Senior Response Engineer

About Us

Integrity360 is the largest independent cyber security provider in Europe, with a growing international presence spanning the UK, Ireland, mainland Europe, Africa and the Caribbean. With over 700 employees, across 12 locations, and six Security Operations Centres (SOCs)—including locations in Dublin, Sofia, Stockholm, Madrid, Naples and Cape Town—we support more than 2,500 clients across a wide range of industries. 

Over 80% of our team are technical experts, focused on helping clients proactively identify, protect, detect and respond to threats in an ever-evolving cyber landscape. Our security-first approach positions cyber resilience as a business enabler, empowering organisations to operate with confidence. 

At Integrity360, people come first. We invest heavily in learning, development and progression, fostering a dynamic culture where innovation, collaboration and continuous growth are at the heart of what we do. If you're ready to take your cyber security career to the next level, we’d love to hear from you. 

Are you an experienced cybersecurity professional with a passion for Blue Teaming? Do you thrive on mentoring others and tackling complex security challenges? If so, we want to hear from you!

At Integrity360, our Managed Detection and Response (MDR) Team is expanding rapidly, and we're seeking skilled and motivated senior-level SOC Analysts to join us. You'll play a key role in guiding and supporting our juniors and interns, while also diving into the more intricate aspects of cybersecurity that keep our clients secure.

This is a fantastic opportunity for someone looking to advance their career in cybersecurity, particularly within the Blue Team arena. You'll be at the forefront of responding to and investigating malicious activity, triaging alerts, and helping customers navigate security incidents.

Responsibilities

Incident Investigation:

• Triage security alerts to assess if additional investigation is required.
• Conduct thorough investigations to identify the root cause of incidents, collaborating with team members or escalating when necessary.
• Ensure that incidents are communicated clearly and timeously with clients for effective resolution.

Process Improvement:

• Regularly review and update incident response procedures to enhance efficiency and effectiveness.
• Establish close alignment with the Detection team to analyze alert trends to refine detection rules to minimize false positives.

Efficiency Optimization

• Assist the Incident Response Team Leader to streamline response workflows through automation, orchestration and/or other innovative methods.
• Establish methodologies to ensure that the alert queue is triaged effectively, allowing for appropriate actions taken on security incidents.

Incident Management

• Lead the management of cybersecurity incidents from detection to resolution, adhering to established protocols.
•  Identify and document vulnerabilities in client systems during investigations, contributing to ongoing improvements in security posture.
• Assist with critical incident report writing.

Client Communication

• Maintain clear, professional communication with clients throughout the incident lifecycle, ensuring transparency and client satisfaction.
• Promote best practices within the team to consistently achieve positive outcomes for clients and stakeholders.

Requirements

• A minimum of 5 years of experience in cybersecurity, particularly in a technical role within a SOC, CSIRT, or similar environment.
• A minimum of 2 years of experience in critical incident handling, this includes investigating Business Email Compromise, ransomware and credential leak related incidents. 
• Experience with conducting security related log investigations with utilising various log sources/security products.
• Proven experience in incident response including the creation of detection rules and the management of security incidents.
• Strong understanding of networking, with the focus being able to understand network related attacks.
• Familiarity with SIEM technologies such as Splunk, QRadar, Elastic Stack, or equivalent.
• Knowledge of the attack chain and critical incidents including experience with Digital Forensics and Incident Response is beneficial.