Cyber Incident Response Manager

Gloucester Business Park, Bristol - with flexibility of working from home, minimum 3 days a week in the office.

As Cyber Incident Response Manager, you will lead response activities across nuclear licensees, managing a team and coordinating with retained consultants to ensure readiness and resilience. Expect to establish and mentor a pool of first responders, including out-of-hours capabilities, while driving continuous improvement through lessons learned and operational experience.

Collaboration with internal and external stakeholders—includ­ing NCSC, ONR, DESNZ, and EDF Enterprise IT—is key to sharing threat intelligence, guiding detection capability development, and advising on risk-based business impacts. You’ll also be responsible for designing and running cyber exercises, maintaining incident response playbooks, and integrating protocols with broader emergency arrangements.

Clear communication through policy and operational documentation is essential, as is acting as a focal point for incident analysis and forensic handling. When major incidents occur, you may be called upon to support nuclear licensees directly, offering expert guidance to ensure effective containment and recovery.

To be appointed to this role, you will need to meet the criteria for Security Clearance (SC) which will, ordinarily, require you to have British residency for the last 5 years.

Closing date for applications: 12th October 2025

You'll have strong knowledge of cyber security standards like ISO27000 and frameworks such as Mitre ATT&CK. You’ll understand how cyber threats affect both IT and industrial control systems, and have experience managing complex risks in regulated environments.

You'll lead and support incident response efforts, build response plans, and run exercises to keep teams prepared. Strong communication and leadership skills are key, as you’ll work closely with stakeholders across EDF and external partners like NCSC and ONR.

We’re looking for someone who can work independently, make informed decisions, and guide others through cyber incidents. Experience in the nuclear or government sector is a plus, and qualifications like CISSP, CISM, or SANS would be beneficial.

Alongside a starting salary of £80,000 and a market-leading pension scheme, your package will include a range of benefits, from the big and formal to the small and personal.

We’re talking about everything from enhanced parental leave to electric vehicle leasing, health insurance to product discounts, critical illness insurance to technology vouchers, gym membership to season ticket loans.

At EDF UK, we embrace flexibility while recognising that everyone's working needs are different. Whether you're in our office spaces, on site, or working remotely, we promote an environment that supports collaboration, connection, and comfort. No matter where you are, our priority is to make sure you feel safe, valued, and celebrated.

Here, we do right by each other and everyone's welcome. We’re on an action-oriented journey, championing equity, diversity, and inclusion. We’d like our future workforce to have an equal gender balance, represent a broad mix of people from minority ethnic backgrounds, LGBTQ+, those with a disability and supporting social mobility.

We’re a disability confident employer and we’ll do all we can to help with your application. Please let us know if you need to request reasonable adjustments.

We take pride in fostering a dynamic and inclusive environment, where the diverse backgrounds and experiences of our employees drive fresh thinking and innovation. We understand that success means different things to different people. We believe there are multiple definitions of what it means to succeed. That’s why we support you to pursue a career that’s unique to you. Because success is personal.

To be appointed to this role, you will need to meet the criteria for Security Clearance (SC) which will, ordinarily, require you to have British residency for the last 5 years.

Qualifications

Strong knowledge of cyber security standards like ISO27000 and frameworks such as MITRE ATT&CK. Experience in cyber security for IT and industrial control systems in regulated environments. CISSP, CISM, or SANS qualifications would be beneficial.