Job Introduction

Role Title                        Information Security Incident Manager 

Location:                        Leeds (Hybrid – 2 days per week on site)

Contract:                        Permanent

Working Pattern:           Full Time

Salary:                            £70,000 - £80,000 (DOE)

The Information Security Incident Manager will lead the organisation’s response to cyber security incidents and strengthen our overall resilience. The role is responsible for commanding major cyber incidents, coordinating technical and business teams, and ensuring effective governance, preparedness, and regulatory compliance. You will play a critical role in protecting the organisation during high‑pressure situations by providing clear leadership, decisive action, and trusted advice to senior stakeholders.

As our new Information Security Incident Manager , you will also:

• Lead the organisation’s cyber incident response, coordinating technical, operational, and business activities from containment to recovery. 
• Act as Cyber Incident Commander for major incidents, setting priorities, directing response actions, and maintaining situational awareness. 
• Own and continuously improve the Cyber Incident Response Plan (CIRP), aligned to risk appetite, regulatory requirements, and crisis and business continuity frameworks. 
• Make time‑critical decisions under delegated authority, including containment, service isolation, escalation, and third‑party engagement. 
• Serve as the primary escalation point, providing clear and timely updates to senior leaders and executives. 
• Lead post‑incident reviews, ensuring root causes and lessons learned drive measurable improvements. 
• Design and oversee incident response testing and exercises to validate readiness and strengthen capability. 
• Collaborate closely with Business Continuity, Resilience, Legal, Communications, Technology, and Security Operations teams to ensure joined‑up crisis management.

We are looking for:

• Strong expertise in cyber incident response across detection, containment, recovery, and post‑incident review, with knowledge of frameworks such as NIST 800‑61 or ISO/IEC 27035. 
• Broad understanding of enterprise technologies (networks, endpoints, cloud, identity, applications) and how cyber response integrates with business continuity, IT disaster recovery, and crisis management. 
• Sound knowledge of legal, regulatory, and reputational considerations during cyber incidents, including data protection and reporting obligations. 
• Proven experience leading major or complex cyber incidents as an incident lead or commander, making clear, time‑critical decisions under pressure. 
• Ability to establish command, coordinate cross‑functional teams, and maintain clarity during high‑impact incidents without direct line authority. 
• Excellent communication skills, with the ability to brief senior executives and translate complex technical issues into clear, business‑focused recommendations. 
• Experience developing, maintaining, and exercising cyber incident response plans, running tabletop exercises, and driving lessons learned into measurable improvements. 
• Typically 7–10 years’ experience in cyber security, security operations, or incident response, ideally within a regulated or risk‑sensitive environment.

We welcome applicants from all backgrounds, and we encourage you to apply even if you feel you do not match 100% of the technical requirements. We celebrate diversity, promote inclusivity and strive to create a work environment which ensures everyone can be heard.

In return, we can offer you:

• Discretionary on-target bonus of 10%. Up to a max 20% based on performance
• 11% pension contribution (3% from you, 8% from us – optional additional matched 3% contributions, e.g. 6% from you, 11% from us)
• 25 days annual leave. Flexible public holidays and option to buy/sell additional leave
• Private Medical Cover
• Car Salary Sacrifice scheme
• 6x salary death in service
• Holistic health and wellbeing support package
• A truly flexible hybrid-working arrangement 
• A culture that promotes inclusivity, wellbeing and rewards hard work

Who We Are

Medical Protection Society (MPS) is the world’s leading protection organisation for Doctors, Dentists and healthcare professionals. We protect and support the professional interests of over 350,000 Members around the world.

We are a not-for-profit organisation, meaning our Members’ premiums are kept safe should our Members require support for complaints or claims arising from professional practice, or invested into bettering the organisation, our colleagues and our products.

Our philosophy is to support safe practice in medicine and dentistry by helping to avert problems in the first place. We also actively campaign for regulatory and legal reforms that benefit Members and the wider healthcare professions. 

To do this, we need colleagues who are trusted and supported to deliver their best work, whether that be through leadership development, fully-funded training courses or peer-to-peer support. We want our colleagues to feel empowered enough to deliver positive change, display ambition to push themselves and are determined when faced with a challenge, whilst ensuring our Members’ best interests are at the core.

Next Steps

If you are interested in finding out more, looking for a new role and want to join an organisation that truly values its employees, take a look at the role profile to find out more about the role to apply. 

Our Talent Acquisition team are always on hand should you have any questions, are having any technical issues or wish to understand how MPS can support you with your application and interview. You can contact our Talent Acquisition team by emailing careers@medicalprotection.org.

Medical Protection Society