Incident Response Specialist – Global Cyber Security Operations

Role Overview

A leading organization within the insurance sector is seeking an experienced Incident Response Specialist to join its Global Cyber Security Operations function. This role plays a critical part in detecting, analyzing, coordinating, and resolving cybersecurity incidents across enterprise environments.

The position combines deep technical incident response expertise with stakeholder engagement and coordination responsibilities. The successful candidate will act as a senior escalation point for security analysts, ensuring effective triage, investigation, and resolution of security events while helping strengthen overall security operations maturity.

• Lead and coordinate the end-to-end handling of cybersecurity incidents across the enterprise, ensuring timely containment, investigation, and resolution.
• Serve as an escalation point for Tier 1 and Tier 2 security analysts during complex or high-priority incidents.
• Oversee the quality and consistency of incident tickets, ensuring adherence to established response procedures and standards.
• Act as a senior technical representative for the security operations function during operational hours, including stakeholder communication with both technical and non-technical audiences.
• Provide guidance and recommendations to security leadership on incident handling, risk impact, and remediation actions.
• Collaborate with global and regional cybersecurity teams to enhance operational efficiency, processes, and security tooling effectiveness (e.g., SIEM, EDR, email security, cloud security platforms).
• Conduct threat research using internal and external intelligence sources to identify emerging risks and attack trends.
• Support continuous improvement of incident response practices and contribute to operational maturity initiatives within the security operations environment.
• Assist in coordinating shift activities where required, helping ensure consistent coverage and operational readiness.

• Bachelor’s degree in Cybersecurity, Information Security, or a related discipline, or equivalent practical experience.
• Approximately 7+ years of experience in a Security Operations Center (SOC) environment with a strong focus on incident response and coordination.
• Demonstrated experience managing and coordinating cybersecurity incidents across multiple teams or stakeholders.
• Strong understanding of SOC operations, threat detection, and incident response methodologies.
• Hands-on experience with security monitoring and response tools, including SIEM, EDR, and related security platforms.
• Proven ability to support or lead team members in an operational security environment, ensuring efficient workflow and escalation handling.
• Strong communication skills, with the ability to translate technical findings into clear business-level explanations.

• Industry-recognized certifications such as CISSP, CISM, CEH, or SANS certifications are advantageous.
• Familiarity with modern attacker techniques, tactics, and procedures (TTPs).
• Experience with threat intelligence platforms and cyber threat analysis methodologies.
• Exposure to global cybersecurity standards, frameworks, or regulatory requirements.
• Prior experience in a leadership or supervisory capacity within a SOC environment.