Senior Manager of Incident Response

Joining a world‑class Global Security Operations Center (GSOC) as a Sr. Manager of Incident Response for the United Kingdom presents an exciting and challenging opportunity to lead at the forefront of cybersecurity operations. This role is central to ensuring the security and resilience of the organization’s critical assets and data, making it a pivotal position in RBC’s overall threat management framework. The successful candidate will be contributing meaningfully to the ever‑evolving field of cybersecurity, providing protection at a global scale while driving innovation and excellence in Incident/Crisis Response and Threat Management.

What will you do?

• Continuously develop a high‑performance technical response team and lead the Incident Response Efforts: Oversee the end‑to‑end incident response lifecycle, from detection and containment to eradication, recovery, and post‑incident analysis.
• Develop and Refine Response Plans: Design, implement, and continuously improve incident response playbooks and processes to ensure rapid and effective threat mitigation.
• Workload Management: Organise, prioritise, and efficiently allocate resources, tasks, and responsibilities to ensure an effective response to security incidents.
• Coordinate Cross‑Functional Teams: Function as the pivotal point of contact during incidents, ensuring seamless communication between SOC analysts, Business Stakeholders, IT staff, and Leadership.
• Train and Mentor Teams: Foster a culture of continuous learning, providing guidance and leadership to enhance the skills of the incident response team.
• Coordinate with the Detection Engineering and Defensive Threat Operations Team: Implement new monitoring capabilities and automate responses for high‑fidelity detections.
• Stay Ahead of Emerging Threats: Monitor the evolving threat landscape to adapt strategies and defenses proactively.
• Professional Growth: Collaborate with industry experts and gain exposure to innovative practices and technologies in a global setting.
• Provide 7/24/365 support for urgent security issues.

What do you need to succeed?

• Must‑have
• Experienced Leader: Extensive experience in Incident Response, Cybersecurity Operations, or digital forensics, with a proven history of leading teams during high‑stakes incidents.
• Strategic and Decisive: Strong analytical and decision‑making skills, with the ability to manage complex incidents under pressure. Lead and influence through expertise, relationship building and value delivery.
• Technically Proficient: Deep understanding of threat vectors, attack methodologies and defensive measures, along with firsthand expertise with SIEM, SOAR, EDRs and forensic tools.
• Leadership and Innovation: Shape the organization’s approach to incident response, driving continuous improvement and innovation in defense strategies.
• Collaborative Communicator: Exceptional communication skills to convey technical details effectively to both technical teams and executive stakeholders.
• Business Acumen: Understanding of resource allocation, cost management and ability to align incident response strategies with organization objectives.
• Emotional Intelligence: Ability to maintain composure under pressure and manage team morale. Lead with empathy by understanding and addressing the concerns of both technical teams and stakeholders.
• Nice‑to‑have
• Bachelor’s Degree in IT related disciplines or relevant experience.
• Industry recognised certifications (CISSP, GCIA, GCIH, GREM, GCFA).
• Experience in working within a large, global financial services company.

What is in it for you?

• A comprehensive Total Rewards Program including bonuses, flexible benefits and competitive compensation.
• Leaders who support your development through coaching and managing opportunities.
• Opportunities to work with the best in the field.
• Ability to make a difference and lasting impact.
• Work in a dynamic, collaborative, progressive and high‑performing team.
• A world‑class training program in financial services.
• Flexible working options fully supported.