Cyber Incident Response Engineer

Responsibilities

• Continuously monitor OSINT, dark web, and threat feeds for emerging threats relevant to JLR.
• Analyse TTPs of threat actors with a focus on automotive, manufacturing, and connected vehicle sectors.
• Provide real‑time threat context and attribution during active incident investigations.
• Collaborate with CDOC, SOC and detection engineering teams to enrich alerts and improve detection capabilities.
• Produce high‑quality actionable intelligence reports tailored for both technical and executive leadership.
• Maintain threat profiles, dashboards, and intelligence repositories to support strategic decision making.
• Engage with industry peers, ISACs, and government bodies to share and receive threat intelligence.
• Support JLR’s participation in national and international cyber resilience initiatives.
• Leverage and maintain threat intelligence platforms such as MISP, OpenCTI and integrate with security tooling.
• Develop scripts and automation to streamline intelligence collection, enrichment and dissemination.

Required Skills

• Proven experience in a CTI, SOC, threat hunting, or cyber investigation role.
• Strong understanding of MITRE ATT&CK, NIST CSF, cyber kill chain, and threat modeling methodologies.
• Hands‑on experience with threat intelligence platforms, SIEMs, and data enrichment tools.
• Deep knowledge of IT infrastructure, with familiarity in OT and IoT environments, including SCADA/ICS and connected devices.
• Strong analytical and investigative mindset with the ability to connect disparate data points into meaningful intelligence.
• Excellent communication and presentation skills, capable of translating complex threats into business‑relevant insights.
• Certifications such as SANS/GIAC, CompTIA CySA+, or equivalent.
• Experience in automotive or manufacturing environments.
• Knowledge of geopolitical and supply‑chain risks affecting cyber posture.

Nice‑to‑Have Skills

• Proven experience in a CTI, SOC, threat hunting, or cyber investigation role.
• Strong understanding of MITRE ATT&CK, NIST CSF, cyber kill chain, and threat modeling methodologies.
• Hands‑on experience with threat intelligence platforms, SIEMs, and data enrichment tools.
• Deep knowledge of IT infrastructure, with familiarity in OT and IoT environments, including SCADA/ICS and connected devices.
• Strong analytical and investigative mindset with the ability to connect disparate data points into meaningful intelligence.
• Excellent communication and presentation skills, capable of translating complex threats into business‑relevant insights.
• Certifications such as SANS/GIAC, CompTIA CySA+, or equivalent.
• Experience in automotive or manufacturing environments.
• Knowledge of geopolitical and supply‑chain risks affecting cyber posture.

#J-18808-Ljbffr…