Fidelity International
Cyber Security Operational Incident Manager - Technical Consultant

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
About The Opportunity
Job Type: Permanent
Application Deadline: 24 July 2026
Job Description
Title: Cyber Security Operational Incident Manager - Technical Consultant
Department: Cyber Defence Operations - GCIS
Location: Kingswood, Surrey
Reports To: Senior Manager - CDO
Level: 5
We share a commitment to making things better for clients and each other. We continually explore new technology and different ways of working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you’re making progress.
About Your Team
Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to play a direct role in helping our clients with one of the most important aspects of their lives – their financial well-being.
Within the Technology function is our Global Cyber & Information Security (GCIS) that operates enterprise security services and controls. These are designed to mitigate Cyber and Information Security risks ensuring that Fidelity's business operates securely. The Technical Cybersecurity teams monitor both the internal and external threat environment, responding to security alerts and events in close to real time, as well as providing security assurance and access management services across the enterprise technology and business environment. Our global innovative Cyber Defence Operations team sits within GCIS and provides proactive, cutting-edge solutions to protect clients’ digital assets and infrastructure against evolving cyber threats.
The Cyber Security Operational Incident Manager within our SOC team focuses on safeguarding and defending FIL from Cyber threats. You will be responding to and managing widespread security events and should have an understanding on how best to maintain CIRT teams skills and knowledge. The role will be supported by a global team of CIRT analysts who are looking at this role to provide them with direction and guidance during serious incidents. It will also be supported by a strong security leadership team and global incident management process who are keen to develop this capability. Our leadership team will be looking at this role to report on a number of key incident KPI’s and provide assurance to our customers on the global operational security response process.
About Your Role
The successful candidate will be experienced in operational security incident management, including vulnerability management, understanding the value of rigorous planning, tested procedures and playbooks and quick response to critical security incidents. This is a critical role expected to develop and maintain our operational security incident management capability and help mature our global response processes.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
The successful candidate will be comfortable working at a technical level, proactively suggesting improvements to the incident playbooks whilst also being able to co-ordinate our front-line CIRT team during major events. The successful candidate will be able to demonstrate understanding of incident response tools and techniques, experience in responding to and managing widespread security events and an understanding on how best to maintain CIRT teams skills and knowledge. The role will be supported by a global team of CIRT analysts who are looking at this role to provide them with direction and guidance during serious incidents. It will also be supported by a strong security leadership team and global incident management process who are keen to develop this capability. Our leadership team will be looking at this role to report on a number of key incident KPI’s and provide assurance to our customers on the global operational security response process.
About You
Key Responsibilities
- Own and be accountable for security incidents; taking the lead in driving global remediation activities
- Ensure simple, repeatable, manual tasks are automated within the Incident Response process
- Ensure a “best-practice” program is in place to manage and maintain our security response procedures
- Proactively develop and deliver new incident response capabilities, tooling and processes.
- Develop an incident management strategy, focussing on regular reviews and exercises.
- Create and deliver table-top and simulated exercises focussing on areas of risk identified by our Threat Intelligence team.
- Ensure the operational security process is consistently maintained across our global regions, taking into account different regulatory requirements and rules.
- Acting as the point of contact for our global business incident management team for all security related incidents.
- Run Post Incident Reviews and track and manage outcomes to delivery.
Experience And Skills Required
- Experience and strong understanding of frontline security operations
- Experience running a vulnerability remediation programme or overseeing vulnerability teams would be advantageous
- Experience running complex security incidents at a global scale
- Experience creating or continually improving an incident management program
- Strong reporting ability, with an understanding on how to tailor reports to show improvements and learnings
- In depth understanding of modern attack techniques and flows
- Clear and demonstratable understanding of NIST and MITRE Att&ck Methodologies
- Experience in cloud environments (Ideally Azure)
- Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements.
- Banking or Finance industry related experience desirable
- Security Incident Management Qualifications preferred
- Security Incident related qualifications (e.g SANS 504)
- Experience working in an Incident Response position.
- Experienced responding to global complex security events
- Experienced using NIST or MITRE frameworks to deploy defensive plans and/or actions
- Experience explaining the risk of security threats and creating mitigations.
- Experience of general IT infrastructure technologies and principles.
- Experience of using vulnerability management tooling e.g Nexpose, Qualys etc.
- Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL.
- Understanding of Networking Architecture (OSI Model).
- Analytical skills
- Challenge the current processes
- Passion for the cybersecurity field
- Time management
- Able to organize others


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Nice to Have Certifications - Security+, Network+, GCIA, GCIH, GCFA, GMON, GNFA, SSCP, OSCP
Feel Rewarded
For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.
For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.
As an international financial services organisation, we are in-scope of international regulations in the way that we carry out our work. This position is involved in work that is regulated by the FCA and/or the PRA and their Individual Conduct Rules (COCON) apply to it, along with any other regulation. We provide training on COCON and how it affects our employees. More information about COCON can be found in the Employment Handbook.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills