Senior Manager of Incident Response, Cybersecurity

What is the opportunity? Joining a world‑class Global Security Operations Center (GSOC) as a Sr. Manager of Incident Response for the United Kingdom presents an exciting and challenging opportunity to lead at the forefront of cybersecurity operations. The role is central to ensuring the security and resilience of the organization’s critical assets and data, making it a pivotal position in RBC’s overall threat management framework. The successful candidate will contribute meaningfully to the evolving field of cybersecurity, providing protection at a global scale while driving innovation and excellence in Incident/Crisis Response and Threat Management. It is at the heart of the organization’s defense strategy, ensuring timely and effective responses to ever‑evolving threats. The role partners with Global Security Leadership, Executives and Business stakeholders to achieve containment, remediation and root‑cause analysis of security incidents. It is a permanent, full‑time role requiring four days each week in the London office.

What will you do?

• Develop a high‑performance technical response team and lead Incident Response efforts: oversee the end‑to‑end incident response lifecycle from detection and containment to eradication, recovery and post‑incident analysis.
• Design, implement and continuously improve incident response playbooks and processes to ensure rapid and effective threat mitigation.
• Organize, prioritize and allocate resources, tasks and responsibilities to ensure an effective response to security incidents.
• Serve as the pivotal point of contact during incidents, ensuring seamless communication between SOC analysts, Business Stakeholders, IT staff and Leadership.
• Mentor and train the incident response team, fostering a culture of continuous learning.
• Coordinate with Detection Engineering and Defensive Threat Operations to implement new monitoring capabilities and automate responses for high‑fidelity detections.
• Monitor the evolving threat landscape to adapt strategies and defenses proactively.
• Collaborate with industry experts and gain exposure to innovative practices and technologies in a global setting.
• Provide 24/7/365 support for urgent security issues.

What do you need to succeed?

• Must‑have: Extensive experience in Incident Response, Cybersecurity Operations, or digital forensics, with a proven history of leading teams during high‑stakes incidents.
• Strong analytical and decision‑making skills, with the ability to manage complex incidents under pressure and influence through expertise and relationship building.
• Deep understanding of threat vectors, attack methodologies and defensive measures, and hands‑on expertise with SIEM, SOAR, EDRs and forensic tools.
• Ability to shape the organization’s approach to incident response, driving continuous improvement and innovation in defense strategies.
• Exceptional communication skills to convey technical details effectively to technical teams and executive stakeholders.
• Business acumen to align incident response strategies with organizational objectives, including resource allocation and cost management.
• Emotional intelligence to maintain composure under pressure, manage team morale and lead with empathy.

Nice‑to‑have:

• Bachelor’s degree in IT or related discipline or equivalent experience.
• Industry‑recognized certifications such as CISSP, GCIA, GCIH, GREM or GCFA.
• Experience working within a large, global financial services company.

What is in it for you?

• A comprehensive Total Rewards Program including bonuses, flexible benefits and competitive compensation.
• Leadership support for your development through coaching and growth opportunities.
• Opportunities to work with the best in the field.
• Ability to make a lasting impact.
• Work in a dynamic, collaborative, progressive, and high‑performing team.
• A world‑class training program in financial services.
• Flexible working options fully supported.