Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Strengthen incident response capabilities and improve cyber security playbooks.
- Company: Join SP Energy Networks, a leader in cyber resilience and energy supply.
- Benefits: Flexible working, competitive pay, and opportunities for professional growth.
- Other info: Collaborative environment with opportunities to shape cyber security strategy.
- Why this job: Make a real impact on cyber security and help protect essential services.
- Qualifications: Experience in incident response and strong documentation skills required.
The predicted salary is between 40000 - 50000 £ per year.
Help us create a better future, quicker. SP Energy Networks (SPEN) has kicked off an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations and deliver a cyber resilient business. The Incident Response Analyst is essential in achieving our goals. This role will be integrated into an active and ambitious global cyber security function, contributing to SPEN's cyber security purpose of delivering cyber resilient OT and IT, to enable a safe and reliable electricity supply to customers.
What you'll be doing
- You will play a central role in strengthening SPEN's incident response capability by developing, maintaining, and continuously improving cyber security playbooks, procedures, and associated documentation.
- You'll work closely with incident responders, detection engineers, and wider cyber teams to ensure processes are clear, repeatable, and aligned with best practice.
- You’ll support the full incident lifecycle—from preparation through to post incident review—ensuring lessons learned are captured, documented, and fed into future improvements.
- As part of this, you will contribute to the maturity of SPEN's cyber response framework, ensuring playbooks are operationally effective, compliant with NIS regulations, and tailored to our evolving OT and IT environments.
- You will also be responsible for developing and delivering an incident response exercise plan covering a range of scenarios designed to test team readiness, validate playbooks, and ensure operational effectiveness.
- These exercises may include tabletop scenarios, technical simulations, cross team coordination drills, and lessons learned reviews that contribute directly to capability uplift.
- Building strong working relationships across the business will be key. You'll engage with operational, engineering, legal, risk, communications, and technology stakeholders to understand their requirements, coordinate incident response activities when required, and ensure that documentation and processes reflect real world operational needs.
- You will also have the opportunity to help shape the wider strategy of the Incident Response function—identifying capability gaps, contributing to team roadmaps, supporting cross industry collaboration, and driving continual service improvement within SPEN's cyber resilience programme.
What you'll bring
- Experience developing, maintaining, or executing incident response playbooks, runbooks, or procedures within a cyber security environment.
- Strong documentation skills—with the ability to translate complex technical activities into clear, structured, and usable operational guidance.
- Ability to plan, deliver, and evaluate incident response exercises—such as tabletop scenarios, simulation based drills, or cross team coordination activities—with a focus on validating playbooks and improving operational readiness.
- Demonstrable experience building effective relationships with technical and non-technical stakeholders, with the ability to collaborate, influence, and communicate clearly during both day to day operations and during security incidents.
- A good understanding of the incident response lifecycle, common attack techniques (MITRE ATT&CK), and how incident response processes integrate with threat detection, monitoring, and wider security operations.
Incident Response Analyst in Scotland employer: Morson Talent
Contact Detail:
Morson Talent Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Incident Response Analyst in Scotland
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at local meetups. We all know that sometimes it’s not just what you know, but who you know that can help you land that Incident Response Analyst role.
✨Tip Number 2
Prepare for interviews by practising common incident response scenarios. We suggest running through some tabletop exercises with friends or colleagues to sharpen your skills. The more you practice, the more confident you'll feel when it’s time to shine!
✨Tip Number 3
Showcase your skills! Create a portfolio of your work related to incident response playbooks and exercises. We love seeing real examples of what you can do, so don’t be shy about sharing your achievements during interviews.
✨Tip Number 4
Apply directly through our website! We’re always on the lookout for passionate individuals ready to contribute to our cyber resilience programme. Plus, applying directly gives you a better chance to stand out from the crowd.
We think you need these skills to ace Incident Response Analyst in Scotland
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Incident Response Analyst role. Highlight your experience with incident response playbooks and any relevant cyber security projects you've worked on. We want to see how your skills align with what we're looking for!
Showcase Your Documentation Skills: Since strong documentation skills are key for this role, include examples of how you've translated complex technical activities into clear guidance. This will help us see your ability to communicate effectively, which is super important in our team.
Demonstrate Your Teamwork: We love collaboration! Share experiences where you've built relationships with both technical and non-technical stakeholders. This shows us you can work well across different teams, which is essential for the Incident Response Analyst position.
Apply Through Our Website: Don't forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. We can't wait to see what you bring to the table!
How to prepare for a job interview at Morson Talent
✨Know Your Playbooks
Make sure you’re familiar with incident response playbooks and procedures. Be ready to discuss how you've developed or improved these in past roles, as this will show your understanding of the core responsibilities of the Incident Response Analyst position.
✨Showcase Your Documentation Skills
Prepare examples of how you've translated complex technical activities into clear operational guidance. This is crucial for the role, so having specific instances where your documentation made a difference will impress the interviewers.
✨Demonstrate Team Collaboration
Think of times when you’ve built relationships with both technical and non-technical stakeholders. Be ready to share how you’ve coordinated incident response activities and communicated effectively during incidents, as this will highlight your ability to work across teams.
✨Understand the Incident Response Lifecycle
Brush up on the incident response lifecycle and common attack techniques like those in the MITRE ATT&CK framework. Being able to discuss how these concepts integrate with threat detection and monitoring will show that you’re well-prepared for the challenges of the role.