Senior Technical Analyst - Security Incident Manager

The Senior Security Incident Manager is a senior member of the Security Incident Management team, responsible for overseeing the coordination, documentation, communication, and tracking of security incidents affecting Computacenter. Acting as the central point of command and control, they lead a matrix of operational teams through effective response and remediation, including sensitive incidents, such as misuse and insider threats. The role ensures clear stakeholder communication throughout the incident lifecycle and owns key deliverables including trend analysis and coordination of the Monthly Business Unit Security Incident Management (SIM) Hubs, Daily Security Incident call, as well as contributions to the annual security risk review, and other routine reporting. Due to the nature of cyber incidents, the role may require extended or out-of-hours support.

What you’ll do

• The Senior Security Incident Manager will provide management and coordination of security incident response and remediation to minimise the impact of cyber risks to Computacenter. Roles and responsibilities will be reflective of that in a senior level role and will include management of sensitive security incidents, including misuse cases or where contractual requirements stipulate dedicated European resource.
• Manage and lead the response to security incidents, end to end and in line with SLAs and Security Incident management processes, working closely with CSOC for detection, Threat Intelligence for context, and CSS for remediation support.
• Act as an SME for high priority security incidents or where escalations require and engage Cyber Forensics for evidence handling and root cause validation.
• Lead sensitive security incidents where required including misuse, insider or where contractual requirements stipulate additional requirements.
• Be flexible in your approach to security incident management and fulfil additional responsibilities depending on security incident management or resourcing requirements.
• Operational accuracy and knowledge enablement, inputting into the SIM Tracker, being responsible for the Daily Security Incident Call and generating / uplifting knowledge articles as required.
• Take primary responsibility for the Monthly Business Unit Security Incident briefings, ensuring accurate data and trend analysis is presented and actions and recommendations are captured, leveraging insights from CSOC to validate findings and remediation progress.
• Drive collaboration with GIS cybersecurity operational teams and explore opportunities to add value / continuously improve the Security Incident Management processes and stakeholder engagement.
• Track remediation of recommendations and actions ensuring appropriate stakeholder engagement and plans are in place.
• Supports colleagues performing analysis and have an understanding of business requirements to drive value add within the immediate Security Incident management team and wider GIS cybersecurity.
• Identify gaps in controls or processes that contributed to incidents occurring, feeding observations back to the BISO functions for continuous improvement.
• Process Development and Improvement (15%)
• Support the development and maintenance of security incident response playbooks, processes and procedures, incorporating feedback from CSOC, CSS and Threat Intelligence to ensure relevance and effectiveness.
• Continuously look for opportunities to enhance incident response capabilities based on lessons learnt, industry best practice and threat intelligence, aligning updates with operational teams ensuring smooth integration into operational workflows.

What you’ll need

• Minimum 3–5 years’ experience in cyber security incident management, with a proven track record of handling complex cyber incidents in a global or large-scale environment.
• Demonstrates strong coordination and hands-on management of cyber security incidents, providing decisive guidance during high-impact or sensitive events such as data breaches, ransomware, or targeted attacks.
• Skilled in developing, maintaining, and applying cyber incident response playbooks and procedures, ensuring operational teams are equipped for consistent and effective cyber incident handling.
• Actively contributes to the development, review, and continuous improvement of cyber incident management processes, embedding industry best practices and enhancing operational efficiency.
• Applies threat intelligence and lessons learned to continuously improve cyber incident response processes and team readiness.
• Identifies opportunities to streamline and automate cyber incident management tasks, supporting efficiency and timely response.

Desirable

• Understanding of information assurance standards and frameworks including CIS, NIST, ISO27001, Cyber Essentials/Essentials Plus, GDPR.
• Managing a security incident lifecycle through incident management tooling such as Service Now.