CrawlJobs Logo

Incident Response Lead - Global Security

arrive.com Logo

Arrive

Location Icon

Location:
Poland; Sweden; United Kingdom , Łódź

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Incident Response (IR) Lead is accountable for leading and maturing the organization’s detection and response capability, ensuring efficient execution of incident handling, investigation, and recovery activities across Arrive. This role combines operational leadership with strategic oversight, ensuring the IR function remains resilient, scalable, and aligned with the evolving threat landscape. The IR Lead drives day-to-day operations while shaping long-term improvements in processes, tooling, and methodologies. This includes ensuring incidents are identified, triaged, and resolved in a timely and structured manner, while continuously enhancing detection logic and response playbooks based on lessons learned. This role requires a strong leader who can operate at both technical and strategic levels, bridging security operations with business priorities. The IR Lead is expected to translate incident insights into actionable improvements, strengthen cross-functional collaboration, and provide clear, risk-based communication to stakeholders, including senior leadership. Reporting to the Sr. Director of Security Operations, the IR Lead plays a central role in strengthening organizational cyber resilience and ensuring a coordinated, intelligence-driven response capability.

Job Responsibility:

  • Own and lead the Incident Response function, including strategy, governance, and operational execution
  • Direct and optimize daily IR operations, ensuring efficient handling of security incidents, escalations, and threat hunting activities
  • Act as the central coordination point during major incidents, ensuring structured response, clear communication, and minimal business disruption
  • Design, maintain, and continuously improve incident response playbooks, workflows, and escalation procedures
  • Review and quality-assure investigations, ensuring consistency in analysis, evidence handling, and decision-making
  • Collaborate with internal teams and external partners to ensure seamless incident management
  • Lead, mentor, and develop the IR team, promoting technical excellence, accountability, and continuous learning
  • Support crisis management activities, including participation in tabletop exercises and real-world incident coordination
  • Ensure alignment with regulatory, legal, and compliance requirements related to incident response and breach handling
  • Drive integration between detection engineering, threat intelligence, and response to enhance overall security effectiveness
  • Proactively hunt for threats and integrate intelligence to anticipate attacks
  • Develop and refine detection content and rules (e.g., SIEM, EDR) to map against adversary tactics
  • Identify gaps in current capabilities and lead initiatives to enhance tooling, automation, and operational maturity
  • Build and maintain a strong collaboration with all are strategic MSSP and security vendors to enhance security operations and fully utilise available resources and expertise
  • Produce and present executive-level reporting, including incident trends, root cause analysis, and business impact assessments
  • Develop and maintain a repeatable incident orchestration standard to regular security incident tickets

Requirements:

  • 10+ years of experience in cybersecurity, with significant hands-on involvement in Incident Response and Detection & Response functions
  • Demonstrated experience leading and managing IR or SOC teams in complex environments
  • Strong expertise in incident response methodologies, digital forensics, threat hunting, and attacker tactics, techniques, and procedures (TTPs)
  • Solid understanding of security technologies (EDR, SIEM, SOAR), network protocols, operating systems, and enterprise infrastructure
  • Proven ability to translate technical findings into business-relevant insights and communicate effectively with senior stakeholders
  • Experience developing and operationalizing playbooks, detection use cases, and response frameworks
  • Strong analytical and problem-solving capabilities, with attention to detail under pressure
  • Ability to lead in high-stress situations, make informed decisions quickly, and manage competing priorities
  • Experience fostering a high-performing team culture focused on collaboration, ownership, and continuous improvement
  • Excellent written and verbal communication skills, including experience delivering executive briefings
  • Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or a related discipline - a plus
  • Relevant certifications such as GCIH, GCFA, GSOM, or equivalent industry-recognized credentials - a plus

Nice to have:

  • Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or a related discipline
  • Relevant certifications such as GCIH, GCFA, GSOM, or equivalent industry-recognized credentials

Additional Information:

Job Posted:
May 20, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Arrive - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
PREMIUM
More languages and countries
+ Unlock 31633 hidden job offers
Languages
English Čeština Deutsch Ελληνικά Español Français +15
Countries
United States United Kingdom India Canada Australia +
See plans
Plans from $2.99 / month

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Incident Response Lead - Global Security

Security Incident Responder

Snowbit is looking for an experienced Security Incident Responder to join our Ma...
Location
Location
India , Gurugram
Salary
Salary:
Not provided
coralogix.com Logo
Coralogix
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3-5 years in incident response, threat hunting with strong experience in cloud security (AWS, Azure, GCP) and Kubernetes environments
  • Proven Incident response experience in complex environments
  • Demonstrates strong expertise in understanding adversary tactics and techniques, translating them into actionable investigation tasks, conducting in-depth analysis, and accurately assessing the impact
  • Familiarity with attack vectors, malware families, and campaigns
  • Deep understanding of network architecture, protocols, and operating system internals (Windows, Linux, Unix)
  • Expertise in Kubernetes security, including container orchestration, workload isolation, and cluster hardening
  • Experience securing Kubernetes infrastructure, runtime security, and security monitoring
  • Ability to work independently and collaboratively in dynamic, fast-paced environments
  • Excellent written and verbal communication skills to interact with technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Leverage Snowbit’s advanced MDR platform to lead large-scale incident response investigations and proactive threat-hunting initiatives
  • Conduct log analysis, and cloud artifact reviews using EDR and similar tools depending on availability, to support incident resolution and root-cause investigations
  • Investigate and respond to security incidents in containerized environments, with a specific focus on Kubernetes security and architecture
  • Research evolving cyberattack tactics, techniques, and procedures (TTPs) to strengthen customer defenses and codify insights for our services
  • Provide technical and executive briefings to customers, including recommendations to mitigate risk and enhance cybersecurity posture
  • Collaborate with internal teams, including engineering and research, to enhance Snowbit’s MDR and incident response capabilities
  • Partner with customer teams (IT, DevOps, and Security) to ensure seamless integration and adoption of Snowbit’s MDR services
  • Share expertise through presentations, research publications, and participation in the global cybersecurity community
  • Fulltime
Read More
Arrow Right

Information Security & OT Lead

At METLEN Energy & Metals, we are catalysts for a sustainable future, positioned...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information science, Information systems or a related scientific field
  • Master’s degree will be considered an asset
  • +5 years of experience in Information Security or Cybersecurity roles
  • Strong technical background in cybersecurity and OT security
  • Proven experience in managing information security in OT environments is a strong plus
  • Solid understanding of ISO 27001, ISA/IEC 62443, and NIS2 directives
  • Strong knowledge of risk management methodologies and compliance frameworks
  • Excellent collaboration and communication skills for multi-site and cross-border coordination
Job Responsibility
Job Responsibility
  • Respond to audit requirements for all international sites including factories, energy plants, and solar fields
  • Participate in cyber incident response processes related to international and local industrial installations
  • Guide technical leaders and support information security compliance in Greek and international operations
  • Propose cybersecurity architectures and solutions to safeguard operational technology (OT) infrastructure
  • Participate in management committees to inform senior leadership on cyber risks and compliance issues
  • Work closely with international IT business partners on cybersecurity topics across the global footprint
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
Read More
Arrow Right

Senior Information Security & OT Lead

Senior Information Security & OT Lead position in Athens, responsible for cybers...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information science, Information systems or a related scientific field
  • +5 years of experience in Information Security or Cybersecurity roles
  • Strong technical background in cybersecurity and OT security
  • Proven experience in managing information security in OT environments
  • Solid understanding of ISO 27001, ISA/IEC 62443, and NIS2 directives
  • Strong knowledge of risk management methodologies and compliance frameworks
  • Excellent collaboration and communication skills for multi-site and cross-border coordination
Job Responsibility
Job Responsibility
  • Respond to audit requirements for all international sites including factories, energy plants, and solar fields
  • Participate in cyber incident response processes related to international and local industrial installations
  • Guide technical leaders and support information security compliance in Greek and international operations
  • Propose cybersecurity architectures and solutions to safeguard operational technology (OT) infrastructure
  • Participate in management committees to inform senior leadership on cyber risks and compliance issues
  • Work closely with international IT business partners on cybersecurity topics across the global footprint
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Incident Response

Mozilla is looking for an Incident Responder to monitor and mitigate attacks acr...
Location
Location
Germany
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT)
  • Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.). Splunk proficiency is preferred
  • Expertise with endpoint detection and investigation. Hands-on experience with leading EDR tools and demonstrated ability to leverage endpoint telemetry to find root cause
  • Expertise with security orchestration and automation (SOAR) platforms such as Tines or Splunk SOAR
  • Superb communication and leadership capacity
  • ability to partner effectively with diverse company stakeholders
  • Real-world experience in software development and/or engineering operations for consumer products and services
  • B.S. in a technology-focused field is helpful
  • Practical experience working with cloud technologies (eg. Google Cloud Platform, Amazon Web Services, Heroku, Microsoft Azure, etc.)
  • Ownership and Accountability
Job Responsibility
Job Responsibility
  • Identify and respond to security incidents on a global scale
  • Act as an incident commander to drive incidents through the entire response lifecycle
  • Design and maintain a portfolio of security alerts, automated actions, playbooks and escalation workflows in support of a high-performing 24/7 incident response capability
  • Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors
  • Research threat intelligence reports, triage and manage resulting workflows
  • Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities
  • Participate in on-call rotation
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Manager II, Security Incident Command

Uber’s Incident Command team, part of the Threat Defense and Response (TDR) orga...
Location
Location
United States , New York; Seattle; San Francisco; Sunnyvale
Salary
Salary:
232000.00 - 258000.00 USD / Year
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in one or more of the following: Security incident response
  • Production incident management (e.g., SRE, Ring0, reliability engineering)
  • Security or infrastructure operations
  • Experience leading or coordinating high-severity incidents in a complex, distributed environment
  • Experience serving as an incident commander, incident lead, or equivalent leadership role during critical incidents
  • Strong systems thinking: ability to navigate incidents across infrastructure, applications, and services
  • Excellent communication and stakeholder management skills, especially under pressure
  • Experience mentoring or managing engineers or operational responders
Job Responsibility
Job Responsibility
  • Lead a global team of incident commanders managing Uber’s highest severity security incidents
  • Drive structured, effective coordination across engineering, security, and business teams during high-impact events
  • Partner with Security, Legal, and Privacy on sensitive incidents requiring careful judgment and handling
  • Evolve incident management practices by integrating security IR and SRE/Ring0 disciplines
  • Own postmortem, premortem, and incident simulation programs to improve resilience and organizational readiness
  • Translate external incidents and emerging threats into actionable risk reduction across Uber
  • Build and integrate automation and AI-driven capabilities into incident response, postmortems, premortems, and incident simulations
  • Translate incident processes into scalable systems, defining safe automation boundaries and human-in-the-loop decision frameworks
  • Mentor and grow incident commanders in leadership, decision-making, engineering, and operational excellence
  • Foster an inclusive, high-performing culture grounded in accountability, learning, and continuous improvement
What we offer
What we offer
  • Eligible to participate in Uber's bonus program
  • May be offered an equity award & other types of comp
  • All full-time employees are eligible to participate in a 401(k) plan
  • Eligible for various benefits
  • Fulltime
Read More
Arrow Right

Director of Security

Jeeves is looking for a visionary and hands-on Director of Information Security ...
Location
Location
Brazil , São Paulo
Salary
Salary:
Not provided
tryjeeves.com Logo
Jeeves
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Master's degree preferred
  • 10+ years of progressive experience in information security
  • At least 5 years in a leadership or management role, preferably within a B2B SaaS or FinTech environment
  • Proven experience operating in a global organization with a strong understanding of diverse regulatory landscapes across North America, EMEA, and Latin America (Mexico, Colombia, Brazil)
  • Strong understanding of financial industry security regulations and compliance frameworks (e.g., PCI DSS, SOC 2, ISO 27001, NIST Cybersecurity Framework, GDPR, LGPD)
  • Deep technical expertise across a broad range of security domains, including network security, cloud security (AWS, Azure, GCP), application security, data security, identity and access management, and incident response
  • Experience with various security tools and technologies (SIEM, EDR, WAF, DLP, vulnerability scanners, etc.)
  • Excellent communication, interpersonal, and presentation skills, with the ability to articulate complex security concepts to technical and non-technical audiences, including executive leadership
  • Strong analytical and problem-solving skills, with a proactive and pragmatic approach to security
Job Responsibility
Job Responsibility
  • Develop, implement, and maintain a robust global information security strategy aligned with business objectives, regulatory requirements, and industry best practices
  • Lead the evolution of our security roadmap, identifying emerging threats, vulnerabilities, and opportunities for improvement
  • Provide expert guidance and leadership on all aspects of information security to executive management and key stakeholders
  • Oversee the design, implementation, and continuous improvement of security policies, standards, procedures, and guidelines across the organization
  • Manage and mature our security awareness and training programs for all employees, fostering a security-conscious culture
  • Develop and manage the information security budget and resource allocation
  • Establish and maintain an enterprise-wide information security risk management framework, conducting regular risk assessments and managing mitigation plans
  • Ensure compliance with relevant international, regional, and local data privacy and security regulations
  • Lead and coordinate external security audits and assessments, facilitating responses to findings and ensuring timely remediation
  • Oversee security operations, including vulnerability management, penetration testing, security monitoring, and incident detection and response
  • Fulltime
Read More
Arrow Right

Head of Information Security

The Head of Information Security is a senior technical leadership role. The role...
Location
Location
Poland , Kraków
Salary
Salary:
Not provided
content.perkinelmer.com Logo
PerkinElmer
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Engineering, or related field
  • 5+ years of experience in technical cybersecurity roles
  • Proven experience leading enterprise-scale security engineering and operations teams
Job Responsibility
Job Responsibility
  • Own the enterprise security architecture across network, endpoint, cloud, identity, and application domains
  • Define technical security standards, reference architectures, and engineering patterns
  • Lead the selection, deployment, and lifecycle management of security platforms and tooling
  • Embed security-by-design into infrastructure, cloud, and application initiatives
  • Lead Security Operations (SOC / SecOps), including detection, response, and operational resilience
  • Own vulnerability management, threat intelligence, and security telemetry
  • Drive continuous improvement in detection, automation, and response effectiveness
  • Lead the Cybersecurity Incident Response Team (CIRT)
  • Act as technical incident commander during major security incidents
  • Own investigation, containment, eradication, and recovery activities
What we offer
What we offer
  • Private healthcare including dental care
  • Life and long-term disability insurance
  • MyBenefit Cafeteria system
  • Multisport Card
  • Social Fund Subsidies
  • Home Office allowance
  • Tuition reimbursement
  • Referral awards
  • Internal career development opportunities in multiple business areas
  • Day off to celebrate your birthday
Read More
Arrow Right