Senior Manager Incident Response & Threat Hunting

Employer requirements

• 10+ years of experience in cybersecurity or information security.
• 4+ years leading cyber incident response activities.
• 2+ years of hands-on threat hunting experience.
• Proven experience acting as Incident Commander during high-severity cyber incidents.
• Previous experience leading, mentoring, or managing security professionals.
• Strong background in digital forensics, incident response, and threat detection.
• Technical Expertise
• Microsoft Defender XDR ecosystem.
• Microsoft Defender for Endpoint.
• Microsoft Entra ID.
• Cloud security across Azure, AWS, and/or GCP.
• SIEM platforms such as Google SecOps (Chronicle), Microsoft Sentinel, Splunk, or equivalent.
• Endpoint security technologies including SentinelOne or similar solutions.
• Email security platforms and investigation techniques.
• Advanced KQL skills.
• Experience with Sigma, YARA, SPL, or equivalent detection languages.
• Scripting proficiency in PowerShell and Python.
• Strong Windows, Linux, and cloud investigation capabilities.
• Leadership & Communication
• Exceptional decision-making under pressure.
• Ability to communicate effectively with both technical teams and executive stakeholders.
• Strong facilitation and stakeholder management skills.
• Experience leading small technical teams while remaining deeply hands-on in day-to-day security operations.

Optional

• Preferred Certifications:
• GCIH
• GCFA
• GCFR
• GCTI
• GCTD
• GNFA
• Microsoft SC-200
• CISM

Your responsibilities

• Incident Response Leadership
• Act as Incident Commander for cyber security incidents, coordinating technical response efforts from identification through recovery.
• Lead incident bridges and drive collaboration across security, IT, legal, privacy, HR, and executive stakeholders.
• Make critical containment and remediation decisions during active security events.
• Deliver clear executive-level communications and situation reports.
• Conduct post-incident reviews and drive continuous improvement initiatives.
• Perform and oversee forensic investigations across endpoints, cloud platforms, and email systems.
• Team Leadership
• Lead, mentor, and support a small team of Incident Response and Threat Hunting professionals.
• Provide technical guidance, coaching, and career development support.
• Foster a collaborative, high-performance culture focused on operational excellence and continuous improvement.
• Help prioritize workloads, coordinate response activities, and ensure team readiness for emerging threats.
• Threat Hunting
• Lead proactive, hypothesis-driven threat hunting activities across enterprise environments.
• Develop hunting methodologies based on threat intelligence and adversary tradecraft.
• Analyze telemetry from endpoint, identity, cloud, and SIEM platforms.
• Identify detection gaps and improve visibility across the environment.
• Convert hunt findings into scalable detection rules and operational procedures.
• Map hunting coverage against MITRE ATT&CK and emerging threat trends.
• Detection & Security Engineering Support
• Partner with security engineering and platform teams to enhance detection capabilities.
• Contribute to tuning and optimization of security controls and monitoring solutions.
• Help strengthen incident response readiness through playbooks, tabletop exercises, and process improvements.
• Support regulatory and compliance requirements related to incident response and evidence preservation.

What employer offers

• Competitive salary ranging from 38 000 to 43 000 PLN gross monthly,
• 15% annual bonus,
• Comprehensive Luxmed medical care for you and your family,
• Life insurance,
• Access to a benefits platform offering a variety of perks and discounts.
• If you are ready to take the next step in your career as a Senior Manager Incident Response & Threat Hunting and contribute to a leading organisation in Gdańsk, we encourage you to apply today.

Recruitment for