CrawlJobs Logo

Security Lead - Incident Response & Threat Management

https://www.randstad.com Logo

Randstad

Location Icon

Location:
United Kingdom , City of London

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

400.00 - 500.00 GBP / Hour
Save Job
Save Icon
Job offer has expired

Job Description:

A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management to contribute to a large-scale project for a high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. This role offers the opportunity to work on a national-scale project and will be ideal for someone who wants to make a difference in the IT industry working with cutting-edge technologies. This position suits a 'hands-on' practitioner with a strong background in correlation alerting and managing high-priority incidents.

Job Responsibility:

  • Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events
  • Threat Intelligence: Utilising Recorded Future, OpenCTI, and Cribl to correlate alerts and transform raw intelligence into actionable defensive insights
  • Detection & Monitoring: Designing advanced alerting mechanisms and robust monitoring strategies within Splunk to identify emerging threats
  • Vulnerability Remediation: Overseeing the identification and mitigation of vulnerabilities across diverse networks to minimise organisational risk exposure

Requirements:

  • Proficiency in Incident Response, Triage, and Threat Management
  • Practical, hands-on experience with Splunk, Cribl, Recorded Future, and OpenCTI
  • Expertise in Cloud Security Architecture
  • Proven ability to handle P1 and P2 incidents with a technical, proactive approach
  • Active Security Clearance is Needed

Nice to have:

Relevant industry certifications such as CISSP, CISM, or GIAC are highly desirable

Additional Information:

Job Posted:
February 17, 2026

Expiration:
February 17, 2026

Work Type:
Remote work
Icon
Randstad - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Lead - Incident Response & Threat Management

Senior Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
256000.00 - 342000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • Experience with AWS, GCP, or similar cloud platforms
  • Experience in building and delivering projects from start to finish
  • Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution. Participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Security Incident Management Analyst

The Security Incident Management Analyst is an intermediate level position respo...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Relevant professional certifications issued by GIAC, AWS, etc., preferably GCCC, GCIH, CEH, ECSA
  • General Industry knowledge of reporting obligations pertaining to local and national laws and regulatory bodies such as OCC, SEC, ECB, MAS
  • Working knowledge of common security models (Defense-in-Depth) and frameworks (MITRE Attack, Cyber Kill Chain, STIX)
  • Working knowledge of VERIS taxonomy
  • Working knowledge of OSI model
  • Working knowledge of security and/or incident response in cloud environments
  • Working knowledge of software development best practices, including agile methods
  • Familiar with Atlassian tools
  • Previous experience working in highly regulated environment
  • Previous experience in a fusion center and/or exposure to large scale incident response
Job Responsibility
Job Responsibility
  • Work as part of a best in class ‘follow the sun’ security incident response team
  • Lead and manage incident response activities to ensure that requisite triage, containment, and eradication are completed within targeted timeframes
  • Ensure that the security incident record is complete, accurate and fit for purpose
  • Collect and analyze evidence including investigative findings and prepare to coordinate with internal and external compliance and audit personnel
  • Execute incident response meetings and communicate complex security topics
  • exhibit good judgment and discretion when initiating escalations to all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed by appropriate selection
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing information security standards to align procedures and practices in pursuit of compliance with Citigroup standards
  • Validate compliance with information security policies, practices, and procedures, and resolve a variety of information security related issues in coordination with the relevant business(es)
  • Fulltime
Read More
Arrow Right

Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
184500.00 - 246000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience: 3+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Technical Skills: Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • experience with AWS, GCP, or similar cloud platforms
  • Project Management: Experience in building and delivering projects from start to finish
  • Specialization: Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Community Engagement: Contributions to the security community or open source projects
  • Communication: Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution
  • participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • Health and wellbeing resources
  • paid volunteer days
  • equity
  • bonuses
  • commissions
  • Fulltime
Read More
Arrow Right

Security Operations Manager

As the Security Operations Manager, you will lead Cyera’s security operations fu...
Location
Location
United States , St. Louis
Salary
Salary:
Not provided
cyera.io Logo
Cyera
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6–8 years of progressive experience in security operations, incident response, or threat management roles
  • 2+ years of experience managing or leading a SOC or security operations function
  • Deep technical understanding of modern security tools and technologies (SIEM, EDR, SOAR, IDS/IPS, CSPM, vulnerability scanners)
  • Strong knowledge of cloud security (AWS, Azure, GCP) and modern DevSecOps practices
  • Proven ability to lead cross-functional incident response efforts and drive resolution under pressure
  • Excellent communication, leadership, and stakeholder management skills
  • Solid understanding of compliance frameworks (SOC 2, ISO 27001, NIST, etc.)
Job Responsibility
Job Responsibility
  • Own the Security Operations function, including 24/7 monitoring, detection, triage, and incident response
  • Develop and maintain Cyera’s Security Operations Center (SOC) processes, playbooks, and escalation paths
  • Lead investigations of security alerts and incidents, ensuring timely response, containment, and remediation
  • Manage and continuously improve security tooling (SIEM, EDR, SOAR, vulnerability management, etc.)
  • Build and mentor a high-performing team of security analysts and engineers
  • Partner with Engineering, IT, and Product to embed security into all stages of the development lifecycle
  • Conduct regular threat modeling, risk assessments, and post-incident reviews to identify and mitigate systemic weaknesses
  • Oversee vulnerability management and coordinate patching or mitigations across infrastructure and SaaS environments
  • Collaborate with Compliance to support audit readiness (SOC 2, ISO 27001, GDPR, etc.) and maintain evidence of operational controls
  • Develop and report security KPIs and metrics to leadership and key stakeholders
What we offer
What we offer
  • Ability to work remotely, with office setup reimbursement
  • Competitive salary
  • Unlimited PTO
  • Paid holidays and sick time
  • Health, vision, and dental insurance
  • Life, short and long-term disability insurance
  • Fulltime
Read More
Arrow Right

Principal Incident Response Analyst

At Atlassian, the Principal Incident Response Analyst plays a vital role in main...
Location
Location
United States , San Francisco; Austin; Mountain View; New York
Salary
Salary:
183800.00 - 295200.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • At least 5 years of experience in a security incident response role
  • Strong understanding of various security technologies and systems, including firewalls, intrusion detection systems, anti-virus software, and authentication systems
  • Experience building and maintaining tools to assist with incident response and other security tasks
  • Ability to write basic programs in a scripting or programming language
  • Demonstrated ability to coordinate incident response among multiple teams and departments
  • Excellent written and oral communication skills
  • Ability to work under high pressure and fast-paced conditions
  • Experience with cloud technologies including GCP and network protocols
  • Expertise in creating and maintaining incident response playbooks
Job Responsibility
Job Responsibility
  • Lead the region's incident response team to ensure timely and effective response to security incidents
  • Coordinate across various teams within Atlassian during a security incident to facilitate effective communication and response
  • Coach and mentor team members in day-to-day activities
  • Build tools, systems, and programs of work to uplift Atlassian's security posture
  • Create regular training and drills for the incident response team to ensure readiness in the event of a security incident
  • Conduct post-incident analysis to identify areas for improvement in the incident response process
  • Communicate effectively with management and other stakeholders about the status of security incidents and the steps being taken to resolve them
  • Work with other security teams within Atlassian to develop strategies and plans to prevent future security incidents
  • Produce threat intelligence that is specific to Atlassian products and infrastructure
  • Own and manage the delivery of projects that advance the team's incident response capabilities
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Expert Security Analyst – Incident Coordinator

As an Expert Security Analyst – Incident Coordinator, you will take a leadership...
Location
Location
Netherlands , Veldhoven
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field
  • 7+ years experience in advanced cybersecurity roles
  • Experience working with stakeholders in a complex organization
  • Proven record of influencing upper management towards security best practices
  • Expertise in Security Monitoring, Log Analysis, and Threat Hunting
  • Deep knowledge of a wide range of domains such as Endpoint, Network, OT, Information and Cloud Security
  • Certifications – CISSP, GCIH, GCFA, CISM preferred
  • A Certificate of Good Conduct “Verklaring Omtrent het Gedrag (VOG)” is required
  • Possess a valid work permit for the Netherlands (preferred)
  • Legally authorized to access controlled technology as defined in the United States Export Administration Regulations
Job Responsibility
Job Responsibility
  • Security Monitoring – Actively monitor security alerts for malicious activity or anomalies, ensuring swift response
  • Incident Handling – Lead investigations into high-profile, complex, or advanced persistent threats (APTs)
  • Threat Hunting – Proactively search for hidden threats and improve detection capabilities
  • Incident Analysis – Correlate data across multiple sources to detect sophisticated attack patterns
  • Detection & Response Optimization – Develop advanced detection techniques and security automation strategies
  • Technology Leadership – Act as an SME for SecOps tools and threat domains
  • Mentorship & Training – Provide guidance and mentorship to analysts at all levels
  • Fulltime
Read More
Arrow Right

Principal Cybersecurity Incident Response Analyst

Principal Cybersecurity Incident Response Analyst role at HPE's Cyber Defense Ce...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • Typically 8+ years of relevant experience
  • SOC team/Incident response/Advanced threat analyst experience is required
  • Proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • Extensive understanding of adversary tactics, techniques, and procedures (TTPs)
  • Extensive Cyber and IT security knowledge
  • Extensive understanding of Cyber and IT security risks, best practices, threats and prevention measures
  • Extensive understanding of SQL and relevant scripting languages
  • Extensive data security system analysis skills
  • Extensive risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most severe and complex cybersecurity incidents
  • Guide cross-functional teams through containment, eradication, and recovery
  • Provide executive-level oversight and decision-making during critical incidents
  • Effectively analyze associated logs and respond to high severity incidents
  • Contribute to the company's security response methods
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies
  • Foster a culture of continuous improvement and innovation
  • Provide insight and guidance through after action reviews
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Principal Incident Commander

We're looking for an Information Security Incident Commander to join our team, p...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Previous incident management experience
  • 7+ years experience in information security
  • Strong written and verbal communication skills
  • Attention to detail
  • Investigative mindset
  • Ability to stay organized under pressure
  • Confidence to manage up to more senior leaders during incident response activities
  • Effective delegation of tasks across diverse workstreams
  • Experience leading functional groups/engagements
  • Awareness of Enterprise customers' expectations when communicating an incident or vulnerability
Job Responsibility
Job Responsibility
  • Identify which plans, playbooks, and processes apply to a particular Security Incident
  • Engage all required stakeholders for a particular response effort and ensure they are kept aware of all details and developments
  • Regularly update leadership on a regular cadence and when significant changes to previously known statuses arise
  • Lead incident bridge calls
  • Translate technical communications into non-technical communications
  • Assist in the development of an overall response strategy
  • Participate in preparedness activities such as tabletop exercises and red team events
  • Assist with internal and external incident related communication, both written and verbal
  • Document incident response efforts
  • Drive incident response efforts to meet SLOs and SLAs
What we offer
What we offer
  • Health coverage
  • Paid volunteer days
  • Wellness resources
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy