Threat Detection specialist

A global organisation I am working with is looking for someone to join their Security Operations team in strengthening security measures, detecting potential threats, and responding rapidly to incidents. 

Key Responsibilities

• Investigate and respond to escalated security incidents, conducting root cause analysis and implementing remediation plans.
• Collaborate with Cyber Security Operations (CySO) teams to coordinate responses and ensure accurate, timely communication.
• Manage the full security incident lifecycle, from detection to resolution, ensuring detailed documentation and stakeholder coordination.
• Perform post-incident reviews, track key security metrics, and refine processes to enhance future incident response.
• Develop training materials and enhance team capabilities in threat detection and response.
• Conduct proactive threat-hunting exercises and support strategic improvements in detection methodologies.
• Identify opportunities for automation to streamline security response processes.
• Stay ahead of emerging cybersecurity threats, continuously improving techniques and defenses.
• Provide clear, concise security briefings to senior stakeholders, including executive leadership, during major incidents.
• Ensure adherence to operational security procedures, incident reporting, and continuous process enhancement.

What We’re Looking For

• Bachelor’s or Master’s degree (or equivalent experience) in Cybersecurity, Information Technology, or a related field.
• Minimum of 3 years experience in cybersecurity, with a focus on Threat Detection and Response (TDR) at a senior analyst level (L3-L4).
• Strong expertise in security incident investigations, threat analysis, and remediation strategies.
• In-depth knowledge of incident response frameworks (e.g., Cyber Kill Chain, Diamond Model) and hands-on experience with SIEM systems and network investigations.
• Experience working with security tools such as Microsoft Azure Sentinel, Microsoft Defender, QRadar, Palo Alto XSIAM, and other SIEM/logging platforms.
• Solid understanding of network protocols (DNS, HTTP, SMB) and deep knowledge of operating system forensics (Windows, Linux, Unix, AIX).
• Prior experience in a 24/7 Security Operations Center (SOC) environment, handling high-severity incidents under pressure.
• Ability to develop incident escalation procedures and proactively conduct Threat Hunting.
• Strong communication skills, with the ability to explain technical issues to both technical and non-technical audiences.
• Industry-recognized certifications (e.g., GCIA, GCIH, GCFA, Security+, Network+) are highly preferred.
• Background in Supply Chain, Logistics, or Transport industries is a plus.
• A team player who thrives in a fast-paced, collaborative environment.