Senior Cyber Security Incident Responder

Ref No. 23825
Working from Home
Posted 4 Oct 2022


Employment: Permanent

Job description

Sorry, this advert is now closed. Click here to view our live vacancies.

Looking for an Incident management role where you can work fully remotely for an established and reputable Cyber Defence team?

If you’ve managed a range of cyber security incidents from large scale vulnerabilities to data exploitation to breaches of containers; we want to hear from you!

The role:

  • Stakeholder management is a big part of this role, it involves working with C-Suite 3rd party stakeholders so you will need to be able to adapt your communication approach and explain technical terminology in a non-technical way.
  • There is a focus on cloud and malware – if you’ve worked with one and are looking to upskill in the other; this role offers the training.
  • DLP is part of the role but not the focus, so it isn’t suitable for DLP specialists

The company:

  • With a reputation for being one of the UK’s best employers for the last quarter of a century, this company has mastered how to retain the growing team; and that’s through consistent learning opportunities and ongoing progression.
  • They’re always at the forefront of technology and constantly implement the most modern and cutting-edge tools and frameworks.
  • They have a remote first approach to working, they value a work life balance and want to offer as much flexibility to the team as possible

The Tech:

  • Windows, Linux & Mac
  • Scripting in languages such as Python, PowerShell, and Bash. 
  • Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks. 


The Experience required:


  • Strong knowledge of multi-cloud incident response, including but not limited to: 
    • Investigation into relevant logs such as Prisma, Sentinel, Defender, etc.
    • Cloud-native automation of containment activities. 
    • Collaboration with application and infrastructure to understand cloud attack vectors and security measures required.
    • SaaS application investigations and relationship management
  • Experience in reverse-engineering malware samples and C2 protocols, including but not limited to:
    • Reverse engineering recently discovered malware variants and their respective C2 infrastructure and targets. 
    • Research into the latest malware detection evasion techniques.
    • Creation of detection rules and/or provide detection or blocking recommendations. 

‘Apply Now’ to be considered or contact Kim for a confidential chat – k . gibbons @ intapeople . com

Your consultant

Kim Gibbons

IT Team Lead

Get in touch: