The HT Group

Our client is seeking a hybrid Incident Responder / Cybersecurity Analyst + Security Engineer to strengthen their security operations team. This role combines hands-on incident response with security engineering responsibilities, supporting both operational needs and long-term infrastructure improvements.

Key Responsibilities

• Respond to cybersecurity incidents and provide operational support
• Manage and scale ElasticSearch and Elastic Security environments
• Operate Splunk Enterprise Security (secondary to Elastic)
• Automate processes using Python (currently via low-code platform “Tines”)
• Manage Sentinel at scale
• Collaborate with the security team to maintain and improve operations

Ideal Candidate

• Hybrid experience: Incident Responder / Cybersecurity Analyst + Security Engineer
• Hands-on experience with ElasticSearch (management, scaling, virtualized/hosted environments)
• Proficient with Elastic Security
• Experience with Splunk Enterprise Security or another SIEM tool
• Python automation skills
• Experience with Sentinel at scale
• Certifications such as CISSP or SANS are a plus (not required)
• Flexible and adaptable; able to operate in a dynamic, fast-paced environment

#TECHIND