Principal Information Security Incident Handler- FTC

Summary of Role Initial fixed term contract for 12 months with possibility to extend or convert to permanent employee. The Principal Information Security Incident Handler works as part of the Information and Cyber Security department, providing triage, coordination and ownership of reported security incidents thought the entire life of the incident. This may include for example where data is incorrectly disclosed (for example emailed to the wrong user), or a 3rd party is breached and we need to track and identify the impact to Willis Towers Watson. The role will interact directly with users from our business, and liaise with specialist teams such as legal, privacy, business information security officers, and cyber major incident response where needed to resolve incidents. The role is not a hands on technical cyber security role, but you will be interacting on a daily basis with technical teams and any understanding of cyber security will be advantageous. The principal will be a leader within the team, providing mentoring to junior Incident Handlers, and taking on the more complex cases. This is an excellent opportunity for someone looking to grow into a people leadership position. We are looking for a collaborative team player, with brilliant coordination and communication skills who likes to work in a fast pace environment. The successful candidate will be able to shape Information Security Incident Response in a global organisation, and there are opportunities to get exposure to other security disciplines. They will contribute to and work as part of a global multi-disciplined security community with clear vision and direction, and top down support across the business. They will help the wider community in fostering a culture which is both security aware and is a great place to come to work. The Role Responsibility: Lead the Incident Handling Team, providing oversight of team activities, including: * Create and update documentation relating to Incident Response and supporting processes * Create regular meaningful reports, MI and briefs to articulate Incidents and security posture, trends, and patterns * Contribute to continual improvement of incident response processes * Lead a team of Incident Handlers, managing workload, development, and wellbeing Receive and resolve reports of security incidents from across the business including: * Making a record of the incident and undertake triage to determine the severity of the incident * Lead and coordinate the resolution of incidents; including scheduling calls, issuing and tracking actions, collection of evidence * Provide timely escalation of severe incidents * Provide recommendations to resolve incidents, and identify underlying trends and potential control gaps * Ensure all incident handling and response best practices, standards, laws, act and cyber security frameworks are followed * Ensure accurate and clear communication with all stakeholders Requirements * Demonstrable track record of building effective business relationships across functions and geographies * A working knowledge and background in Information Security * Problem solving and maintaining SLAs in a highly available environment * Stakeholder Management Beneficial but not essential: * An understanding of Cyber Security * An understanding of privacy regulations (e.g. GDPR) * Relevant Industry certifications such as CISMP, CISM Equal Opportunity Employer