Security Incident Responder

WPP is the trusted growth partner for the world’s leading brands. 

We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth. 
 
We have been building the world's most valuable brands for 50 years and have global reach across 100+ markets, with deep local expertise.
 
Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. 
 
For more information, visit WPP.com.
 

Why we're hiring:

The Security Incident Responder is responsible for detecting, analyzing, and responding to cybersecurity incidents in real time. This role ensures rapid containment, eradication, and recovery from security breaches while maintaining compliance and minimizing business impact. The responder will work closely with SOC analysts, engineering teams, and cross-functional stakeholders to execute incident response playbooks and continuously improve organizational resilience.

What you'll be doing:

 

Incident Detection & Analysis

• Monitor SIEM, SOAR, and EDR platforms for alerts and anomalies.
• Investigate and analyze security incidents to determine scope, impact, and root cause.
• Perform forensic analysis and evidence collection in line with legal and compliance standards.

Incident Response Execution

• Execute containment, eradication, and recovery steps as per incident response playbooks.
• Collaborate with IT, Legal, and Risk teams during major incidents.
• Document all actions taken during incident handling for compliance and audit purposes.

Continuous Improvement

• Participate in post-incident reviews and root cause analysis (RCA).
•  Recommend improvements to detection and response processes based on lessons learned.
• Assist in updating and maintaining incident response procedures and playbooks.

Strategic Alignment to GCAT SOC10x

• 10X People: Enhance team capability through knowledge sharing and training.
• 10X Process: Embed automation-first workflows for incident response.
• 10X Technology: Utilize AI/ML-driven analytics for rapid threat identification.
• 10X Visibility: Ensure telemetry coverage across hybrid environments.
• 10X Speed: Reduce MTTD and MTTR through orchestration and automation

 

What you'll need:

 

Technical Expertise

• Strong knowledge of SIEM, SOAR, EDR, and forensic tools.
• Familiarity with incident response frameworks (NIST, ISO27035).
• Proficiency in scripting and automation (Python, PowerShell).
• Understanding of MITRE ATT&CK and threat intelligence integration.

Collaboration & Communication

• Ability to work under pressure and manage multiple incidents simultaneously.
• Skilled in documenting incident details and communicating effectively with stakeholders.

Certifications (Preferred)

• · GIAC GCIH, GCFA, or equivalent advanced security certifications.

Key Attributes

· Calm and decisive under pressure.

· Strong analytical and problem-solving skills.

· Automation-first mindset with focus on scalability and resilience.

 

Who you are:

You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.

You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.

 

What we'll give you:

Passionate, inspired people – We aim to create a culture in which people can do extraordinary work.

Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.

Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?

 

We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process.

WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers.

Please read our Privacy Notice (https://www.wpp.com/en/careers/wpp-privacy-policy-for-recruitment) for more information on how we process the information you provide.