Senior Security Incident and Response / Threat Intel Engineer

Location: Remote

Salary: £70,000 - £90,000

As a Senior Incident and Response Engineer, you will play a key role in maintaining and improving the security posture of this global technology platform player. You will focus on in-house threat detection and response capabilities within a “go fast” high-velocity environment.

The goal is to contain the impact of active security incidents through innovative approaches to incident response and minimize security incidents by incorporating threat intelligence activities. 

You will support the cybersecurity program initiatives focusing on reducing cyber risk exposure. As well as a strong background in incident response, the ideal candidate will also be well versed in Threat Hunting.   

 

 

The primary objectives for this role will be to proactively improve the ability to prevent, detect, disrupt, investigate, respond to, and recover from cyber attacks.

 

Responsibilities:

To lead incident response engagements related to advanced cyber-attacks, including ransomware, insider threats, data breaches, and nation-state actors.

To become a senior member of the security incident response team, performing investigations and assisting with incident response activity.

Perform threat management threat modeling, identify threat vectors and develop use cases for prevention and security monitoring.

Work with key stakeholders to assist the organisation in defining the overall security response strategy.

 

Criteria:

Extensive experience working in security response, security automation tooling, or threat intelligence.  

Experience of working in a heavily focused cloud environment – GCP/ Azure / AWS

Full-stack knowledge to understand modern attacks that involve networks, infrastructure, computing and applications

Familiar with malware analysis, forensics, SOAR, SIEM platforms, and a variety of Operating Systems

Familiarity with scripting/developing in modern languages

Strong Understanding of host-based security and tooling

Information security professional certifications encouraged (SANS GIAC, CISSP etc.)