Cyber Security Incident Response Engineer
Posted 1 day ago by Hydrogen Group
Negotiable
Inside
Hybrid
Welwyn Garden City, Hertfordshire, UK
Summary: The role of Cyber Security Incident Response Engineer involves a strategic and hands-on approach to enhancing the Cyber Security Incident Response capability for a large retail business. The position requires collaboration with various teams to improve readiness for significant cyber incidents. The contract is for an initial duration of six months and requires one day per week onsite in Welwyn Garden City. The day rate is highly flexible for the right candidate.
Key Responsibilities:
- Collaborate with the Cyber Security Incident Manager, SOC, DFIR, Threat Intelligence, and Engineering teams.
- Build and mature incident response capabilities, processes, playbooks, and runbooks.
- Support tabletop exercises, simulations, and cyber readiness activities.
- Enhance the organization’s readiness for high-impact cyber incidents.
- Drive continuous improvement across cyber incident response and resilience.
Key Skills:
- Experience in CSIRT, SOC, or Incident Response within a large enterprise environment.
- Knowledge of frameworks such as NIST, ISO 27035, and MITRE ATT&CK.
- Experience with security tooling including SIEM, SOAR, EDR/XDR, and cloud security platforms.
- Strong stakeholder management and documentation skills.
- Ability to drive continuous improvement across cyber incident response.
Salary (Rate): undetermined
City: Welwyn Garden City
Country: UK
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
6-month initial contract
Inside IR35
1 day per week onsite in Welwyn Garden City
Day rate highly flexible for the right person
I'm working with a large retail business, and they are looking for a Security Engineer to help build and mature their Cyber Security Incident Response capability.
This is a strategic and hands-on role, working closely with the Cyber Security Incident Manager, SOC, DFIR, Threat Intelligence and Engineering teams to improve the organisation's readiness for high-impact cyber incidents such as ransomware, insider threats and major security breaches.
Key experience required:
- CSIRT, SOC or Incident Response experience within a large enterprise environment.
- Building and improving incident response capabilities, processes, playbooks and runbooks.
- Supporting tabletop exercises, simulations and cyber readiness activities.
- Knowledge of frameworks such as NIST, ISO 27035 and MITRE ATT&CK.
- Experience with security tooling including SIEM, SOAR, EDR/XDR and cloud security platforms.
- Strong stakeholder management and documentation skills.
- Ability to drive continuous improvement across cyber incident response and resilience.