Cyber Incident Response Lead

Job Category: Information Technology (IT)
Job Type: Full Time
Job Location: England
Company Name: Experian

 Company Overview

Experian is a global leader in data and technology, dedicated to creating opportunities for individuals and businesses worldwide. We leverage our unique blend of data, analytics, and software to transform industries—redefining lending practices, preventing fraud, streamlining healthcare, enhancing digital marketing, and providing deep insights into the automotive sector. Additionally, we empower millions of people to achieve their financial goals while helping them save time and money.

Our expertise spans a wide range of industries, including financial services, healthcare, automotive, agrifinance, insurance, and many more. We continuously invest in talented professionals and cutting-edge technologies to harness the power of data and drive innovation.

As a FTSE 100 company listed on the London Stock Exchange (EXPN), Experian operates in 32 countries with a team of 22,500 professionals. Our corporate headquarters are located in Dublin, Ireland.

About the Job

Company Overview

Experian is a global leader in data and technology, empowering individuals and businesses worldwide. We revolutionize lending practices, fraud prevention, healthcare management, digital marketing, and automotive insights by leveraging our unique combination of data, analytics, and software. Additionally, we help millions of people achieve their financial goals while saving time and money.

As a FTSE 100 company listed on the London Stock Exchange (EXPN), Experian operates in 32 countries with a team of 22,500 professionals. Our corporate headquarters are in Dublin, Ireland.

Find out what it’s like to work at Experian.

Job Description

As part of Experian’s Global Security Office (EGSO) / Cyber Fusion Center (CFC), you will play a key role in detecting, investigating, and mitigating security threats. Your primary responsibility will be to analyze, contain, escalate, and coordinate responses to cybersecurity incidents following Experian’s Incident Response Plan. You will work within a specialized team handling complex security escalations and ensuring effective response strategies.

Security threats may include phishing, malware, network attacks, and suspicious activities. You will collaborate with end-users, partners, technical support teams, and management to remediate and recover from these threats. By utilizing endpoint analytics, logging data, and various cybersecurity tools, you will contain, eradicate, and prevent future threats while ensuring business continuity.

This role follows a Monday–Friday schedule, with an expectation to participate in an on-call rotation or respond to incidents outside of regular hours as needed. You will report to the CFC Senior Director of Incident Management and Security Operations.

Key Responsibilities

  • Lead advanced incident response activities for complex cybersecurity incidents.
  • Collaborate with Forensics and Cyber Threat Hunt teams to analyze attack timelines and coordinate remediation.
  • Respond to security threats, intrusions, and breaches per service level objectives (SLOs).
  • Manage multiple security incident cases throughout the incident response lifecycle (Analysis, Containment, Eradication, Recovery, and Lessons Learned).
  • Maintain detailed documentation of security incidents, analysis findings, and mitigation steps.
  • Analyze system logs, firewalls, proxies, web servers, and packet captures to determine incident cause and response strategy.
  • Provide advanced support to security analysts, mentor team members, and guide tool usage.

Qualifications & Skills

Required:

  • Strong understanding of network protocols (TCP/IP, UDP, ICMP), standard communication protocols (HTTP/S, DNS, SSH, SMTP, SMB), networking infrastructure, and security technologies (WAF, IPS, Firewalls, VPN).
  • Hands-on experience with SIEM solutions (Splunk), full packet capture tools, and network analysis tools (Wireshark, SOF-ELK).
  • Knowledge of intrusion methods, cyber-attack tactics, techniques, and procedures (TTPs).
  • Proficiency in Incident Response & Security Monitoring applications such as SIEM (Splunk), EDR (FireEye HX, CrowdStrike Falcon, McAfee mVision EDR), WAF, and IPS.

Additional Benefits

  • Hybrid work environment – work from home or the office.
  • Competitive salary & discretionary bonus plan.
  • Comprehensive benefits package, including pension, Bupa healthcare, and sharesave scheme.
  • Annual leave: 25 days + 8 bank holidays + 3 volunteering days (option to purchase additional leave).

Diversity & Inclusion at Experian

Experian is an Equal Opportunity and Affirmative Action employer. We celebrate diversity and believe that a varied workforce drives innovation and success. Regardless of gender, ethnicity, religion, disability, sexuality, or age, we welcome everyone to bring their authentic selves to work.

If you require accommodations for a disability or special need, please reach out to us at your earliest convenience.

APPLY

Apply for this position

Allowed Type(s): .pdf, .doc, .docx