Back to search

Senior Manager Incident Response & Threat Hunting

Gdańsk Permanent PLN38.000 - PLN43.000 per month (PLN456.000 - PLN516.000 per year) View Job Description
This is a highly hands-on leadership position that combines technical expertise, incident command, threat hunting, and people leadership. You will serve as the lead incident commander during major cyber incidents, drive a proactive threat hunting program, and provide leadership and mentorship to a small team of security professionals.

Added 11/06/2026

  • Contract of employment
  • Hybrid work from Gdańsk (3/4 days per week from the office)

About Our Client

We are partnering with a global organization undergoing significant growth and transformation across its cybersecurity operations.

Job Description

What You'll Be Doing:Incident Response Leadership

  • Act as Incident Commander for cyber security incidents, coordinating technical response efforts from identification through recovery.
  • Lead incident bridges and drive collaboration across security, IT, legal, privacy, HR, and executive stakeholders.
  • Make critical containment and remediation decisions during active security events.
  • Deliver clear executive-level communications and situation reports.
  • Conduct post-incident reviews and drive continuous improvement initiatives.
  • Perform and oversee forensic investigations across endpoints, cloud platforms, and email systems.



Team Leadership

  • Lead, mentor, and support a small team of Incident Response and Threat Hunting professionals.
  • Provide technical guidance, coaching, and career development support.
  • Foster a collaborative, high-performance culture focused on operational excellence and continuous improvement.
  • Help prioritize workloads, coordinate response activities, and ensure team readiness for emerging threats.



Threat Hunting

  • Lead proactive, hypothesis-driven threat hunting activities across enterprise environments.
  • Develop hunting methodologies based on threat intelligence and adversary tradecraft.
  • Analyze telemetry from endpoint, identity, cloud, and SIEM platforms.
  • Identify detection gaps and improve visibility across the environment.
  • Convert hunt findings into scalable detection rules and operational procedures.
  • Map hunting coverage against MITRE ATT&CK and emerging threat trends.



Detection & Security Engineering Support

  • Partner with security engineering and platform teams to enhance detection capabilities.
  • Contribute to tuning and optimization of security controls and monitoring solutions.
  • Help strengthen incident response readiness through playbooks, tabletop exercises, and process improvements.
  • Support regulatory and compliance requirements related to incident response and evidence preservation.



The Successful Applicant

What We're Looking ForRequired Experience

  • 10+ years of experience in cybersecurity or information security.
  • 4+ years leading cyber incident response activities.
  • 2+ years of hands-on threat hunting experience.
  • Proven experience acting as Incident Commander during high-severity cyber incidents.
  • Previous experience leading, mentoring, or managing security professionals.
  • Strong background in digital forensics, incident response, and threat detection.



Technical Expertise

  • Microsoft Defender XDR ecosystem.
  • Microsoft Defender for Endpoint.
  • Microsoft Entra ID.
  • Cloud security across Azure, AWS, and/or GCP.
  • SIEM platforms such as Google SecOps (Chronicle), Microsoft Sentinel, Splunk, or equivalent.
  • Endpoint security technologies including SentinelOne or similar solutions.
  • Email security platforms and investigation techniques.
  • Advanced KQL skills.
  • Experience with Sigma, YARA, SPL, or equivalent detection languages.
  • Scripting proficiency in PowerShell and Python.
  • Strong Windows, Linux, and cloud investigation capabilities.



Leadership & Communication

  • Exceptional decision-making under pressure.
  • Ability to communicate effectively with both technical teams and executive stakeholders.
  • Strong facilitation and stakeholder management skills.
  • Experience leading small technical teams while remaining deeply hands-on in day-to-day security operations.



Preferred Certifications

  • GCIH
  • GCFA
  • GCFR
  • GCTI
  • GCTD
  • GNFA
  • Microsoft SC-200
  • CISM



What's on Offer

  • Competitive salary ranging from 38 000 to 43 000 PLN gross monthly,
  • 15% annual bonus,
  • Comprehensive Luxmed medical care for you and your family,
  • Life insurance,
  • Access to a benefits platform offering a variety of perks and discounts.

If you are ready to take the next step in your career as a Senior Manager Incident Response & Threat Hunting and contribute to a leading organisation in Gdańsk, we encourage you to apply today.

Contact
Dominik Lach
Quote job ref
JN-062026-7037888

Job summary

Sector
Information Technology
Sub Sector
Security
Industry
Technology & Telecoms
Location
Gdańsk
Typ umowy
Permanent
Consultant name
Dominik Lach
Job Reference
JN-062026-7037888