Risk Services, Technology Risk Services - Incident Response & SOC Compliance Assistant Manager

A career in our Risk Services, within Information Technology Risk Services, will allow you to develop and apply strategies that help clients leverage enterprise technologies so they can get a higher return on their investment, mitigate risks, streamline processes, and find operational inefficiencies. We assist clients in understanding and challenging their current risk profiles and develop strategies to build digital confidence by embracing opportunities to stay competitive through building trust and resilience into their technology systems. We cover a wide range of disciplines, including risk evaluation, operational and strategic Information Technology processes, project governance, application implementation, data integrity, cyber security, and accounting/audit.

Our team helps organisations analyses and assess the security environment and application of our client’s information technology systems. You’ll help develop strategies to increase the reliability of system outputs, enhancing systems security and integrity, and developing strategies for ongoing maintenance. Together we can build trust in society and solve important problems.

Position Overview:

We are seeking a dedicated and experienced Incident Response & SOC Compliance Specialist to join our dynamic security team. The ideal candidate will have 2–5 years of experience in a Security Operations Centre (SOC) environment, with a strong track record in incident response, breach investigations, and SOC standards compliance. In this role, you will develop and maintain compliance policies, orchestrate incident response efforts, conduct breach investigations, and utilise DFIR tools to gather and analyse digital evidence. Success in this position requires strong analytical skills, effective communication, and the ability to work with both technical and non-technical stakeholders.

Key Responsibilities (Essential)

Incident Response & Breach Investigations

• Coordinate and lead incident response activities (triage, containment, eradication, and recovery).
• Investigate and document security breaches, performing root cause analyses and recommending remediation.
• Leverage DFIR tools (e.g., EnCase, FTK, Autopsy) to identify, collect, and analyse digital evidence, ensuring proper chain of custody.
• Develop and maintain incident response documentation, including playbooks, reports, and after-action reviews.

SOC Compliance & Policy Management

• Create, implement, and update SOC compliance policies and procedures in alignment with relevant standards.
• Conduct regular audits and assessments to ensure adherence to SOC requirements and identify areas for improvement.
• Collaborate with cross-functional teams to integrate compliance controls into operational workflows.

Security Monitoring & Analysis

• Utilise SIEM solutions (e.g., RSA NetWitness, QRadar, ArcSight, Splunk) for continuous monitoring, threat detection, and compliance reporting.
• Analyse logs, alerts, and threats to proactively detect and investigate potential security incidents.
• Communicate effectively with technical and non-technical stakeholders, providing clear updates on incidents, risks, and compliance requirements.
• Deliver training programmes to enhance incident response readiness and compliance awareness across the organisation.
• Stay current with industry regulations, best practices, and emerging threats to maintain robust incident response and compliance capabilities.
• Identify and drive continuous improvement initiatives within the incident response framework and SOC compliance processes.

Qualifications & Skills

• Bachelor’s degree in Information Security, Computer Science, or a related field.
• 2–5 years of experience working in a SOC environment, including hands-on incident response.
• Practical experience with other DFIR tools or forensic analysis methodologies.
• Proficiency with SIEM solutions (e.g., RSA NetWitness, QRadar, ArcSight, Splunk).
• Familiarity with Governance, Risk, and Compliance (GRC) tools (e.g., RSA Archer).
• Demonstrable analytical and problem-solving skills with attention to detail.
• Excellent communication skills to engage effectively with stakeholders at all levels.
• Relevant certifications such as CISA, CISSP, or CISM are a plus
• Incident handling or forensics certifications (e.g., GCIH, GCFA, GCFE, EnCE).
• Familiarity with incident response frameworks (e.g., NIST SP 800-61, SANS).
• Experience with scripting languages (e.g., VBA, Python) for automation and analysis will be advantageous.