Skip to main content
GPN Brand Mastheads GP, TSYS

Cybersecurity Incident Manager

Back To Search Results
    • Remote, GB, ENG, York
  • Information Security Management
  • Full time
  • Sep 03 2023
  • TSYS
  • Job ID: R0043949


Job Title: Cybersecurity Incident Manager

Location: Remote, UK

Salary: £30,000 - £40,000 dependant on experience (plus additional on-call payments)

Summary of role

TSYS is one of the largest third-party card payment processors in Europe and the third largest in the USA. We are responsible for the secure delivery of 24 billion transactions a year!

It’s an exciting industry, fast paced and complex. We need to deliver smart solutions for our clients and we need to ensure when people shop that their money is secure

This role is in  our Security Operations organisation, and will play a vital role in the day to day management of critical security incidents and post incident activities. 

 As a Global Cybersecurity Incident Manager (GCIM) you will coordinate containment, eradication and post-incident activities for critical cyber security incidents using your incident management capabilities/experience. In addition, you will investigate the causes of security incidents and resolve security incidents with support from the Incident Response Team (IRT) and recommend enhancements to improve the security posture across the enterprise. You will be responsible for documenting and engaging with key stakeholders for any Root Cause Analysis (RCA) and post-incident activities ensuring we have reduced the chances of incident recurrence and identified techniques and procedures for incident response to ensure timely investigation and resolution of critical security incidents.

This role is in our Security Operations organisation, and will play a vital role in the day to day management of critical security incidents and post incident activities.  

What Part Will You Play?

  • Ownership of critical Cyber Security Incident Response Tickets (CSIRTs), with a requirement to investigate and resolve these within specific time frames.

  • Performs incident handling processes by maintaining knowledge in implementation of containment, protection and remediation activities.

  • Provides 24x7 on-call incident management support on rotation for critical security incidents.

  • Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis (RCA) for security incidents and the tracking of actions to prevent incident recurrence.

  • Enhances knowledge of new and emerging threats that can affect the organisation's information assets, third party software/solutions, IT configuration changes (including access control requests), and network/system.

  • Collaborates with vulnerability management and development teams to ensure timely remediation of critical and high vulnerability findings reported through the Bug Bounty Program.

  • Provides executive level written communication for inquiries related to security incidents or common vulnerabilities for distribution internally.

  • Identifies risks based on changes to implementation of ISO (International Organization for Standardization/BSO (Business Services Online); enhances knowledge of PCI(Payment Card Industry)/Logical Security guidelines and models, HIPPA (health insurance portability and accountability act), (GDPR) General Data Protection Regulation, PII (Personally Identifiable Information), and Card personalization.

  • Participates in reviews and assessments to provide recommendations to enhance or improve the security posture of environments as part of post incident activities and lessons learned.

  • Maintain and follow runbooks for day-to-day incident response activities in line with the corporate security incident response plan (CSIRP) 

  • Works under close supervision to perform day-to-day Information Security functions pertaining to security incidents and post-incident review.

What Are We Looking For in This Role?

Minimum Qualifications

  • Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field. Or relevant work experience in a related field.

  • Typically Minimum 3 Years Relevant Experience with Incident Management and/or Information Security

  • Knowledge of network operations or engineering or system administration on Unix, Linux, MAC (Message Authentication Code), or Windows; common security operations, intrusion detection systems, Security Incident Event Management systems, Penetration Testing, Web Application assessment, Secure Coding practices, Cloud Technologies.

Preferred Qualifications

  • ITIL V4

  • Professional security certifications such as CISSP (Certified Information System Security Professional), or Systems Security Certified Practitioner (SSCP), or  CISM(Certified Information Security Manager), or CISA(Certified-Information-Systems-Auditor), or GSEC (GIAC Security Essentials), or  Network +,or Security +, or GCIH (GIAC Certified Incident Handler)

  • Knowledge of industry standard security compliance programs PCI (Payment Card Industry), GDPR (General Data Protection Regulation),SOX(Sarbanes-Oxley), GLBA(Gramm Leach Bliley Act), etc.)

  • Experience working in Google Workspace and JIRA

What Are Our Desired Skills and Capabilities?

  • Strong verbal and written communication skills.

  • Demonstrated ability to effectively communicate ideas and persuade others to accomplish challenging goals and objectives.

  • Ability to facilitate meetings and enable discussions that lead to resolution and communicate results.

  • Skills / Knowledge - Developing professional expertise, applies company policies and procedures to resolve a variety of issues.

  • Job Complexity - Works on problems of moderate scope where analysis of situations or data requires a review of a variety of factors. Exercises judgement within defined procedures and practices to determine appropriate action. Builds productive internal/external working relationships.

  • Supervision - Normally receives general instructions on routine work, detailed instructions on new projects or assignments.

  • Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them.

  • Incident Response - Knowledge and skills to contribute to all phases of Incident Response.


•     Work for a global market leading card processing company
•    A company with a friendly, professional and growth centric culture
•    26 days holiday, increasing with service up to 30 days, plus option to buy 3 days holiday per year.
•    Health insurance scheme - through Vitality Health which offers various wellness related discounts and incentives.
•    Life insurance and disability cover 
•    Group Personal Pension scheme - 7% employer contribution
•    Generous entitlements to paid maternity, paternity, adoption leave and other time off.
•    Employee friendly working policies
•    Social events, and opportunities to join internal team member groups.


Creating the payment stack for the future

Cybersecurity Incident Manager

Apply now

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. Those applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of the Human Resources Department.


Be part of our talent community

Connect with a recruiter, learn about upcoming career events and get updated job postings.

Join our talent community