Senior Incident Response Expert

We're looking for a hands‑on incident response specialist to work alongside senior TDR leadership at a major global organisation. This is a deeply technical role focused on the execution and continuous improvement of threat detection and response capabilities, with no people management responsibility.

You’ll be the technical engine behind incident response operations — investigating complex security incidents across a global environment, driving threat hunting activities, and ensuring detection strategies and playbooks remain effective against an evolving threat landscape.

Key responsibilities

• Execute and lead technical investigation of security incidents end-to-end across global infrastructure
• Conduct proactive threat hunting across a large, distributed international environment
• Develop and maintain TDR playbooks, detection use cases, and escalation procedures
• Perform digital forensics and malware analysis on high‑severity incidents
• Review and improve anomaly-based detection logic and alerting workflows
• Produce detailed post‑incident reports including root cause analysis and recommendations
• Collaborate closely with the Head of TDR and wider Cyber Security Operations team

You’ll need

• 5+ years in cybersecurity with a hands‑on focus on incident response and TDR
• Proven experience operating in large, complex, global enterprise environments
• Strong practical experience in digital forensics and/or malware analysis
• Deep knowledge of threat hunting techniques and attacker TTPs (MITRE ATT&CK)
• Experience with Microsoft Sentinel, Defender, IBM QRadar, and/or Palo Alto
• Ability to produce clear technical and executive‑level incident documentation
• Degree in IT, Cybersecurity, or a related field