Key skills
AWSAzureCloudCyber SecurityFirewallsLinuxPythonBashPowerShellCommunicationPenetration TestingNetwork Security
About this role
Role Overview
- Execute end‑to‑end Detect & Incident Response processes — from initial detection through containment, eradication, and post‑incident review
- Identify, triage, and respond to real‑time cyber intrusions across IT and OT environments
- Lead detailed investigations to minimize business impact and uncover root causes
- Collaborate with security engineering, automation, threat intelligence, and other cyber capabilities to continuously enhance detection and response
- Analyze and correlate security events using industry‑leading SIEM, EDR, and network monitoring technologies (e.g., SIEM platforms, endpoint protection, IDS/IPS, network telemetry)
- Monitor the performance and effectiveness of deployed security controls
- Report vulnerabilities and drive corrective actions with stakeholders
- Conduct forensic analysis, threat hunting, and advanced investigations
- Develop and refine playbooks, standard operating procedures, and detection logic
- Provide clear communication of incident impact and remediation progress to technical and executive stakeholders
- Support wargame exercises, tabletop simulations, and continuous improvement initiatives
- Participate in a rotating on‑call schedule to support 24/7 operations during critical incidents
Requirements
- A bachelor’s degree (Master’s preferred) in Computer Science, Cybersecurity, or a related field.
- Certifications such as SANS, GCIH, GCIA, GCFA are a plus
- Extensive experience in Cyber Detect & Respond, SOC operations, cybersecurity investigations, or network operations
- Strong preference for OT SOC experience — including monitoring and responding to threats in industrial control systems (ICS), SCADA, and critical infrastructure environments
- A solid background in one or more technical security domains, such as:
- Ethical hacking / penetration testing
- Red teaming / adversary simulation
- Digital forensics
- Threat hunting
- Network security engineering
- Strong analytical and problem‑solving skills, with the ability to examine complex data sets and identify patterns, anomalies, and attack indicators
- Hands‑on experience with SIEM, EDR, IDS/IPS, firewalls, proxies, and network monitoring technologies
- Understanding of the current threat landscape, attacker TTPs, malware behavior, and incident response practices
- Familiarity with cloud platforms (AWS, Azure), scripting (PowerShell, Python, Bash), and system internals (Windows/Linux)
- Ability to work under pressure, manage multiple investigations, and coordinate effectively across teams
- Willingness to support after‑hours and on‑call responsibilities during high‑priority incidents.
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Firewalls
- Linux
- Python
Benefits
- Competitive starting salary and annual performance related salary increase
- Paid parental leave, including for non-birthing parents
- Flexible working hours, and the possibility of remote/mobile working
- Access to a wide range of training and development programmes