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
  • Proven ability to work effectively with minimal supervision, demonstrating a high degree of initiative, self-motivation, and organisational skills.
  • Excellent team player with the ability to foster a cooperative work environment, valuing diverse perspectives and encouraging collaborative problem-solving.
  • Willingness to participate in a 24/7 Incident Response on-call rotation and perform after-hours work as needed.
  • Strong knowledge of IT operations: help desk, end-user computing, servers, networking, and information security technology systems.

Hours of Work
The Company’s standard hours of work are 9.00am – 5.30pm (5pm on a Friday) with one hour for lunch, however, given the nature of the role, flexibility in terms of hours worked will be required to deal with incidents as they occur.

Job Overview
  • Categories

  • Receive job alerts:
    Your subscription could not be saved. Please try again.
    Your subscription has been successful.

    By subscribing below, you acknowledge that your email address will be transferred to Sendinblue for processing in accordance with their terms of use

Receive job alerts twice per week:

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Choose one or more global alerts or browse to the USA and UK alert pages:



USA Specific Job Alerts
UK Specific Job Alerts

Our marketing platform's terms of use