Skip to main content

This job has expired

You will need to login before you can apply for a job.

Incident Response Remediation Manager - Senior Manager

London, United Kingdom
Closing date
8 May 2024

View more

Accounting - practice
Salary band
Contract type
Full Time
Where will they be working
Hybrid - mostly office

Job Details

PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of over 4,850 cybersecurity professionals includes specialised consultants, former law enforcement officials, forensic investigators, intelligence analysts, data scientists, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services.

Our multi-disciplined Cyber Incident Response (CIR) practice is central to this. Our team supports PwC's clients in crisis to prepare, respond and recover from cyber attacks, as well as reduce the risk of attacks by using the insights we have gained from being at the front-lines of investigating these attacks.

Now is an exciting time to join the team and help shape and execute ambitious plans over the next 5 years. A key part of this will be increasing our capacity to help our clients prepare for and reduce the risk of attacks. This includes working with our clients' security operations teams to improve their ability to detect and respond to attacks, and with their IT teams to implement targeted technical improvements that increase "cost to the attacker".

Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams, including our global threat intelligence team, our Managed Cyber Defence threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations.


We want team members with a strong technical understanding of how organisations can prevent, detect, assess and respond to cybersecurity threats and incidents, as well as how to build best of class incident response and security operations capabilities.

We also want team members who will be passionate about developing and improving our technical consulting offerings using the insights gained from being at the front-lines of investigating these cyber attacks.

You should have a proven ability to lead teams and projects in complex programs of transformation, or technical remediation of cyber incidents. You will have an in-depth understanding of cyber incidents and the technical remediation of systems with a particular focus on the Microsoft technology stack. You should also understand the processes, techniques and tools used by security operations and incident response teams

We are also looking for team members with high levels of communication skills, as well as consulting and project management experience. You will also be able to easily flex between work with both technical client stakeholders, such as SOC analysts, as well as senior stakeholders such as a Head of SOCs, Head of Cyber Security or CIO.

You will ideally have experience such as:
  • Deep knowledge of the Microsoft technology stack with a particular focus on Active Directory and Azure Active Directory and an understanding of architecture and security engineering principles;
  • Collaborating with incident response teams to plan and deliver targeted remediation activities after cyber security incidents;
  • Working collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing and vulnerability scanning;
  • Planning and coordination of large-scale security incident response, remediation and recovery efforts involving multiple parties and teams;
  • Acting as the subject matter expert or technical team lead for organisations in cyber crisis and data breach situations, and providing technical response strategy and execution support to enable them to successfully resolve, remediate, and recover from cyber security incidents.
  • A robust understanding of the typical techniques used by attackers, ranging from criminal to state affiliated groups and securing an IT system against common attacker techniques aligned to the MITRE ATT&CK framework;
  • Developing cyber incident response plan, playbooks and processes that allow security operations team to rapidly and effectively respond to incidents;


We are looking for passionate, motivated and experienced individuals that can lead our work helping clients contain and remediate following cyber incidents. You will be responsible for developing the capability in the team and driving future strategy, as well as assisting clients improve their cyber security through a range of services.

As this role would be part of our multidisciplinary Cyber Incident Response practice, this role would also include assisting the wider team to help clients respond to cyber security incidents.

  • Lead client engagements across our incident response services portfolio to help clients remediate their environments following cyber incidents. Responsibilities will include acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery. Example projects include:
    • Designing and implementing improvements to our clients detection tooling;
    • Setting roadmaps for future implementation of targeted improvements to increase cost to the attacker.
    • Assessing organisations' ability to detect and respond to cyber attacks;
    • Understanding organisations' vulnerability to specific cyber security threats;
    • Delivering remediation projects for clients who have had cyber security incidents, and assisting plan cyber transformations;
    • Testing and improving cyber incident response plans, runbooks and processes;
  • Contribute to capability development, proposition development and thought leadership initiatives;
  • Provide mentoring and oversight to the incident response practice to help the team grow and develop;
  • Collaborate and build relationships with PwC's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work;
  • Originate, cultivate and maintain relationships with existing and new clients, and support outreach and business development efforts in collaboration with other teams;
  • Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption;
  • Support the execution of our business strategy and growing PwC's reputation in the cyber security market, for example by taking on responsibility for relationships with third parties such as technology alliance partners; and,
  • Play a key role in PwC's global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues.


Our values define how we do things. And our purpose is why we exist - now more than ever - to build trust in society and solve important problems for our clients and our communities. In a world we no longer recognise, we need to rely on the strength and agility of our people to help us to navigate these uncertain times.

We're committed to ensuring that care and our people's wellbeing remains central to our culture. While we may not know what’s ahead, we can do all we can to help shape the future. As we continue to navigate this unprecedented time, it’s important that we support our people, to help them take care of themselves and to ensure the right support is available when it’s needed.

For now, we ask you to join our talent network and stay in touch with what’s happening in real time, including new possibilities as they arise. Visit our website for more information on how we’re responding to this pandemic and what changes we’re making to our recruitment process. 

Stay safe and stay connected in this rapidly changing world.


Opportunities are at the heart of a career with us.   Opportunities for you to sharpen your skills, collaborate with experts, build lasting relationships and make an impact in a place where people, quality and value mean everything.

Our offer to you...

·         Be part of the world’s leading professional services network and enjoy the benefits that come with that.

·         Meet and collaborate with highly talented people from diverse backgrounds, developing new ways of thinking, creating value for you, for PwC and for our clients.

·         Work in a challenging and stimulating environment where you’ll be inspired to reach your full potential.

·         Identify and develop your skills, build on your existing strengths and discover new ones you didn’t know you had. Watch your expertise and influence grow with us.


The PwC deal

No matter which area of the business you choose to join, all offer the same deal.  The opportunity to grow as an individual, to meet new people, and build lasting relationships that will stay with you for life.  All whilst making an impact in a place where people, quality, and value, mean everything.  Your hard work will be rewarded with a competitive salary and a personally tailored benefits package.


What you need to bring to us

Your intellect, willingness to learn, ability to build relationships, put yourself in others’ shoes, while always making a positive impact with our clients and each other.

The skills, insights and connections you develop at PwC are career defining wherever your career may take you. It’s the opportunity of a lifetime. Take it.



Company info

Sign in to create job alerts

Sign in or create an account to start creating job alerts and receive personalised job recommendations straight to your inbox.

Create alert