Senior Incident Coordinator
| Posting date: | 23 July 2025 |
|---|---|
| Salary: | £46,169 to £52,467 per year |
| Additional salary information: | This role is eligible for a skills-based non-pensionable allowance. In certain circumstances, exceptional candidates may also be eligible for a higher starting salary. |
| Hours: | Full time |
| Closing date: | 05 August 2025 |
| Location: | London |
| Company: | Government Recruitment Service |
| Job type: | Permanent |
| Job reference: | 418333/1 |
Summary
The GC3 coordinates the Government's response to cyber security vulnerabilities, threats, and incidents, enhancing cyber resilience and enabling the Government to more efficiently and effectively protect public services and “defend as one”.
In June 2025, it was announced that the Government Cyber Directorate will move to the Department for Science, Innovation and Technology (DSIT) as a part of a machinery of government change. This change aims to bring together the digital transformation of public services into one central department, presenting exciting opportunities and positioning DSIT to lead the government’s digital agenda.
This role is in scope to transfer to DSIT when the machinery of government change takes place. As a result, if you are successful and appointed by Cabinet Office to this role before on the transfer date, when this is confirmed, your role will transfer from Cabinet Office to DSIT at the time of the relevant machinery of government change taking place. If your start date is on the transfer date, when this is confirmed, you will be appointed direct to DSIT and your appointment will be unaffected by the machinery of government change. We are currently consulting with our Trade Unions on which policies, terms and conditions will apply on transfer. The statement of changes applied to all other Cabinet Office staff will also apply to you if you are successful.
We are looking for an experienced incident coordinator to join the GC3 Incident Management team. As a key member of the team you will be responsible for coordinating the cross-government response to cyber security events and incidents, continually improving incident management capabilities, and deputising for the Head of Incident Management as required. This role reports to the Head of Incident Management.
Responsibilities include:
- Supporting the triage of incidents reported to the GC3 Incident Management team, enabling rapid prioritisation, triggering appropriate response actions, and managing stakeholder communication throughout;
- Leading the coordination of the cross-government response to cyber incidents, including engaging with and supporting national security processes (e.g., COBR) as required;
- Leading on cross-government impact assessments to understand and manage risks to Government arising from cyber incidents;
- Providing advice and guidance to government organisations on the response to cyber incidents;
- Identifying and sharing lessons learned from cyber incidents to improve overall Government cyber resilience;
- Building and continually updating response playbooks, processes and documentation;
- Supporting the delivery and continual improvement of the GC3 Incident Management function, ensuring alignment with wider strategy.
- Deputising for the Head of Incident Management as required;
- Engaging with the wider public sector cyber security, incident management and crisis management communities on behalf of GC3 Incident Management;
- Maintaining a good understanding of the tools, techniques and procedures used in cyber attacks, and the mitigations that can be used to respond and remediate;
- Acting as an escalation point for, and providing coaching and mentoring to, junior staff members;
- Being responsible for the leadership and line management of junior staff members.
Proud member of the Disability Confident employer scheme