CSIRT Country Team Lead

Orange Cyberdefense
London
4 months ago
Applications closed

Related Jobs

View all jobs

Information Security Officer

Orange Cyberdefense is the expert cyber security business unit of the Orange Group, providing security consulting, solutions and services to organisations around the globe. We strive to protect freedom and build a safer digital society. We are looking for a CSIRT Country Team Lead to join our team in the UK.

Working as a CSIRT Country Team Lead 

The CSIRT Country Team Lead (CTL) role is a 50/50 mixture of technical investigation and delivery, with client engagement and incident leader responsibilities. This means it is the CTL role to ensure that all policy and procedure is followed when engaging with a client throughout the life cycle of each client engagement. The role is a managerial role, CTL’s will be required to assist the CSIRT manager in the day-to-day management of the country resources for which they are responsible. Each CTL will be given an appropriately sized team to work with to ensure that client engagements of various sizes can be dealt with in a successful way. For retainer clients the CTL will ensure that the clients are correctly onboarded, working with their team to keep clients informed of the progression of the onboarding. CTLs are also responsible for the quality of all Scopes of Work (SOWs) needed for their team. This can be delegated when appropriate.The role will be heavily client facing, and when dealing with high impact engagements the role will be required to carry out crisis management, this will be delivered with the assistance of a CSIRT Manager.

Key responsibilities: 

  • Assist the CSIRT manager with personnel administration for the country resources that they are responsible for including:
    ‒ Leave requests. (1st line approver)
    ‒ Expenses (1st approver)
    ‒ Individual performance reviews
    ‒ personnel development plans
  • Assist the CSIRT manager in maintaining contracts for the country that they are
    responsible for within Salesforce and ServiceNow and any future case management
    systems.
  • Support and provide consultancy services as directed by the CSIRT manager for the country they are responsible for. 
  • Act as point of contact and escalation point for the CSIRT to other local resources. Such as other technical and sales teams within the country they are responsible for.

What we expect of you: 

  • Minimum of four years proactive client facing incident response experience
  • Proven exposure of intrusion detection and vulnerability analysis
  • Exposure with network analysis tools and an ability to conduct packet capture analysis strong understanding of networking principles including TCP/IP, DNS etc. and commonly used Internet protocols such as SMTP, HTTP etc
  • Intrusion Detection Systems and methods of security hacking/penetration testing
  • Proven experience in client facing major cyber security incident triage, containment,remediation and recovery steps. Ideally not just from working in a SOC environment
  • A proficiency in using SIEM and security products to address cyber incidents.
  • Security qualification (SANS Cyber Defense, EC-Council Certified Security Analyst or other related certifications preferred. 

By joining one of the world’s leading cyber security companies, you will be offered the following:

  • An opportunity to join a forward-thinking company, and a supportive work environment
  • Competitive salary
  • Private medical healthcare
  • Health cash plan
  • Company pension
  • Life insurance
  • Income protection insurance
  • Company events several times a year
  • Employee discount scheme

Please send your CV for immediate consideration.

Orange Cyberdefense are an equal opportunities employer, welcoming applications from all people, regardless of their race, sex, disability, age, religion, or sexual orientation.

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Contract vs Permanent Cybersecurity Jobs: Which Pays Better in 2025?

Cybersecurity has become one of the fastest-growing and most crucial fields in modern business. With high-profile breaches dominating headlines and the ongoing digital transformation exposing organisations to new threats, companies across the UK are competing to attract skilled cybersecurity professionals. Roles range from penetration testers (pen testers) and SOC (Security Operations Centre) analysts to compliance officers, cloud security architects, threat intelligence analysts, and CISOs (Chief Information Security Officers). As demand continues to surge, cybersecurity salaries have climbed accordingly, and businesses have turned to more flexible hiring practices. Alongside permanent employment, many professionals explore short-term day‑rate contracting or fixed-term contracts (FTCs), searching for the ideal balance of pay, job security, and growth opportunities. Which arrangement truly pays better in 2025—and which best aligns with your ambitions? In this article, we dive into the contract vs. permanent debate with a focus on cybersecurity roles. We will examine the current market, the structure of day‑rate vs. FTC vs. permanent positions, the pros and cons of each, and some hypothetical pay comparisons. By the end, you should have a clearer sense of which career path might suit your situation and goals—whether you are a seasoned specialist aiming for top rates, or an up-and-coming analyst seeking a stable environment to develop in.

Cyber Security Jobs for Non‑Technical Professionals: Where Do You Fit In?

Defence Needs More Than Hackers in Hoodies When headlines warn of ransomware crippling hospitals or deepfakes swaying elections, we picture hoodie‑clad hackers and elite penetration testers. Yet the reality of the UK’s cyber security sector is broader—and desperately short of talent. The Department for Science, Innovation & Technology (DSIT) estimates a shortfall of 11,200 cyber security professionals in 2024, while 43 % of advertised roles require governance, risk or communication skills rather than hands‑on technical exploits. Put plainly: if you can guide policy, manage projects, interpret regulations or inspire behaviour change, cyber security wants you. This guide highlights the fastest‑growing non‑technical roles, the transferable skills you already possess, and a concrete 90‑day plan to land a cyber security job—no packet sniffers required.

BAE Systems Cybersecurity Jobs in 2025: Your Complete UK Guide to Protecting Governments, Businesses and Critical Infrastructure

From securing the Royal Navy’s new Dreadnought submarines to foiling multimillion‑pound fraud rings, BAE Systems Digital Intelligence (DI)—formerly Detica—sits at the sharp end of global cyber defence. Head‑quartered in Guildford with hubs in Gloucester, Leeds and London, the 5,500‑strong DI business delivers threat‑intelligence platforms, secure‑by‑design software and 24/7 SOC services to government and commercial clients worldwide. With escalating ransomware, AI‑driven disinformation and complex supply‑chain threats, BAE plans to expand its UK cyber workforce by 20 % in 2025. Whether you’re a graduate passionate about reverse engineering, a DevSecOps engineer who loves IaC, or an incident‑response pro comfortable in high‑side environments, this guide explains how to land a BAE Systems cybersecurity job in 2025.