IBM Senior Security (Incident Response) Delivery Team Lead. in LONDON, United Kingdom

Type of individual: A good client communicator and team leader with in depth knowledge and understanding of Incident Response and APT actors and threats and how to deal with IT security incidents as part of a wider incident response (e.g. security enhancement etc.). A complete knowledge of live security incident management and handling including, leading, teaming, analysis and remediation experience in commercial or government environments). Comprehensive understanding of security improvement planning, and an ability to make in depth recommendations regarding same. Flexible and dynamic working approach and willing to work 24/7 in delivery capability, often travelling away from home at short notice for extended periods.

  • Experience in IT Security and Investigations

  • Demonstrated experience of leading teams of investigators on diverse and complex investigations

  • Demonstrated capability in handing large scale investigations involving Targeted Threat Actors

  • Demonstrated presentation skills, able to articulate and present to a wide audience from technical to the board room

  • Demonstrated experience of maintaining and developing Digital Investigation Service capabilities

  • Demonstrated experience of contributing to IT Security projects

  • Demonstrated experience of SOC, Digital Forensic and Incident Response operations.

  • Must have a deep and current understanding of the tools techniques and tactics of Targeted Threat Actors and remain up to date with current and future trends

  • Mentor and or identify training to personnel

  • Ability and willingness to be involved with APT security research community to maintain knowledge and garner intelligence

  • Possesses as a unique blend of experience, vision, technical, and intrapersonal skills that are required for such a position

  • Excellent team and case management skills

  • Excellent reporting (written and verbal) skills – Client (to C Level) and internal


  • Form part of a 247365 callout function

  • Willing to travel extensively and at short notice

  • 80% of time will be spent in the field leading and handling incident response delivery on behalf of commercial clients (billable to client), collaborating with senior staff, and mentoring junior staff on current cases.

  • 20% Research and administration

Security Services