Cyber Incident Team Manager – NMC – Lancashire

Cyber Incident Team Manager – NMC

Police Digital Service



Join Police Digital Service as a NMC Cyber Incident Team Manager

The Cyber Incident Team manager will be accountable for leading and driving the NMC Cyber Incident Management Team (CIMT) delivering national and localised Cyber Incident Management and Response (IR).

You will work collaboratively with other NMC services to ensure seamless integration with all other teams across the NMC. Supporting Protective Monitoring, Threat Intelligence, Threat Hunting and other NMC activities to ensure security threats are addressed quickly upon discovery.

About Police Digital Service
We exist to harness the power of digital, data and technology to enable UK policing to better protect the communities it serves. Ours is a team of experts in commercial services, technical assurance, data, digital transformation and innovation, with a unique experience in policing and national programme delivery.

Our vision is to support UK policing to keep people safe, get more from technology investments and make better use of public money, and we’re always on the lookout for great talent to help us achieve this. 

The National Management Centre (NMC) is part of Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level.

Why Join us? 

  • Balance is important and we want you to take time off to recharge – so we offer 28 days’ annual leave plus bank holidays, rising to 30 days after 5 years of service. 
  • We care about your well-being – we have an employee assistance programme that offers not just welfare benefits and counselling at the end of a telephone line but also discounts. 
  • We want to help you plan for the future – so we offer an excellent pension scheme and life assurance cover.  
  • We want you to be able to put your mind at rest regarding your health – offering remote GP, mental health and physiotherapy appointments via video consultation

The Role and Responsibilities

  • Leadership and motivation of the CIMT.
  • Accountable for the proactive security testing of IR, internally and externally.
  • Accountable for illustrating the progression of Force level incident response plans.
  • Accountable for the national approach to a Cyber Incident.
  • Accountable for risk and continuous improvements to the CIM Service and team.
  • Accountable of all related documentation and processes within the CIMT.
  • Accountable for service presentations, trends and KPIs to senior stakeholders.
  • Escalation Point for any CIMT issues concerning quality and/or delivery of the service. 

What you need to succeed in the role

Essential criteria

  • Experience working in a fast-paced operational security environment
  • Knowledge of various security methodologies and processes with ability to apply these to incident investigations
  • Strong knowledge and experience working in a Cyber Incident Management and Incident Response environment
  • Ability to apply processes to incidents and investigations
  • A genuine enthusiasm to drive work within Cyber Security
  • Ability to multi-task, prioritise and manage time effectively
  • Drive service improvements and risks
  • Experience in Leadership; driving, motivating, and coaching a team
  • Communication: Excellent ability to translate complex issues to the relevant audience, both verbally and written
  • Sound knowledge of protocols, tools and methods to acquire and manage Cyber Incidents
  • Ability to acquire SC and NPPV3 level clearances

Desirable criteria

  • Experience in internal and external stakeholder management and engagement
  • Experience working in a customer facing environment
  • Business acumen: Knowledge in business strategy and the drivers of organisational performance, including the impact of recommendations you make.
  • Knowledge of the current threat landscape
  • Experience working within a Cyber Security or similar environment
  • Relevant accreditations relating to Cyber Security (for example: CompTIA Network+, Security+, CySA+ and/or CEH or equivalent  

Working Arrangements

This is a hybrid role and regular travel to the Lancashire office will be required.