Senior Information Security Incident Handler- FTC

Willis Towers Watson ,
Reigate, Surrey

Overview

Job Description

Summary of Role Initial fixed term contract for 12 months with possibility to extend or convert to permanent employee. The Senior Information Security Incident Handler works as part of the Information and Cyber Security department, providing triage, coordination and ownership of reported security incidents thought the entire life of the incident. This may include for example where data is incorrectly disclosed (for example emailed to the wrong user), or a 3rd party is breached and we need to track and identify the impact to Willis Towers Watson. The role will interact directly with users from our business, and liaise with specialist teams such as legal, privacy, business information security officers, and cyber major incident response where needed to resolve incidents. The role is not a hands on technical cyber security role, but you will be interacting on a daily basis with technical teams and any understanding of cyber security will be advantageous. The Senior will be a subject matter expert within the team, providing mentoring to junior Incident Handlers, and taking on the more complex cases. We are looking for a collaborative team player, with brilliant coordination and communication skills who likes to work in a fast pace environment. The successful candidate will be able to shape Information Security Incident Response in a global organisation, and there are opportunities to get exposure to other security disciplines. They will contribute to and work as part of a global multi-disciplined security community with clear vision and direction, and top down support across the business. They will help the wider community in fostering a culture which is both security aware and is a great place to come to work. The Role Responsibility: Support the team lead through activites such as: * Create and update documentation relating to Incident Response and supporting processes * Create regular meaningful reports, MI and briefs to articulate Incidents and security posture, trends, and patterns * Contribute to continual improvement of incident response processes Receive and resolve reports of security incidents from across the business including: * Making a record of the incident and undertake triage to determine the severity of the incident The Requirements * Demonstrable track record of building effective business relationships across functions and geographies * A working knowledge and background in Information Security * Problem solving and maintaining SLAs in a highly available environment * Stakeholder Management Beneficial but not essential: * An understanding of Cyber Security * An understanding of privacy regulations (e.g. GDPR) * Relevant Industry certifications such as CISMP, CISM Equal Opportunity Employer