Security Incident Manager – Senior Security Incident Responder
Liebherr Group
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Principal Consultant, Proactive Services
Palo Alto Networks
full-time
Posted on:
Origin: • 🇫🇷 France
Visit company websiteJob Level
Lead
Tech Stack
AWSAzureCloudCyber SecurityGoogle Cloud Platform
About the role
- Serve as Principal Consultant in Unit 42, delivering proactive cybersecurity consulting across Cloud Security, Security Operations (SOC), Cyber Risk Management and AI in cybersecurity
- Design and implement security operations programs, organisational structures, SIEM/SOAR integrations, and incident management processes for large multinational clients
- Perform cloud security advisement and risk assessments, support cloud migrations, and implement CASBs, CSPM, WAF, API security and related controls
- Conduct cyber risk, threat and control assessments, secure software development advisement, penetration testing coordination, and vulnerability assessments
- Conduct threat hunting and compromise assessments to identify indicators of compromise and unknown threats
- Recommend and implement improvements in asset visibility, detection capabilities, automation, case management, compliance enablement and regulatory requirements
- Manage and mentor consultant teams and build/strengthen client relationships
- Present findings and recommendations to executive stakeholders; maintain external presence via conferences and publications
- Collaborate with Unit 42 incident response, digital forensics, and broader Palo Alto Networks teams to deliver long‑term remediation and improved client security posture
- Travel to client sites as required to meet business demands
Requirements
- 6+ years of experience performing cyber security consulting in at least two of the following domains: SOC, Cloud Security, Cyber Risk Management
- 6+ years consulting experience in SOC, security engineering, SIEM administration, and incident management (Principal SOC Advisory)
- Deep technical knowledge in SIEM, SOAR, EDR/XDR, Next‑Gen Firewalls, Threat Intelligence and Hunting platforms
- Experience in security operations design, engineering, analysis and investigations, threat hunting, compromise assessments
- Relevant SOC certifications (e.g., GIAC Defensible Security Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP)
- 6+ years performing cloud security advisement and risk assessments; hands‑on experience with cloud providers (AWS, Azure, GCP)
- Experience with CASBs (MCAS, Netskope), WAF, SSO, API Security, Cloud Security Posture Management; scripting/CLI skills a plus
- Cloud security certifications (e.g., CCSP/CSCP suggested)
- Experience performing cyber threat & risk assessments, secure software development practices, penetration testing, vulnerability assessments (Cyber Risk Management)
- Knowledge of frameworks/standards: MITRE ATT&CK, D3FEND, OWASP, CIS, NIST CSF, CSA CCM, ISO 27001/2, PCI, CIS 18, CMMC
- Relevant industry certifications (e.g., CISSP, CISM, CISA); FAIR/Open certification and FAIR experience desirable
- Experience managing a team of consultants
- Demonstrated success serving large, multinational organisations
- Ability to travel as needed
- Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security OR equivalent years of professional or military experience
- External presence via public speaking, conferences, and/or publications; executive presence and gravitas
- Ability to learn PANW products and collaborate across functions including sales
Similar jobs on JobTailor
Director of Enterprise Security Trust – Certifications & Audit
Snowflake
AWSAzureCloudGoogle Cloud Platform
VP, Information Security Architecture
Synchrony
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Information Security Compliance Analyst
D2L
CloudCyber Security
Sr. Manager, Virtual Chief Information Security Officer, vCISO
Workstreet
AWSAzureCloudCyber SecurityGoogle Cloud PlatformKubernetesOpen SourceTerraform