CrawlJobs Logo

Expert Incident Response Cybersecurity Analyst

Ireland, Galway · Job Posted January 14, 2026
Apply Position
Job Link Share

Job Description

Expert Incident Response Cybersecurity Analyst. This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2 days per week from an HPE office. You will be responsible for protecting HPE’s information, assets, and ensuring the security of our organization. You will work closely with our Cyber Defense Center team to identify, analyze, and respond to security threats. This is a highly technical role that requires a strong understanding of cyber security principles and a passion for protecting our users' data.

Job Responsibility

  • Monitor and analyze network traffic, logs, and alerts to identify and respond to security incidents
  • Conduct in-depth investigations of security incidents, including root cause analysis and impact assessment
  • Develop and maintain security tools and processes to improve the efficiency and effectiveness of the Cyber Defense Center
  • Collaborate with other teams, including IT, Legal, and Communications, to ensure a coordinated response to security incidents
  • Provide expert advice and guidance to other teams on cyber security best practices and risk management
  • Combines deep industry expertise with a thorough understanding of information and security technology to effectively analyze associated logs and respond to high severity incidents
  • Contributes to the company's security response methods, suggesting automation opportunities which can enhance IR
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies, driving innovation within the organization's threat detection and response capabilities
  • Foster a culture of continuous improvement and innovation, encouraging the adoption of new technologies and methodologies within the team

Requirements

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience desired
  • 6+ years of experience in cybersecurity, with a focus on incident response and threat analysis desired
  • Proven experience in security tools and technologies, including SIEM, EDR, and Incident ticketing technology
  • Strong knowledge & understanding of common attack vectors and threat actor tactics, techniques, and procedures
  • Expertise in Security Information and Event Management (SIEM) tools and related security platforms
  • Demonstrates exceptional proficiency in performing log analysis across common environments (Windows, Linux, AWS, Azure, GCP)
  • In-depth knowledge of common security threats, vulnerabilities, and attack methodologies – including advanced persistent threats (APTs) and zero-day exploits
  • Extensive experience with performing in-depth incident investigation, documenting findings, and developing actionable remediation plans
  • Strong communication skills
  • Ability to work independently and on high-impact projects in fast-paced environments
  • Ability to collaborate with cross-functional teams

Nice to have

  • Certifications: Certified Information Systems Security Professional (CISSP), CompTIA Security+, GIAC Certified Incident Handler (GCIH), IC2 Certified Cloud Security Professional
  • Accountability, Action Planning, Active Learning, Active Listening, Agile Methodology, Bias, Business, Coaching, Creativity, Critical Thinking, Cybersecurity, Data Analysis Management, Data Collection Management, Data Controls, Design Thinking, Development Methodologies, Empathy, Follow-Through, Growth Mindset, Implementation Methodologies, Infrastructure Design, Intellectual Curiosity, Long Term Planning, Managing Ambiguity

What we offer

  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Expert Incident Response Cybersecurity Analyst

8 matching positions

Third-Party Cybersecurity Incident Analyst

This role is categorized as hybrid. This means the successful candidate is expec...
Location
Location
United States , Austin; Warren
Salary
Salary:
129400.00 - 212300.00 USD / Year
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Systems, Computer Science, Information Security, or related field
  • At least 7 years in information security with prior incident management, security operations, and cyber event analysis experience
  • Expert in cyber incident detection, investigation, and response, especially third-party and supply chain risk
  • knowledge of application, network, and OS security controls
  • understanding of vulnerability management and risk mitigation
  • Proven ability to lead complex cyber event activities, communicate technical findings to executives, and mentor team members
  • Strong investigative mindset
  • able to translate technical analysis into strategic business recommendations
  • highly detail-oriented and organized
  • Trusted with confidential and sensitive information at the enterprise level
Job Responsibility
Job Responsibility
  • Lead the triage, analysis, and escalation of critical third-party cybersecurity incidents, ensuring alignment with GM’s strategy
  • Assess incident impacts and urgency, guide containment actions, and provide expert advice to technical and non-technical stakeholders
  • Oversee investigations, incident tracking, and resolution, ensuring thorough documentation and reporting
  • Collaborate cross-functionally with Cyber Defense, GMIT, Legal, Purchasing, and leadership for effective response operations
  • Engage external partners to determine root causes and shape third-party risk management
  • Provide strategic support during high-priority and after-hours third-party incidents
  • Prepare and deliver executive-level reports and metrics to support informed decision-making
  • Mentor and guide others, fostering skill development across the team
  • Drive continuous improvement of incident response processes, tools, and methods
  • Coordinate communications with stakeholders and executive leadership, maintaining transparency and alignment during incidents
What we offer
What we offer
  • medical
  • dental
  • vision
  • Health Savings Account
  • Flexible Spending Accounts
  • retirement savings plan
  • sickness and accident benefits
  • life insurance
  • paid vacation & holidays
  • tuition assistance programs
  • Fulltime
Read More
Arrow Right

Senior Incident Response Analyst

Wrike is seeking an experienced Senior Incident Response Analyst to help safegua...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
klaxoon.com Logo
Klaxoon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 5 years of experience in a Senior Incident Response Analyst/SOC/Cybersecurity or similar security-focused role in a software product company
  • Deep understanding of network fundamentals and a wide range of security threats
  • Exceptional analytical and problem-solving skills, with the ability to think critically under pressure
  • Outstanding communication skills, both written and verbal, with the ability to convey complex concepts to technical and non-technical audiences
  • Hands-on experience with leading security information event management (SIEM) and extended detection and response (XDR) platforms (e.g., Rapid7, Splunk, Wazuh, Microsoft Defender for Endpoint, Crowdstrike)
  • Strong experience in log analysis, event correlation, and incident response
Job Responsibility
Job Responsibility
  • Lead the monitoring, analysis, and triage of complex security alerts and events, providing expert guidance to junior team members
  • Assess risk and impact of potential incidents, recommending and overseeing appropriate remediation actions
  • Employ a broad range of advanced security tools and technologies to proactively detect and investigate sophisticated cyber threats
  • Collaborate with and mentor other teams, including incident responders, to ensure timely and accurate escalation and resolution of high-priority cases
  • Oversee documentation and reporting of security incidents, ensuring accuracy, clarity, and timely delivery to relevant stakeholders
  • Drive the ongoing development and enhancement of security monitoring and detection capabilities, introducing best practices and automation where appropriate
  • Stay ahead of the latest security trends, emerging vulnerabilities, and best practices, sharing knowledge and recommendations within the team and across the organization
  • Demonstrated experience functioning at an L3 level, serving as the final escalation point for resolving complex security incidents and issues
  • Mentorship of junior/mid senior analysts, ability to share knowledge
What we offer
What we offer
  • 18 calendar days of paid vacation (12 days of National & Festival holidays (10 fixed, 2 flexible))
  • Sick Leave Compensation (5 Paid Uncertified Sick Days)
  • Menstrual Leave: Twelve (12) days per calendar year. Women employees are eligible for up to 1 day of menstrual leave per month.
  • Parental Leave: 26 Weeks Maternity / 4 Week Paternity
  • 2 Volunteer Days
  • Group Medical Insurance (Employees + Dependents)
  • Term Life Insurance (Rs 50,00,000)
  • Personal Accident Insurance (Rs 50,00,000)
  • Monthly Broadband / Internet Reimbursement (INR 1500)
  • Hybrid Working Model + Complimentary Lunch & Snacks
  • Fulltime
Read More
Arrow Right

Incident Response Senior Analyst

We are seeking a highly skilled and detail-oriented Cybersecurity Incident Respo...
Location
Location
United States , Salt Lake City
Salary
Salary:
Not provided
alterdomus.com Logo
Alter Domus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, information security, or related professional experience
  • Minimum of 1 to 3 years of experience in incident response, Security operation, threat management
  • Strong knowledge of SIEM, and SOAR environment
  • Hands-on experience with IDS/IPS, and endpoint protection platforms
  • Working knowledge of Azure Defender and AWS security suite (GuardDuty, Security Hub)
  • Knowledge of network device configurations and standards (Firewalls, Switches, NSGs)
  • Knowledge of common operating systems MacOS, Linux and Windows OS
  • Familiarity with malware analysis, reverse engineering, and forensic tools
  • Strong cross functional communication skills and the ability to work closely with internal teams & lead cyber incident remediation efforts
  • Familiarity with common security frameworks and standards, such as NIST
Job Responsibility
Job Responsibility
  • Respond to security incidents
  • Lead and manage alerts, investigate, contain, and eradicate the cyber threats
  • Conduct forensic investigations to identify the root cause of security breaches and recommend preventive measures
  • Participate in post-incident reviews to identify lessons learned
  • Coordinate with internal teams and external partners during incident containment, eradication, and recovery efforts
  • Monitor security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and other tools for suspicious activity
  • Investigate and assess potential threats, vulnerabilities, and attack vectors
  • Create detailed incident reports, document findings, remediation steps, and lessons learned
  • Maintain and update incident response playbooks and processes
  • Participate in Tabletop exercise and incident response trainings for other stakeholders
What we offer
What we offer
  • Support for professional accreditations
  • Flexible arrangements, generous holidays, plus an additional day off for your birthday
  • Continuous mentoring along your career progression
  • Active sports, events and social committees across our offices
  • 24/7 support available from our Employee Assistance Program
  • The opportunity to invest in our growth and success through our Employee Share Plan
  • Plus additional local benefits depending on your location
Read More
Arrow Right

Sr. Cyber Detection Incident Analyst - Security Operations

As a Cyber Detection Incident Analyst on GM’s Security Operations team, you will...
Location
Location
United States , Warren
Salary
Salary:
Not provided
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, Information Systems, or equivalent experience
  • 5+ years of experience in cybersecurity with a focus on detection engineering, security operations, incident response, intrusion detection, or security event analysis
  • Strong analytical and investigative skills with the ability to interpret complex datasets and communicate findings effectively
  • Ability to create tactical scripts (Python, PowerShell, KQL, Bash, etc.) to supplement investigative workflows and enrich detections
  • Experience with network security monitoring (IDS, packet capture, flow analysis) and proper techniques for identifying and responding to security events
  • Experience detecting threats in cloud environments (Azure, AWS, GCP) and using cloud-native detection tooling
  • Strong collaboration and communication skills with focus on cross-team partnerships
  • Demonstrated ability to mentor other analysts, contribute to team development, and work effectively in a collaborative team environment
  • Deep knowledge of SIEM technologies, log‑centric analytics, and correlation logic
  • Deep knowledge of EDR platforms and behavioral-based detection methodologies
Job Responsibility
Job Responsibility
  • Conduct expert-level triage and deep-dive analysis of security events using EDR, NDR, identity telemetry, application logs, SIEM analytics, SOAR workflows, and cloud-native security tools
  • Lead incident escalation workflows and collaborate with the Incident Response and other partner teams drive timely containment and resolution of security threats
  • Perform proactive threat hunting across endpoints, networks, identity systems, cloud platforms (Azure, AWS, GCP), and SaaS environments using threat intelligence, behavioral analytics, and TTP/IOC research
  • Correlate telemetry across diverse systems to identify sophisticated attack patterns
  • Apply strong understanding of OS internals, cloud architectures, networking, authentication protocols, and adversary tradecraft to assess risk, determine impact, and drive escalation decisions
  • Integrate threat intelligence (IOCs, behavioral patterns, ATT&CK-aligned TTPs) into detection logic, use cases, and hunt strategies
  • Develop, tune, and maintain high-efficacy detections across: SIEM : correlation rules, anomaly detection, enrichment logic
  • EDR/XDR : behavioral detections, process analytics, custom rules
  • NDR : network anomaly detection, lateral movement patterns
  • SOAR : automation workflows, enrichment routines
What we offer
What we offer
  • Relocation benefits may be eligible
  • Fulltime
Read More
Arrow Right

Cybersecurity Expert (SOC & Cloud)

The Security team is excited to welcome a motivated Cybersecurity Expert to help...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
leadtech.com Logo
Leadtech Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor/ Master's degree in Cybersecurity, Information Security, Computer Science, or a similar discipline
  • Knowledge of Security frameworks such as ISO 27001, NIST, PCI-DSS, OWASP, GDPR
  • Knowledge of technical concepts such as cloud computing, code review, application security, cryptography, forensics, vulnerability detection (Azure & AWS are a must)
  • Deep Knowledge of cybersecurity/technical concepts such as: GNU/Linux systems
  • Microsoft Sentinel and Defender, as well as experience with writing KQL queries
  • Microsoft Azure (Network Security Groups, Recovery Services Vaults, Playbooks and Workbooks)
  • TCP/IP, DNS, and firewalls
  • Python, Bash, and SQL, Java, PHP
  • Familiarity with attack and exploitation techniques involving operating systems, applications, and devices (CISSP, CompTIA, CEH)
  • Understanding of security best practices for data and systems protection
Job Responsibility
Job Responsibility
  • Operate & optimize (and potentially Lead) a Security Operations Center (SOC)
  • Advanced Incident Investigation and Analysis
  • Handling Complex Threats: Investigating high-priority alerts escalated from Tier 1/2, such as potential APTs (Advanced Persistent Threats) or ransomware
  • Deep-Dive Analysis: Performing forensics on compromised systems, analyzing malware, and reconstructing attack chains using packet captures and log data
  • Cross-Source Correlation: Stitching together fragmented data from SIEM, EDR (Endpoint Detection and Response), and NDR (Network Detection and Response) tools to build a comprehensive picture of the attack
  • Proactive Threat Hunting and Detection Engineering
  • Threat Hunting: Proactively searching network and endpoint data for undetected, hidden threats rather than waiting for alerts
  • Rule Creation & Tuning: Developing custom detection logic and SIEM correlation rules to identify new malicious behavior
  • Reducing False Positives: Refining alert systems to minimize noise, ensuring the team focuses on genuine security incidents
  • Incident Response and Containment
What we offer
What we offer
  • Flexible career path with personalized internal training and an annual budget for external learning opportunities
  • Flexible schedule with flextime (7 - 9:30 a.m. start, 3:30 - 6 p.m. end)
  • Free Friday afternoons with a 7-hour workday
  • 35-hour workweek in July and August
  • Competitive salary
  • Full-time permanent contract
  • Top-tier private health insurance (including dental and psychological services)
  • 25 days of vacation plus your birthday off, with flexible vacation options—no blackout days
  • Office in Barcelona complete with free coffee, fresh fruit, snacks, a game room, and a rooftop terrace with stunning Mediterranean views
  • Ticket restaurant and nursery vouchers, paid directly from your gross salary
  • Fulltime
Read More
Arrow Right

Cybersecurity Manager - Detection and Response

Microsoft Incident Response – the Detection and Response Team (DART) – part of t...
Location
Location
United Kingdom , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field and several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection and several years of experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field and several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
  • Many years of people management and/or informal/indirect team leadership experience
  • Strong analytic, qualitative, and quantitative reasoning skills
  • Track record of successfully managing a technical business group and maintaining consistent growth
  • Recognized as a strategic leader who can hire, retain and motivate diverse quality talent
  • Experience leading both a services organization and product development function
  • Develop business strategy and provide technical thought leadership
  • Manage customer engagements escalations to ensure customer satisfaction
Job Responsibility
Job Responsibility
  • People Management: Responsible for mentoring, managing and leading a team of cyber security analysts, engineers, developers, leads and incident managers
  • Managers deliver success through empowerment and accountability by modeling, coaching, and caring
  • Strategic Initiatives: Secure partner relationships and work closely with internal product and services groups as well as co-delivering with Microsoft’s Partner ecosystem
  • Develop and mentor individual contributors through open communication, training and development opportunities and performance management processes
  • Develop and maintain objectives, metrics and KPIs supporting the department’s strategic direction and continuously improve incident response technical capabilities
  • Communicate complex and technical issues to diverse audiences, verbally and in writing, in an easily understood, authoritative, and actionable manner
  • Present to a wide range and size of audiences from IT Pro, to CxO, to business decision makers
  • Technical leadership and executive presence to establish Trusted Technical Advisor to influence senior decision makers to mature and promote customer’s security posture across the overall technology landscape
  • Drive investigative teams to exhaust all investigative leads in the expectation of discovering novel attacker techniques
  • Investigate and research these techniques, and partner with threat intelligence and security engineering to drive security tooling and product enhancements
  • Fulltime
Read More
Arrow Right
New

Managed Services Operations Specialist

The Managed Services Operations Specialist is a skilled cybersecurity specialist...
Location
Location
Romania , Bucuresti
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 1 year of experience working in an industry standard SOC in security analysis/incident handling and security monitoring
  • Experience or at least knowledge of Cloud technologies (Azure preferred)
  • Experienced in SIEM (Sentinel, Splunk, QRadar Chronicle, McAfee, CryptoSIM, Logsign etc.) and SOAR products
  • Knowledgeable in security topics such as next gen firewalls (Fortinet, PaloAlto, CheckPoint) and other network security devices and software such as WAF, DLP, anti-virus/anti-malware, threat intelligence, etc.
  • General understanding of attacker tools, tactics and techniques and referencing on MITRE ATT&CK, knowledge of MITRE Shield
  • Familiar with tools for malware analysis, open-source threat Intelligence and SOAR
  • Detail-oriented, problem-solving mindset with critical and analytical thinking
  • Ethical integrity, good at teamwork, responsible and highly motivated
  • Result-oriented, inquisitive, eager to learn new threats, technologies, and security practices
  • Fluent in English to read and interpret global reports and technical articles published in the field of cybersecurity
Job Responsibility
Job Responsibility
  • Monitor security access and identify security incidents using Security Information and Event Management (SIEM) tools
  • Ensure continuity and availability of the modular platform components and security systems required
  • Perform initial analysis and investigation of security alerts to differentiate false positives from true incidents. This includes understanding attack vectors, malware behavior, and the potential impact of different types of threats
  • Document security incidents and actions taken in response
  • Escalate complex incidents to higher-level SOC threat responders and experts for further analysis and resolution, working in partnership with the L2 Central SOC teams and other SOCs
  • Participate in developing incident response protocols and procedures
What we offer
What we offer
  • Hybrid working regime 2 days from the office, 3 days remote
  • Special discounts for Vodafone employees, Friends & Family offers
  • Demo telephone subscription - unlimited (voice and data)
  • Voucher for the purchase of a mobile phone
  • Medical subscription to a top private clinic & other medical benefits
  • Insurance for hospitalization and surgical interventions
  • Life insurance
  • Meal tickets
  • Bookster subscription
  • Participation in development programs and challenging projects in the leadership area
  • Fulltime
Read More
Arrow Right

SOC Cyber Threat Expert

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
Türkiye , Ankara
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in engineering departments (preferably Electronics or Computer Engineering)
  • 5+ years of experience in performing hands-on security engineering, consulting, team management, penetration testing, and/or adversary simulation, red teaming exercises, vulnerability assessments in complex operational ICT environments
  • Familiarity with industry standards like OWASP TOP10, CVSS, CIS, NIST etc.
  • CISSP, CISM, OSCP, CEH level is expected
  • Experienced in SIEM products (QRadar, FortiSIEM Splunk, Logsign etc.) and SOAR products
  • Experience working with Threat modeling (e.g., STRIDE, PASTA, FAIR, Security Cards), operational threat intelligence, and attack framework standards (e.g., MITRE ATT&CK) with a good understanding of the Cyber Kill Chain and pervasive threat attack methods and remediation
  • Experience working in an industry standard Security Operations Center or similar environment providing incident handling and response, intrusion detection, analysis, cyber threat intelligence, threat determination, and mitigations processing and tracking, working with several network and system security technologies to include Elasticsearch, data analytics platforms, endpoint tools, network technologies, and SIEMs
  • Experience developing detection logic for enterprise SIEM systems and with exploitation techniques and use case development
  • Experience in the detection and response to malicious activity using log data and alerts from cybersecurity solutions, systems, and network devices
  • Experience extracting and analyzing forensic artifacts across Windows, Mac, and Linux operating systems
Job Responsibility
Job Responsibility
  • Coding Experience in Scripting & programming languages (such as Java, Bash, Python, PowerShell, etc.) to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts, as well as automate common analytical processes to reduce analyst time and avoid repetitive incident response tasks
  • Making assessments on Information Security processes and taking responsibility of implementing improvements on related systems
  • Deploy, configure, and maintain security technologies, including, EDR, XDR, SOAR, SIEM, solutions to assess each of the cybersecurity technology’s responses
  • Develop open-source and vendor based threat detection scenarios
  • Develop tooling for Detection Development Life-Cycle
  • Research on new threat hunting methodologies, tools, and technologies
  • Onboard and maintain detection and hunting products (SIEM, EDR, etc.)
  • Manage and maintain internal SOC technologies and processes
  • Effectively use threat intelligence services and malware sandboxes for hunting new malware threats
  • Excellent written skills with demonstrated ability to write reports
What we offer
What we offer
  • Vflexy: Flexible Benefits Program
  • Hybrid working kit
  • Ergonomic kit allowance
  • Digital meal voucher
  • Flexible transportation allowance
  • Employee assistance hotline & counselling
  • Comprehensive and flexible private health insurance
  • Discounted price deals for wide range of products & services
  • Fulltime
Read More
Arrow Right