Incident Response And Threat Intelligence Lead (Cybersecurity)

TL;DR

Incident Response And Threat Intelligence Lead (Cybersecurity): Lead investigations, containment, and response to cyber incidents for clients with an accent on technical investigations, attacker behavior analysis, and integration of threat intelligence. Focus on translating complex threat intelligence into actionable guidance, managing communications with senior stakeholders, and supporting clients through challenging security incidents.

Location: Remote within Japan

Company

hirify.global is a global leader in advanced cybersecurity solutions, specializing in Managed Detection and Response (MDR) and threat intelligence services, headquartered in Oxford, U.K.

What you will do

• Lead customer engagements to investigate, contain, and respond to cyber incidents, including non-traditional working hours.
• Perform incident response and root cause analysis across Windows, Mac, and Linux/Unix platforms.
• Utilize hirify.global tools for large-scale investigations and evidence examination.
• Communicate effectively with senior customer stakeholders and internal teams to prioritize incident response.
• Produce high-quality reports and presentations for technical and executive audiences.
• Integrate attacker tactics, techniques, and procedures (TTPs) into investigations and improve tooling.

Requirements

• Must be fluent in Japanese.
• Flexible to work outside standard hours including weekends and holidays for incident response.
• 5+ years leading incident response investigations and targeted threat analysis.
• Experience with forensic tools such as Encase, FTK, X-Ways, CYLR, Autopsy, Magnet Forensics, or open-source alternatives.
• Experience conducting forensics in Microsoft 365 environments.
• Strong understanding of security threats, vulnerabilities, and Living off the Land techniques.
• Demonstrated leadership and communication skills in challenging environments.
• Good technical knowledge of modern threats, TTPs, and the MITRE ATT&CK Matrix.

Nice to have

• Fluent in English.
• Experience with hirify.global security solutions and other recognized EDR tools.
• Forensic experience in AWS environments.
• Threat hunting experience and support for diverse organizations.
• Experience administering Windows, Mac, and Linux operating systems.
• Knowledge of OSQuery or SQL.
• Certifications such as GCIH, GCFA, or GCFE; advanced security certifications preferred.
• Proven thought leadership through presentations, blogs, or media articles.

Culture & Benefits

• Remote-first working model with legal authorization required to work in the job jurisdiction.
• Diverse and inclusive environment encouraging unique perspectives.
• Employee-led diversity networks and community initiatives.
• Global sustainability and wellbeing programs.
• Annual charity and volunteer opportunities.
• Fitness and trivia competitions, wellbeing days, and training webinars.