Security Incident Responder

Our purpose is to empower people to save and invest with confidence. We are looking for great people to join us, so please come and invest in YOUR future at HL.

We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We'd love to hear from you!

An exciting opportunity has arisen to join our Cyber Defence Team as a Security Incident Responder. You will lead our maturing security incident management function and play a crucial role in ensuring the ongoing security and protection of our systems and data. Your primary responsibility will be to manage and oversee response to security incidents, including creating incident response playbooks, conducting PIRs (Post Incident Reviews), and generating RCA (Root Cause Analysis) reports.

• Manage and coordinate the response to security incidents, working closely with various teams across the organisation to ensure a timely and thorough resolution.
• Develop comprehensive incident response playbooks for each incident type, ensuring efficient and effective handling of security incidents.
• Conduct post-incident reviews to identify areas of improvement, lessons learned, and recommendations for future incident response enhancements.
• Generate detailed RCA reports that highlight the root causes of security incidents, providing insights into vulnerabilities, weaknesses, and potential mitigations.
• Stay up to date with the latest industry standards and best practices, particularly the MITRE ATT&CK framework and NIST guidelines.
• Collaborate with other members of the Cyber Defence Team to enhance overall cyber resilience, including participating in tabletop exercises and security drills.
• Act as a subject matter expert on security incident management, providing guidance and support to stakeholders across the organization.

• Proven experience in incident response management, preferably in a financial services or highly regulated environment.
• Strong knowledge of incident response methodologies, tools, and frameworks.
• Familiarity with regulatory requirements, such as GDPR, PCI‑DSS, and ISO 27001.
• Experience in creating incident response playbooks and conducting post‑incident reviews and RCA reports.
• Excellent problem‑solving and analytical skills, with the ability to think critically in high pressure scenarios.
• In‑depth knowledge of the MITRE ATT&CK framework and NIST guidelines, and the ability to apply them in real‑world scenarios.
• Security+, GCIH (GIAC Certified Incident Handler), MAD (MITRE ATT&CK for Defenders) or other relevant SANS or security qualifications (desirable).

This will be a two‑stage interview process, consisting of a competency/behavioural and technical based interview.

This role is permanent, full time, 37.5 hours per week, Monday to Friday. We have returned to the office, however for this role we offer a flexible working pattern to enable you the option of working from home.

Here at HL, we’re the UK’s number 1 investment platform for private investors, based in Bristol. For more than 40 years we’ve helped investors save time, tax and money on their investments.

To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We’re steered by core values that promote service, quality, innovation, and opportunity in everything we do.

• Discretionary annual bonus* & annual pay review
• 25 days* holiday plus bank holidays and 1‑day additional Christmas closure time
• Option to purchase an additional 5 days holiday per year at annual enrolment
• Flexible working options available, including hybrid working
• Enhanced parental leave
• Pension scheme up to 11% employer contribution
• Sharesave scheme – have a real stake in HL’s future
• Income Protection & Life insurance (4 x salary core level of cover)
• Private medical insurance*
• Health care cash plans – including optical, dental, and outpatient care
• Help@hand and an Employee Assistance Programme
• Gympass – gym memberships and wellbeing apps available
• Variety of travel to work schemes with free bike storage and shower facilities
• An in‑house barista serving subsidised coffee and snacks
• Join HL’s sports, I&D networks and volunteering groups (two paid volunteering days per year)
• LifeWorks Discounts on services, restaurants and retailers

* dependant on role level

Hargreaves Lansdown is an inclusive employer that values diversity in its workforce. We encourage applications from all individuals without regard to race, religion, gender, sexual orientation, national origin, disability or age.

This role may also be available on a flexible working or part time basis – please ask the Recruitment & Onboarding team for more information.

Please note, we are unable to provide employment sponsorship to candidates.