Cybersecurity Incident Manager

Job Type

Remote Work Option

Category

Location

Job Details

EirGrid Group has a unique role to play in leading this radical transformation of our power system in support of the transition to renewable energy. This will require pioneering engineering effort together with enhanced IT capability to respond successfully to the scale of disruption. This offers a unique opportunity to further your career in IT while playing a significant role in delivering EirGrid Group’s IT transformation.

We’re an IT intensive business, and we operate a state-of-the-art, specialised business-critical systems, 24/7. Our future has never looked more exciting. And this is an incredible opportunity to be part of it. The world is ready for change. If you are too, join us.

The Team

This role is part of a well-established Enterprise Security team, who lead in the design, implementation and troubleshooting of IT security solutions across a variety of technical platforms, data networks and security domains. The solutions involved underpin the organisation’s corporate, market and power system operational functions.

The Opportunity

We are seeking an experienced Cybersecurity Incident Manager to join our Enterprise Security function. The Cybersecurity Incident Manager is responsible for managing the organisation’s capability to detect, respond to, and recover from cybersecurity incidents. This role ensures that incidents are effectively managed, minimising impact to business operations, assets, and reputation. The postholder will own the incident response framework, coordinate stakeholders up to and including the CISO, and continuously improve resilience through testing, training, and lessons learned.

Key Responsibilities

• Act as the Incident Manager during high-severity security events, ensuring structured and coordinated response across technical and business teams.
• Escalate incidents as required to the Security Operations Manager and CISO.
• Ensure effective forensic evidence collection, preservation, and chain of custody
• Own and maintain the Cyber Incident Response Plan and associated playbooks (e.g., ransomware, data breach, insider threat, DDoS).
• Align incident response practices with regulatory requirements (e.g., NIS2, sector-specific standards).
• Drive maturity against recognised frameworks (NIST CSF, ISO 27001, CIS Controls).
• Coordinate with IT, Legal, Compliance, Communications, Risk, and Business Continuity teams.
• Lead regular tabletop exercises, red/blue team drills, and simulations to test incident response capabilities.
• Ensure IR processes integrate with Business Continuity and Disaster Recovery plans.
• Monitor threat intelligence and adapt incident response procedures to evolving attack techniques.

About You
Essential

• 10 years+ proven experience managing cyber incidents in a complex environment.
• Strong knowledge of cyber threat landscape, attack vectors, malware, forensics, and security monitoring.
• Experience with SIEM, SOAR, EDR, IDS/IPS, and threat intelligence platforms.
• In-depth understanding of incident response standards and frameworks (e.g. MITRE ATT&CK).
• Experience in managing third-party vendors and external responders.
• Excellent communication skills – able to brief executives, regulators, and technical staff.
• Strong organisational and decision-making skills under pressure.

Desirable

• Industry certifications such as GCIA, GCFA, GCIH, GREM, CEH, CISSP, CISM.
• Knowledge of digital forensics, malware analysis, and reverse engineering.
• Familiarity with cloud incident response (e.g. Azure).
• Experience with regulatory compliance in the energy sector or critical infrastructure.

Education / Qualifications

• Bachelor’s degree in Cyber Security, or related discipline (or equivalent professional experience).

Closing date for applications
21/11/2025