Cyber Incident Handler

3Columns is a specialist cybersecurity firm that delivers a wide range of services, including security assurance, security governance, professional services, and managed services. Solutions include managed security services, offensive security services, cybersecurity consulting, and professional services to help customers deploy all the necessary controls. The core services delivered by the SOC are Managed Detection and Response and Incident Response.

About the Role :

3Columns is seeking a Cyber Incident Handler to join their team remotely. They will be responsible for working with the MDR team and leading escalated incidents, updating customers and stakeholders, and assisting the MDR team with investigations. Incident responders will work with SOC team, develop playbooks and update existing as required. The successful applicant will become integral to each client's cybersecurity strategy, developing strong relationships and becoming a trusted partner within each organisation.

Please Note : -

To save you time with rejections and save our time, if you do not have experience in Incident response, Stakeholder communication, investigation or Log analysis, you will be rejected. Candidates who will apply without any SOC experience just for the sake of applying will be blacklisted for the next 10 years.

Cyber Incident Handler -

• Work with MDR analysts on escalated Incidents.
• Understand the incident, generate possible scenarios and work with Digital Forensics and Level 1 and Level 2 analysts and assist them with the investigation
• Perform triage and validation of suspicious activity, determining urgency and potential impact.
• Execute containment, eradication, and recovery actions during active cybersecurity incidents.
• Assist with Digital forensic analysis on endpoints, cloud services, and network artifacts to determine root cause and scope.
• Lead incident investigations and collaborate with internal stakeholders to minimise business disruption.
• Provide technical guidance to junior analysts during escalations and complex cases.
• Develop incident timelines, collect evidence, and ensure proper chain of custody for investigations.
• Document incidents, lessons learned, and produce high-quality incident reports for leadership.
• Maintain and tune detection content, response playbooks, and automation workflows (SOAR / XDR / SIEM).
• Participate in proactive threat hunting activities based on emerging threat intelligence.
• Support ongoing improvement of SOC maturity, readiness exercises, and incident response processes.

Qualifications

Relevant Experience