Saved jobs
Bookmark icon

Back to jobs

Cyber Incident Response Engineer

Cyber Incident Response Engineer

Apply
Apply

Share

successfully icon

Successfully

The vacancy has been successfully added to favorites

location icon

Remote United Kingdom, United Kingdom of Great Britain and Northern Ireland

specialization icon

Cybersecurity

lob icon

Automotive Industry

date icon

23/02/2026

Req. VR-120557

Apply
Project description

Continuously monitor open-source intelligence (OSINT), dark web, and threat feeds for emerging threats relevant to JLR. Analyse TTPs (Tactics, Techniques, and Procedures) of threat actors with a focus on those targeting the automotive, manufacturing, and connected vehicle sectors. Provide real-time threat context and attribution during active incident investigations. Collaborate with CDOC, SOC and detection engineering teams to enrich alerts and improve detection capabilities. Produce high quality, actionable intelligence reports tailored for both technical and executive leadership/ Maintain threat profiles, dashboards and intelligence repositories to support strategic decision making. Engage with industry peers, ISACs, and government bodies to share and receive threat intelligence. Support JLR's participation in national and international cyber resilience initiatives. Leverage and maintain threat intelligence platforms such as MISP, OpenCTI, and integrate with security tooling. Develop scripts and automation to streamline intelligence collection, enrichment and dissemination.

Responsibilities
bullet icon

Continuously monitor open-source intelligence (OSINT), dark web, and threat feeds for emerging threats relevant to JLR. Analyse TTPs (Tactics, Techniques, and Procedures) of threat actors with a focus on those targeting the automotive, manufacturing, and connected vehicle sectors. Provide real-time threat context and attribution during active incident investigations. Collaborate with CDOC, SOC and detection engineering teams to enrich alerts and improve detection capabilities. Produce high quality, actionable intelligence reports tailored for both technical and executive leadership/ Maintain threat profiles, dashboards and intelligence repositories to support strategic decision making. Engage with industry peers, ISACs, and government bodies to share and receive threat intelligence. Support JLR's participation in national and international cyber resilience initiatives. Leverage and maintain threat intelligence platforms such as MISP, OpenCTI, and integrate with security tooling. Develop scripts and automation to streamline intelligence collection, enrichment and dissemination.

Skills

Must have

bullet icon

Proven experience in a CTI, SOC, threat hunting, or cyber investigation's role. Strong understanding of MITRE ATT&CK, NIST CSF, cyber kill chain, and threat modeling methodologies. Hands-on experience with threat intelligence platforms, SIEMs, and data enrichment tools. Deep knowledge of IT infrastructure, with working familiarity in OT and IoT environments, including ICS/SCADA systems and connected devices. Strong analytical and investigative mindset with the ability to connect disparate data points into meaningful intelligence. Excellent communication and presentation skills, capable of translating complex threats into business-relevant insights

bullet icon

SANS/GIAC, CompTIA CySA+, or similar certifications.

bullet icon

Experience in automotive or manufacturing environments.

bullet icon

Knowledge of geopolitical and supply chain risks affecting cyber posture.

Nice to have

bullet icon

Proven experience in a CTI, SOC, threat hunting, or cyber investigation's role. Strong understanding of MITRE ATT&CK, NIST CSF, cyber kill chain, and threat modeling methodologies. Hands-on experience with threat intelligence platforms, SIEMs, and data enrichment tools. Deep knowledge of IT infrastructure, with working familiarity in OT and IoT environments, including ICS/SCADA systems and connected devices. Strong analytical and investigative mindset with the ability to connect disparate data points into meaningful intelligence. Excellent communication and presentation skills, capable of translating complex threats into business-relevant insights

bullet icon

SANS/GIAC, CompTIA CySA+, or similar certifications.

bullet icon

Experience in automotive or manufacturing environments.

bullet icon

Knowledge of geopolitical and supply chain risks affecting cyber posture.

Other
seniority icon

Languages

English: C1 Advanced

seniority icon

Seniority

Regular

Related jobs
View all vacancies
Cyber Hygiene Specialist

Cybersecurity

location pin icon

Romania

location pin icon

Bucharest

Cyber BA

Cybersecurity

location pin icon

United Kingdom of Great Britain and Northern Ireland

location pin icon

London

Automotive Cybersecurity SW Development Engineer

Cybersecurity

location pin icon

Sweden

location pin icon

Goeteborg

Remote United Kingdom, United Kingdom of Great Britain and Northern Ireland

Req. VR-120557

Cybersecurity

Automotive Industry

23/02/2026

Req. VR-120557

Apply for Cyber Incident Response Engineer in Remote United Kingdom

*Indicates a required field

Under the terms of your specific consent or to perform our obligations under a contract with you, as applicable, we, Luxoft Holding Inc. will manually and electronically process your personal data, specifically your first name, last name, phone number, e-mail address and other data you provide us through this form.


Within this context, we process personal data only for the specific purpose(s) indicated in the individual consent language or other notices provided below.


We will – insofar as reasonably necessary for the purpose you have agreed to and within the scope of applicable laws – transfer your personal data to other entities within the Luxoft Group and to the group of third party recipients listed in our Privacy Notice. Such Recipients can be located outside the European Union (EU) and/or the European Economic Area (EEA) (“Third Countries”). The Third Countries concerned, e.g. the USA, may not have the level of data protection that you enjoy e.g. under the GDPR. This can result in disadvantages such as an impeded enforcement of data subjects’ rights, a lack of control over further processing and access by state authorities. You may only have limited legal remedies against this. Insofar our transfer of your personal data to recipients in Third Countries is not covered by an adequacy decision of the EU Commission, we achieve an adequate level of data protection as further detailed out in our Privacy Notice.


With your consent, we personalise marketing communications to you by way of carrying out marketing research analysis, analysing the surfing-behaviour of our website visitors and to adjust it to their detected tendencies, as well as to plan more efficient future marketing activities. This personalised marketing does not include any automated decision-making activities.


Further information on how we process personal data in general is available in our Privacy Notice. You may withdraw any given consent at any time. The withdrawal of your consent(s) will not affect the lawfulness of processing before its withdrawal. For any request in this context, please e-mail us at: DPO@luxoft.com.


Before uploading CV or any other information to this website, to learn more about your obligations and restrictions arising from the use of this website, please read our Terms of Use.

Related Jobs

All jobs