ARCHIVED
This job listing has been archived and is no longer accepting applications.
MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Senior Cyber Incident Response Consultant

Endava

Cluj-Napoca, CJ, Romania Hybrid permanent

Posted: March 10, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

We are seeking a highly experienced Senior Cyber Incident Response Analyst to lead incid by combining world-class engineering, industry expertise and a people-centric mindset.

Required Skills

Cyber Incident Response Incident Coordination Security Operations SoC infrastructure Detection Logic Alert Triage Automation Threat Intelligence Vulnerability Management Response Playbooks SOAR Integration Incident Testing

Job Description

Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change.

 

By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses.

 

From prototype to real-world impact - be part of a global shift by doing work that matters.

Endava is seeking a highly experienced Senior Cyber Incident Response Analyst to lead incident response activities and strengthen cyber defence capabilities across enterprise client environments.

This senior technical role operates within a hybrid security operations model that includes managed SOC providers and internal cyber defence capabilities. The role is responsible for coordinating complex incident response investigations, improving detection and response capabilities, and driving operational maturity across security monitoring, automation, and incident management processes.

Working closely with Security Operations, Cyber Engineering, Threat Intelligence, and IT operations teams, the Senior Cyber Incident Response Analyst ensures that security incidents are detected, investigated, and contained rapidly while driving continuous improvements in monitoring coverage, response playbooks, and automation capabilities.

The role will also act as a technical escalation point for security operations and play a key role in strengthening cyber resilience through operational governance, incident testing, and detection engineering improvements.

Responsibilities:

• Lead and coordinate cyber incident response activities across internal teams, managed SOC providers, and technology stakeholders.
• Act as the senior technical escalation point for security operations and incident response investigations.
• Investigate complex security incidents including malware infections, account compromise, insider threats, and advanced attack activity.
• Coordinate containment, remediation, and recovery actions during cyber incidents.
• Improve security monitoring and response processes by refining detection logic, alert triage processes, and response playbooks.
• Partner with SOC, Threat Intelligence, and Vulnerability Management teams to strengthen detection coverage and threat visibility.
• Lead the development and maintenance of incident response playbooks and response procedures.
• Drive improvements in cyber defence capabilities through automation using SOAR and security tooling integrations.
• Analyse incident trends and root causes to identify security control gaps and recommend preventative improvements.
• Ensure accurate incident documentation, audit trails, and post-incident reviews including lessons learned and improvement actions.
• Participate in cyber incident simulations and response exercises to improve organisational readiness.
• Support service governance with managed SOC providers, ensuring service delivery meets defined SLAs and operational KPIs.

Experience:

• 10+ years of experience in cybersecurity or IT, with at least 6 years in Security Operations Centre (SOC) or Incident Response roles.
• Demonstrated experience leading or coordinating cyber incident investigations in enterprise environments.
• Hands-on experience performing digital forensics, threat investigation, and incident containment activities.
• Experience working within hybrid security operations models that include outsourced SOC providers or managed security services.
• Experience developing incident response processes, playbooks, and operational procedures.
• Experience improving detection engineering and response capabilities using SIEM, EDR, and security automation platforms.
• Experience analysing threat intelligence and attacker techniques to improve detection use cases.
• Relevant cybersecurity certifications such as GIAC, CISM, OSCP, CEH, or equivalent are desirable.

Technical Skills:

 

• Hands-on experience with modern cyber defence technologies including:• SIEM platforms (e.g., Splunk, Sentinel, or equivalent)
• Endpoint Detection and Response (e.g., CrowdStrike, Microsoft Defender)
• Security Orchestration and Automation (SOAR) platforms
• Threat intelligence platforms and monitoring tools

• Strong knowledge of incident response methodologies and cyber kill chain analysis.
• Experience analysing attacker techniques and mapping detections using frameworks such as MITRE ATT&CK.
• Experience developing detection use cases and improving alert fidelity.
• Familiarity with cyber incident management metrics such as:• Mean Time to Detect (MTTD)
• Mean Time to Respond (MTTR)
• Detection coverage and response effectiveness

• Understanding of digital forensics techniques including log analysis, endpoint investigation, and network event analysis.
• Ability to translate threat intelligence, incident learnings, and vulnerability insights into improvements in security controls and detection capabilities.
• Experience scripting or automating response workflows to improve security operations efficiency is advantageous.
• Familiarity with regulatory and compliance obligations related to incident reporting and evidence preservation (e.g., GDPR, NIS2) is beneficial.

Discover some of the global benefits that empower our people to become the best version of themselves:

• Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;   
• Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
• Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
• Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
• Health: Global internal wellbeing programme, access to wellbeing apps;
• Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.

At Endava, we’re committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply