Cyber Security Incident Responder

Role Title: Cyber Security Incident Responder

Business Area: Security Services

About This Role: The Security Operations Centre (SOC) houses the cyber security team responsible for monitoring and analysing an organisation's security posture on an ongoing basis. The SOC team's goal is to provide 24x7x365 capabilities to detect, analyse, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes. The SOC staff work closely with the Network Operation team (NOC) to ensure security issues are addressed quickly upon discovery.

The Cyber Security Incident Responder will work with existing skilled IT Security staff, responding to cyber security threats in near real‑time. An up to date understanding of relevant IT networks, security standards, authentication protocols, and security related hardware and software within the organisation is vital.

• Administer and optimize Microsoft Defender for Endpoint and Defender for Cloud configurations to ensure consistent security baselines across on‑premises and cloud environments.
• Implement and maintain Microsoft Purview configuration policies to support data governance, compliance, and information protection strategies.
• Collaborate with IT, legal, compliance, and other key stakeholders to align configuration management practices with organizational policies and regulatory requirements.
• Coordinate with stakeholders to conduct investigations of cyber incidents, reverse engineer malware, identify attack vectors, and provide accurate incident accountability.
• Conduct regular reviews of Defender and Purview configurations to identify misconfigurations, enforce best practices, and mitigate security risks.
• Engage in intelligence‑driven investigative analysis; define and coordinate cyber incident response testing to assess capabilities and breach preparedness.
• Create and maintain forensic and incident management policies governing incident handling.
• Conduct research on the latest threats and advancements in defending against unauthorized access to information.
• Perform threat hunting within corporate environments to detect historic or active malicious/unauthorised activity.
• Publish official reports and executive summaries for all major cyber incidents.
• Identify and implement appropriate controls within the SIEM and other security solutions to prevent and detect security incidents.
• Develop innovative monitoring and detection solutions using tools and advanced scripting.
• Engage with internal and external parties to share information to improve processes and security posture.
• Carry out detailed forensic analysis during major incident responses.
• Support the wider analyst team with deeper analysis of complex security events and incidents.

• Passionate and professional security mindset
• Strong customer service skills to follow up with clients and handle escalations
• Ability to ensure confidentiality and discretion in performing sensitive tasks
• Understanding of cyber-attack techniques, vulnerabilities, and countermeasures
• Technical knowledge of Information Technology and Cyber Security standards
• Expert knowledge of SIEM platforms, IT forensics, and real‑time endpoint inspection tools
• Previous experience in handling incident response and forensic analysis
• Understanding of MITRE ATT&CK framework
• Experience simulating active exploits and detections
• Strong understanding of SIEM and UEBA
• Proficiency in scripting languages such as Python and PowerShell
• Working knowledge of cloud technologies
• Familiarity with forensics tools such as EnCase, Sleuth Kit, Redline & FTK Imager
• 3–4 years of experience in information security
• 2+ years of incident handling experience
• 1+ year of forensic experience
• Bachelor's Degree or equivalent preferred
• English: fluent

Job schedule: Business Hours, Monday–Friday (On Call). We are committed to creating an inclusive and supportive work environment. If you require any reasonable adjustments during the application or interview process, please let us know, and we will work with you to meet your needs.