Cyber Security Operational Incident Manager - Technical Consultant

Responsibilities

1. Own and be accountable for security incidents; taking the lead in driving global remediation activities.
2. Ensure simple, repeatable, manual tasks are automated within the Incident Response process.
3. Ensure a "best-practice" program is in place to manage and maintain our security response procedures.
4. Proactively develop and deliver new incident response capabilities, tooling, and processes.
5. Develop an incident management strategy, focusing on regular reviews and exercises.
6. Create and deliver tabletop and simulated exercises focusing on areas of risk identified by our Threat Intelligence team.
7. Ensure the operational security process is consistently maintained across our global regions, considering different regulatory requirements and rules.
8. Act as the point of contact for our global business incident management team for all security-related incidents.
9. Run Post Incident Reviews and track and manage issues to delivery.

Experience and Skills Required

1. Experience and strong understanding of frontline security operations.
2. Experience running a vulnerability remediation program or overseeing vulnerability teams is advantageous.
3. Experience managing complex security incidents at a global scale.
4. Experience creating or improving incident management programs.
5. Strong reporting skills and ability to tailor reports to show improvements and learnings.
6. In-depth understanding of modern attack techniques and flows.
7. Understanding of NIST and MITRE ATT&CK Frameworks.
8. Experience in cloud environments, ideally Azure.
9. Strong communication skills, especially in translating technical feedback into improvements.
10. Banking or finance industry experience is desirable.
11. Security Incident Management qualifications preferred, such as SANS 504.
12. At least 3 years of experience in an Incident Response role.
13. Experience responding to global security events.
14. Experience using NIST or MITRE frameworks for defensive actions.
15. Ability to explain security threats and create mitigations.
16. Knowledge of IT infrastructure technologies and principles.
17. Experience with vulnerability management tools like Nexpose, Qualys.
18. Understanding of Networking Architecture (OSI Model).
19. Analytical skills and process challenge mindset.
20. Passion for cybersecurity, good time management, and organizational skills.
21. Nice to have certifications: Security+, Network+, GCIA, GCIH, GCFA, GMON, GNFA, SSCP, OSCP.

Benefits

We offer a comprehensive benefits package, support your wellbeing, and promote flexible working arrangements. Our goal is to motivate and support your career development. Learn more about our work culture and opportunities at careers.fidelityinternational.

As a regulated financial organization, this role involves compliance with FCA and PRA regulations, including the application of their Conduct Rules (COCON). Training on these regulations is provided. More information can be found in the Employment Handbook.