Cyber Incident Response Team Manager

We are part of the International Airlines Group, a leading airline group operating over 270 destinations and transporting more than 100 million passengers annually. We offer a scalable, best-in-class platform of procurement, finance, and IT services to airlines including Aer Lingus, British Airways, IAG, IAG Cargo, IAG Loyalty, Iberia, Iberia Express, LEVEL, and Vueling. Our focus on functional expertise and customer service aims to strengthen our group, enhancing efficiency and competitiveness.

This role is a strategic, high-impact opportunity for a cybersecurity professional to define and implement an end-to-end operating model for collaboration between the central Security Operations Center (SOC) and supporting functions. Responsibilities include formulating core processes, establishing technology stacks, and ensuring scalable security operations.

Key responsibilities include contributing to the selection and onboarding of a Managed Security Services Provider (MSSP), defining operational procedures, KPIs, SLAs, and building strong relationships with external stakeholders to align SOC services with business priorities. The role also involves developing internal capabilities for future in-house security teams and transitioning functions as needed.

• Degree or equivalent experience
• Recognized security certifications (e.g., CISM, CISSP) preferred
• Experience leading security teams or senior security analyst roles
• Project management experience and certification (preferred)
• Leadership skills to manage large security teams
• Expertise in incident detection, analysis, and response
• Proficiency with SOC tools such as SIEM, IDS/IPS, EDR
• Knowledge of cybersecurity principles, standards (e.g., GDPR, PCI DSS), and compliance
• Strong communication skills for diverse audiences and senior management
• Adaptability to evolving threats and technologies

• Extensive security operations experience
• Experience in a Computer Incident Response Team (CIRT)
• Leadership in Security Incident Response (SIR)
• Experience with SIEM/SOAR tools
• Knowledge of threat intelligence, vulnerability management, and network security
• Familiarity with security frameworks like MITRE ATT&CK and NIST CSF
• Leadership or strong potential in security teams
• Performance management skills
• Security scripting and automation (Python, Bash) optional
• Knowledge of cloud security and compliance regulations optional

• Opportunity to grow in a dynamic, fast-paced environment
• Work in a multicultural setting with global benefits including health, pension, and bonuses
• We are an equal opportunity employer committed to diversity and inclusion