Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the implementation and optimisation of ServiceNow SecOps for effective cyber incident response.
- Company: Join a dynamic team in a regulated financial services environment.
- Benefits: Competitive daily rate, contract until 2026, and opportunities for professional growth.
- Other info: Collaborative environment focused on continuous improvement and operational readiness.
- Why this job: Make a real impact on cyber security while enhancing your skills in a cutting-edge role.
- Qualifications: Experience with ServiceNow SecOps and strong understanding of cyber incident response frameworks.
Duration: contract to run until 30/10/2026
Rate: up to £579.60 p/d
Role Overview
As part of the CEP Incident Management Enhancements project, the Security Incident Manager will play a key role in enhancing the ServiceNow SecOps Security Incident Response (SIR) module as a core deliverable of the Runbook Modernisation workstream. This role is focused on implementing, configuring, and operationalising the SIR capability while ensuring incident response processes, runbooks, and tooling align with regulatory expectations and recognised cyber security frameworks. The role combines hands‑on ServiceNow SecOps (SIR) implementation responsibilities with the accountabilities of a Security Incident Manager, supporting effective cyber incident response and operational readiness within a regulated financial services environment.
Key Responsibilities
- ServiceNow SecOps (SIR) Implementation and Optimisation: Lead the configuration, implementation, and optimisation of the ServiceNow SecOps Security Incident Response (SIR) module. Ensure the SIR platform supports the end‑to‑end cyber incident lifecycle in line with the organisation’s security incident management operating model. Configure workflows, playbooks, and integrations to enable consistent, efficient, and auditable incident response. Support automation and tooling integration to enhance response speed and reduce operational risk.
- Security Incident Management and Operating Model Alignment: Act as a Security Incident Manager within the implementation context, ensuring processes, runbooks, and tooling support effective incident coordination and decision‑making. Ensure alignment with recognised cyber incident response frameworks, including NIST. Embed governance, risk, and regulatory considerations into incident workflows and response procedures.
- Incident Runbook Development and Maintenance: Design, develop, and maintain cyber incident response runbooks as part of the runbook modernisation initiative. Ensure runbooks are practical, actionable, and aligned to ServiceNow SIR workflows and automation. Apply structured process design approaches in line with recognised modelling standards such as BPMN. Maintain runbooks to reflect changes in tooling, processes, and regulatory requirements.
- Knowledge Transfer and Operational Enablement: Deliver knowledge transfer and enablement activities to operational security and incident response teams. Support adoption of the enhanced ServiceNow SIR capability and updated runbooks. Produce clear documentation to support operational use, governance, and continuous improvement.
Skills and Experience
- Proven experience implementing and supporting ServiceNow SecOps Security Incident Response (SIR).
- Demonstrated experience operating in or supporting a Security Incident Manager function.
- Strong understanding of cyber incident response operating models and frameworks such as NIST.
- Strong capability in runbook design, including automation and tooling integration.
- Solid process development and documentation skills aligned to frameworks such as BPMN.
- Experience working in a regulated financial services environment.
- Strong understanding of governance, risk, and regulatory expectations for cyber incidents.
- Experience supporting incident management or runbook modernisation programmes.
- Familiarity with operational readiness, service transition, and enablement activities.
Incident Manager employer: Undisclosed
Contact Detail:
Undisclosed Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Incident Manager
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Prepare for interviews by practising common questions related to incident management and ServiceNow SecOps. We recommend doing mock interviews with friends or using online resources to get comfortable with articulating your experience and skills.
✨Tip Number 3
Showcase your expertise! Create a portfolio or a personal website where you can highlight your projects, runbooks, and any relevant achievements. This gives potential employers a tangible way to see what you bring to the table.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities waiting for you, and applying directly can sometimes give you an edge. Plus, it’s super easy to keep track of your applications this way!
We think you need these skills to ace Incident Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Incident Manager role. Highlight your experience with ServiceNow SecOps and any relevant cyber incident response frameworks like NIST. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Share specific examples of your past experiences that relate to the responsibilities mentioned in the job description. We love a good story!
Showcase Your Technical Skills: Don’t forget to highlight your technical skills, especially around runbook design and automation. We’re keen on seeing how you’ve implemented and optimised tools in previous roles. Make it clear how you can bring that expertise to our team!
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It helps us keep everything organised and ensures your application gets the attention it deserves. Plus, it’s super easy!
How to prepare for a job interview at Undisclosed
✨Know Your ServiceNow SecOps Inside Out
Make sure you brush up on your knowledge of the ServiceNow SecOps Security Incident Response (SIR) module. Be ready to discuss your previous experiences with implementing and optimising this tool, as well as how you've configured workflows and playbooks in the past.
✨Understand Cyber Incident Response Frameworks
Familiarise yourself with recognised frameworks like NIST. Be prepared to explain how these frameworks influence your approach to incident management and how you ensure compliance within a regulated financial services environment.
✨Showcase Your Runbook Development Skills
Be ready to talk about your experience in designing and maintaining cyber incident response runbooks. Highlight any structured process design approaches you've used, especially those aligned with BPMN, and how they’ve improved incident response efficiency.
✨Demonstrate Knowledge Transfer Experience
Discuss any previous roles where you delivered knowledge transfer or enablement activities. Share examples of how you’ve supported teams in adopting new tools or processes, and the impact it had on operational readiness and incident response.