Incident Response Analyst Team Lead

Thrive
Nottingham
1 year ago
Applications closed

Related Jobs

View all jobs

Lead SOC Analyst

Penetration Tester

Senior SOC Analyst

Junior Information Security Analysist

Security Operations Centre / SOC Team Lead

Cyber Assurance Officer

About Us  Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services.  Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers.  Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job” but rather look to develop valuable skills that ignite their passion and lead to a CAREER.  If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training and experience necessary to build a lucrative career, then welcome to THRIVE!!  Position Overview  With a growing client base, Thrive is expanding its security team. We are looking for an experienced Incident Response Analyst Team Lead to join our Cyber Security Incident Response Team. This pivotal role involves leading incident response efforts, mentoring analysts, and continuously improving our customers' security posture by preventing, detecting, analyzing, and responding to cybersecurity incidents using cutting-edge technology and robust processes.  The ideal candidate will bring a blend of leadership, deep technical expertise, and a passion for incident response and forensics. They will play a key role in handling high-priority incidents, refining incident response processes, and mentoring team members to ensure operational excellence.  Primary Responsibilities  Provide mentorship, coaching, and guidance to SOC Analysts and Incident Response Analyst  Foster collaboration across teams to enhance threat intelligence sharing and operational efficiency  Act as a point of escalation for complex investigations and high-priority incidents  Lead incident response and threat hunting efforts for confirmed high-priority security incidents, ensuring resolution and documentation  Investigate intrusion attempts, differentiate false positives from actual threats, and perform in-depth analysis of exploits  Proactively monitor and respond to emerging threats using advanced tools and methodologies  Conduct forensic analysis, including memory and disk imaging, to identify evidence of compromise and attacker activity  Collect, preserve, and analyze digital evidence to support investigations and potential legal actions  Utilize forensic tools to uncover artifacts such as deleted files, malware remnants, and network traces  Develop and maintain incident response playbooks, ensuring alignment with the overall security strategy  Conduct regular reviews and updates of playbooks to address evolving threats and technologies  Participate in tabletop exercises to validate and refine playbooks and incident response procedures  Analyze SOC, SIEM, and EDR platform data to identify and escalate potential threats.  Collaborate with cross-functional teams to implement security best practices for internal and external clients  Ensure adherence to Thrive’s security standards while recommending future enhancements to tools and workflows  Utilize threat intelligence to identify potential security risks and proactively mitigate them  Stay current on emerging threats, vulnerabilities, and adversarial tactics, techniques, and procedures (TTPs)  Qualifications  Required Skills and Experience  Demonstrated experience in incident handling, escalation management, or leading high-priority incident investigations  Demonstrated expertise in best security practices and incident response methodologies.  Advanced knowledge of:  Security Information and Event Management (SIEM) tools  Networking (TCP/IP, routing, and switching)  IDS/IPS, penetration testing, and vulnerability assessments  Windows, UNIX, and Linux operating systems  Network protocols and packet analysis tools  Endpoint Detection and Response (EDR), antivirus, and anti-malware tools  Content filtering and email/web gateways  Hands-on experience in forensics, malware analysis, and intrusion detection  Familiarity with industry frameworks such as MITRE ATT&CK and the Cyber Kill Chain  Proven ability to communicate complex security issues to clients, peers, and management  Strong analytical, problem-solving, and decision-making skills  Adaptability to rapidly evolving situations and technologies  Ability to participate in an on-call rotation for high-priority incidents  Preferred Skills  Knowledge of common system calls and APIs for Windows and Linux/Unix environments  Experience with programming languages relevant to security analysis and automation  Understanding of internal file structures commonly associated with malware  Experience in detection engineering and creating high-fidelity detection rules  Advanced cloud security knowledge and expertise in investigating cloud-based intrusions  Desired Certifications  Computer Hacking Forensic Investigator (CHFI)  GIAC Certified Forensic Analyst (GCFA)  GIAC Certified Forensic Examiner (GCFE)  Certified Incident Handler (GCIH)  Powered by JazzHR

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

How to Write a Cyber Security Job Ad That Attracts the Right People

Cyber security is now a board-level priority for organisations across the UK. From financial services and healthcare to critical infrastructure, SaaS platforms and the public sector, demand for skilled cyber security professionals continues to grow. Yet despite this demand, many employers struggle to attract the right candidates. Cyber security job adverts often generate large volumes of applications, but few are a genuine match. Meanwhile, experienced security engineers, analysts and architects quietly ignore adverts that feel vague, unrealistic or disconnected from real security work. In most cases, the problem is not a lack of talent — it is the quality of the job advert. Cyber security professionals are trained to assess risk, spot weaknesses and question assumptions. A poorly written job ad signals organisational immaturity and weak security culture. A well-written one signals seriousness, competence and trust. This guide explains how to write a cyber security job ad that attracts the right people, improves applicant quality and positions your organisation as a credible security employer.

Education Jobs

Maths for Cyber Security Jobs: The Only Topics You Actually Need (& How to Learn Them)

If you are applying for cyber security jobs in the UK it can feel like “real security people” must be brilliant at maths. The reality is simpler: most roles do not need degree-level pure maths. What they do need is confidence with a small set of practical topics that show up repeatedly in day-to-day work across SOC, incident response, cloud security, AppSec, threat detection, IAM & security engineering. This guide strips the maths down to what actually helps you get hired. It includes a 6-week learning plan plus portfolio projects you can publish to prove the skills. You will focus on: Number systems & bitwise thinking (binary, hex, bytes, XOR) Modular arithmetic basics (enough to understand how modern crypto “works”) Probability & statistics for detection, triage & risk Discrete maths for logic, sets, graphs & complexity Security maths habits: estimation, false positive control & evidence-led reporting You will not waste time on heavy theory that rarely appears in junior or mid-level cyber security roles.

Jobs

Neurodiversity in Cyber Security Careers: Turning Different Thinking into a Superpower

Cyber security is all about thinking like an attacker, spotting unusual patterns, protecting systems & responding calmly when everything looks like it’s on fire. It’s a discipline built on curiosity, persistence & noticing things other people miss. That’s exactly why it can be such a good fit for many neurodivergent people. If you live with ADHD, autism or dyslexia, you may have been told your brain is “too distracted”, “too literal” or “too disorganised” for a security role. In reality, the traits that can make traditional office work tough often line up beautifully with cyber security work – from hyperfocus in incident response to meticulous analysis in threat hunting. This guide is written for cyber security job seekers in the UK. We’ll look at: What neurodiversity means in a cyber context How ADHD, autism & dyslexia strengths map to different security roles Practical workplace adjustments you can ask for under UK law How to talk about neurodivergence during applications & interviews By the end, you’ll have a clearer sense of where you might thrive in cyber security – & how to turn “different thinking” into a genuine superpower.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.