Threat Detection specialist

My client is looking for someone to join their cybersecurity team who will collaborate across business operations, IT teams, and senior leadership to strengthen security measures, detect potential threats, and respond rapidly to incidents. 

Key Responsibilities

• Investigate and respond to escalated security incidents, conducting root cause analysis and implementing remediation plans.
• Collaborate with Cyber Security Operations (CySO) teams to coordinate responses and ensure accurate, timely communication.
• Manage the full security incident lifecycle, from detection to resolution, ensuring detailed documentation and stakeholder coordination.
• Perform post-incident reviews, track key security metrics, and refine processes to enhance future incident response.
• Develop training materials and enhance team capabilities in threat detection and response.
• Conduct proactive threat-hunting exercises and support strategic improvements in detection methodologies.
• Identify opportunities for automation to streamline security response processes.
• Stay ahead of emerging cybersecurity threats, continuously improving techniques and defenses.
• Provide clear, concise security briefings to senior stakeholders, including executive leadership, during major incidents.
• Ensure adherence to operational security procedures, incident reporting, and continuous process enhancement.

What We’re Looking For

• Bachelor’s or Master’s degree (or equivalent experience) in Cybersecurity, Information Technology, or a related field.
• Minimum of 3 years experience in cybersecurity, with a focus on Threat Detection and Response (TDR) at a senior analyst level (L3-L4).
• Strong expertise in security incident investigations, threat analysis, and remediation strategies.
• In-depth knowledge of incident response frameworks (e.g., Cyber Kill Chain, Diamond Model) and hands-on experience with SIEM systems and network investigations.
• Experience working with security tools such as Microsoft Azure Sentinel, Microsoft Defender, QRadar, Palo Alto XSIAM, and other SIEM/logging platforms.
• Solid understanding of network protocols (DNS, HTTP, SMB) and deep knowledge of operating system forensics (Windows, Linux, Unix, AIX).
• Prior experience in a 24/7 Security Operations Center (SOC) environment, handling high-severity incidents under pressure.
• Ability to develop incident escalation procedures and proactively conduct Threat Hunting.
• Strong communication skills, with the ability to explain technical issues to both technical and non-technical audiences.
• Industry-recognized certifications (e.g., GCIA, GCIH, GCFA, Security+, Network+) are highly preferred.
• Background in Supply Chain, Logistics, or Transport industries is a plus.
• A team player who thrives in a fast-paced, collaborative environment.