Role Description We are looking for a highly skilled and motivated Incident Response Lead to join our cybersecurity team. This individual will serve as the operational backbone of how Strada handles incidents and ensures Strada is prepared to respond effectively to cybersecurity incidents. This is an individual contributor leadership role with significant cross-functional influence. When things go wrong, you are the person who makes sure the right people are in the room, the right information is flowing, and nothing falls through the cracks. The right person for this role brings structure and rigor to complex situations, drives timely decisions, and helps restore services safely and quickly without waiting for a playbook to be handed to them. This role will strengthen Strada’s incident response readiness by maturing processes, playbooks, escalation paths, exercises, and cross-functional operating mechanisms. You will be a self-starter who turns ambiguity into practical, repeatable operating mechanisms and moves work forward without waiting for detailed direction. The role will partner closely with the SOC Leads, who own monitoring operations, detection engineering, alert triage processes, SIEM management, and SOC team performance. Key Responsibilities - Lead Cybersecurity Incident Response - Act as incident lead for major cybersecurity incidents, establishing severity, objectives, workstreams, decision rights, communication cadence, and escalation paths. - Direct the end-to-end response through validation and scoping, containment, eradication, recovery, and closure, maintaining a clear record of timelines, decisions, actions, and owners. - Coordinate security, infrastructure, cloud, identity, network, application, vendor, and business teams to restore affected services safely and validate operational stability and residual risk. - Provide concise, timely situation reports and decision recommendations to executives and stakeholders, translating technical findings into business impact and required actions. - Partner with Legal, Privacy, Risk, Communications, Human Resources, Business Continuity, and customer-facing teams to meet regulatory, contractual, insurance, notification, and crisis communication obligations. - Build readiness for incidents - Own and mature incident response by establishing processes, enhancing tooling, and defining operational standards for handling incidents at scale. - Continually improve the incident response framework, major-incident plans, escalation criteria, call trees, and response and recovery playbooks, including clear handoffs with other teams. - Design and facilitate tabletop exercises and simulations to test technical readiness, decision-making, communications, and recovery arrangements. - Perform incident readiness activities, and support additional cybersecurity initiatives as needed in a dynamic global corporate environment. - Coach and enable the organization - Provide expert guidance on complex incidents and mentor responders, analysts, and technical stakeholders in effective incident management practices. - Lead post-incident reviews, assign and track corrective actions, and ensure lessons learned improve controls, architecture, detections, response capability, and operational resilience. Qualifications - Have 5+ years of experience in incident management, with direct experience leading high-severity cybersecurity incidents in complex, global, or distributed environments. - Have built or significantly shaped an incident response program, ideally in an environment where you had to create structure rather than inherit it. - Demonstrate a strong sense of ownership and urgency, with the ability to operate independently and make sound decisions under pressure without waiting for direction. - Are comfortable working in unprecedented situations where processes are still being defined and guidance may be incomplete or conflicting, leaving things better than you found them. - Have a track record of effective cross-functional collaboration, particularly with technology, product, security, legal, communications, and executive leadership. - Have experience with cloud infrastructure incidents and enough technical depth across the stack to engage meaningfully with technology teams during response, including comfort navigating distributed systems, monitoring tools, and logs. - Are analytically minded, with experience using data (incident metrics, queries, trend analysis) to inform decisions during response and to drive operational improvements over time. - Excellent communication skills with the ability to communicate clearly and calmly under pressure, both in real-time coordination and in post-incident written communications. - A strong record as a self-starter: you anticipate needs, identify gaps, set priorities, and drive work to completion with limited direction. - Strong process-design and documentation skills, including process mapping, runbook development, workflow design, and translating lessons into repeatable operating practices. - Proven coaching, facilitation, and change-enablement skills, with the ability to raise the capability and confidence of technical and non-technical stakeholders. - Strong knowledge of incident response methodologies and frameworks, including NIST SP 800-61, the SANS incident response lifecycle, and MITRE ATT&CK. - Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience. - Relevant certifications such as CISSP, GCIA, or equivalent are a plus. Benefits - An opportunity to play a critical role in building a new cybersecurity organization. - A dynamic and collaborative work environment. - Professional development and career growth opportunities. - Competitive salary and benefits package. - Flexible working arrangements.

Role Description A área de Accenture Security é uma das que mais cresce dentro da Accenture, e nossa prática global de Cyber Investigation and Forensic Response (CIFR) está no centro de como ajudamos nossos clientes a se prepararem, responderem e se recuperarem dos incidentes cibernéticos mais relevantes. - Realizar análises forenses complexas, incluindo forense avançada de memória, triagem de malware, recuperação de artefatos criptografados e identificação de técnicas anti-forenses. - Executar forense digital em hosts e redes, análise de logs e atividades de threat hunting em apoio às investigações de resposta a incidentes. - Utilizar soluções EDR, plataformas em nuvem (AWS, Azure e GCP) e inteligência de ameaças para identificar Táticas, Técnicas e Procedimentos (TTPs) dos atacantes. - Atuar em incidentes de segurança em ambientes Cloud, OT (Operational Technology) e ambientes corporativos tradicionais. - Desenvolver indicadores de comprometimento (IOCs) e contribuir para a construção de cronologias detalhadas de ataques. - Criar ferramentas de automação e scripts para aumentar a eficiência da equipe e aprimorar as capacidades investigativas. - Mentorar e treinar de 2 a 4 investigadores simultaneamente, contribuindo para o desenvolvimento técnico da equipe. - Realizar revisão de qualidade das análises produzidas pelos investigadores antes da validação do Investigador Principal. - Liderar frentes de investigação de médio e grande porte (20 a mais de 50 sistemas) com supervisão mínima. - Apoiar Investigadores Principais em decisões técnicas e definição da estratégia investigativa. - Traduzir direcionamentos estratégicos em atividades táticas para execução pela equipe. - Comunicar-se de forma eficaz com clientes, stakeholders e assessorias jurídicas ao longo de todo o ciclo de vida do projeto. - Elaborar relatórios técnicos completos sobre os resultados das investigações, com conclusões fundamentadas e defensáveis. - Apresentar descobertas técnicas em reuniões com clientes quando necessário. - Apoiar a liderança da Accenture na definição de escopo de projetos, utilizando abordagens inovadoras e estruturadas. - Viagens poderão ser necessárias para esta função, variando de acordo com as necessidades do negócio e dos clientes na América Latina. Qualifications - Formação superior completa ou experiência profissional equivalente. - Mínimo de 3 a 4 anos de experiência em DFIR (Digital Forensics & Incident Response), com atuação comprovada em investigações complexas. - Inglês mínimo nível B2 e Espanhol mínimo nível B1. - Para candidatos nativos em espanhol, Português mínimo nível B1. - Capacidade de obter autorizações de segurança dos EUA, conforme exigido por alguns clientes. Requirements - Experiência comprovada em resposta a incidentes corporativos, forense digital e processos de investigação de incidentes cibernéticos. - Ferramentas de DFIR como Volatility, X-Ways, FTK, EnCase, Autopsy, entre outras. - Sistemas operacionais Microsoft Windows e GNU/Linux. - Forense de memória e análise de malware. - Desenvolvimento de indicadores de comprometimento (IOCs) e identificação de TTPs de atacantes. - Liderança de frentes de investigação e mentoria de profissionais mais juniores. - Ambientes corporativos, Active Directory e padrões comuns de ataque. - Capacidade analítica e comunicação com clientes. - Resolução de desafios forenses complexos utilizando técnicas avançadas. - Threat Hunting em endpoints e redes. - Produção de análises precisas, defensáveis e bem documentadas. - Técnicas de erradicação, melhorias de monitoramento e fortalecimento de controles de proteção. - Desenvolvimento e implementação de planos dinâmicos de remediação em conjunto com ações de resposta a incidentes. Benefits - Experiência em ambientes Cloud (AWS, Azure e GCP) e forense em nuvem. - Experiência em ambientes OT e ICS (Industrial Control Systems). - Experiência em gestão de projetos. - Conhecimento em linguagens de programação e scripts (Python, PowerShell e Bash). - Conhecimento em sistema operacional MacOS. - Experiência com engenharia reversa e tecnologias de sandbox. - Capacidade avançada de análise de malware (desempacotamento, desofuscação e análise comportamental). - Contribuições para ferramentas ou metodologias DFIR de código aberto. - Participação ativa na comunidade de segurança (eventos, palestras, publicações ou desenvolvimento de treinamentos).

Role Description This role is positioned within our Volume Motor Litigation Unit which deals with motor litigation across MOJ, OICP, Small Claims and Fast Track claims to the value of £25k. The unit is made up of distinct file handler teams managing the different work types previously mentioned. The unit offers clear progression pathways, both technically and operationally allowing candidates to continue their career journey within the business. The role of MOJ/OICP File Handler is within our Part 8 Team managing a caseload of litigation MOJ and OICP portal cases up to a value of £25k. Cases would be managed from the point of service through to resolution. All claims would be handled on behalf of key insurer clients as Defendant. The role would suit: - An established portal litigator looking for opportunities to progress their career longer term. - Pre-litigation handlers, paralegals, or handling assistants looking to move into a litigated file handling role. - A law graduate looking for their first handling role. Full induction training will be provided along with continued on the job training and supervision. Qualifications - Previous experience of handling own caseload of litigated claims (either in a defendant or claimant role) desirable. - Understanding of case law and litigation practice and process, and Court Practice Rules. - Ability to plan and prioritise workloads. - Efficient in a process driven environment. - Excellent listening and verbal communication skills. - Excellent written communication skills and the ability to compose professional written communications. - Ability to follow instruction with attention to detail. - Ability to recognise when sensitivity and tact are required. - Effectively work within a team. - Proficient IT skills (Word, Excel and Office). - Good standard of education – 5 GCSE’s grade C/5 or equivalent including maths and English. Requirements - Independent management of a caseload of Part 8 cases, including effective planning and organising of the associated workload to ensure Court deadlines are met. - Delivery of agreed performance targets and quality standards. - Analysis of the available evidence to create an initial case strategy on quantum. - Undertake effective telephone discussions and negotiations with the client, Defendant, third party insurer and third party Solicitors to pursue the efficient and appropriate settlement of cases and apportionment of costs. - Drafting of Court documents and complying with all Court deadlines. - Instructing, briefing and liaising with Counsel. - Guide the Defendant through the litigation process where required and set expectations. - Timely and accurate maintenance of all case management, billing and management information systems to ensure completeness of records and aid business decision making. - Delegation of tasks where available and appropriate to other members of the team. - Dealing with correspondence and telephone calls within strict service level agreements. - Updating reports upon receipt of evidence as required. - Adhering to Client Guidelines. - Provide written updates by email or letter to clients detailing case activity to ensure that they receive up to date and accurate information about progress when requested. - Ensuring files are kept within ISO 9001 guidelines. - Assisting the team with file tasks as required. - Assisting the team leader with team tasks as required. - To ensure compliance with the SRA Code of Conduct 2011. Benefits - Davies Incentive Plan. - 25 days holiday per year which increases with level of service (opportunity to buy & sell 3 days). - Simply Health Care Cash Plan. - WeCare – 24/7 online GP, mental health support and virtual wellbeing covering a whole host of topics to do with health, mental health, wellbeing & healthy living and financial & legal wellbeing. - Death In Service – after 1 years’ service. - Pension Contribution based 5% Employee / 3% Employer. - Employee Resource Groups. - Employee Volunteering Programme. - Cycle to Work Scheme*. - Tech Scheme*. - Season Ticket Loan*. - Gym Flex*. - Access to Online Discount Sites. - Discounted Gourmet Society Membership. - Discounted Tickets for Merlin Attractions nationwide. - Discounts at local retail outlets. *after successfully completing probation.

Role Description The Incident Commander serves as the senior operational leader during cybersecurity incidents and is responsible for directing, coordinating, and managing all response activities throughout the incident lifecycle. This position acts as the central decision-maker during major cyber events, ensuring that technical teams, business stakeholders, executive leadership, and external partners operate in a coordinated and effective manner. The Incident Commander leads incident response efforts involving: - Ransomware - Data breaches - Cloud compromises - Insider threats - Business email compromise - Advanced persistent threats - Other high-impact security incidents The role is responsible for: - Establishing response priorities - Coordinating technical investigations - Managing escalation activities - Directing containment and recovery actions - Ensuring timely communication with executive leadership and stakeholders The Incident Commander serves as the bridge between technical teams and organizational leadership by translating complex technical findings into actionable business information. The position oversees: - Incident status reporting - Executive briefings - Operational decision-making - Forensic coordination - Threat intelligence integration - Post-incident reviews The Incident Commander is ultimately accountable for ensuring incidents are managed efficiently, risks are minimized, and business operations are restored as quickly and safely as possible. Qualifications - Extensive experience leading cybersecurity incident response operations within enterprise, government, defense, critical infrastructure, or managed security service environments - Strong expertise in incident response, crisis management, cyber defense operations, threat intelligence, digital forensics coordination, and executive communications - Experience managing complex security incidents involving multiple teams, technologies, stakeholders, and business units - Strong knowledge of incident handling methodologies, cyber attack lifecycles, ransomware response, breach management, cloud security incidents, and enterprise security operations - Exceptional leadership, communication, and organizational skills - Capability of delivering executive briefings, managing stakeholder expectations, facilitating crisis communications, and translating technical information into business-focused recommendations - Experience coordinating forensic investigations, threat intelligence activities, legal considerations, regulatory reporting, and recovery operations is highly desirable Requirements - Preferred certifications include CISSP, GCIH, GCFA, CISM, CASP+, PMP, ITIL, or equivalent industry-recognized certifications - Equivalent experience leading major cybersecurity incidents, crisis response operations, or cyber defense missions may be considered in lieu of specific certifications Core Skills - Incident Response Leadership - Crisis Management - Executive Briefings and Communications - Threat Intelligence Integration - Digital Forensics Coordination - Major Incident Management - Cybersecurity Operations - Risk Assessment and Decision Making - Stakeholder Management - Recovery and Business Continuity Coordination - Regulatory and Reporting Awareness - Cross-Functional Team Leadership