Companies WPP Senior Security Incident Responder

About the role

WPP · Onsite

WPP is the trusted growth partner for the world’s leading brands. 

We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth. 
 
We have been building the world's most valuable brands for 50 years and have global reach across 100+ markets, with deep local expertise.
 
Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. 
 
For more information, visit WPP.com.
 

Why we're hiring:

The Senior Security Incident Responder is a lead technical authority for incident response execution, responsible for handling the most complex, high-impact, and business-critical security incidents across WPP. The role does not have line management responsibility; people management remains with the Security Incident Management Lead.

What you'll be doing:

KEY RESPONSIBILITIES

  1. Advanced Incident Detection, Analysis & Response

- Lead investigations for high-severity and complex security incidents.

- Perform deep technical analysis using SIEM, SOAR, EDR/XDR, identity, email, and cloud telemetry.

- Execute and oversee containment, eradication, and recovery actions.

- Act as technical incident commander when delegated.

  1. Escalation Handling & Stakeholder Coordination

- Serve as the primary escalation point for complex incidents.

- Coordinate with Legal, Privacy, Risk, Technology Operations, and agency teams.

- Provide clear technical updates to senior stakeholders.

  1. Forensics, Evidence Handling & Assurance

- Lead forensic evidence collection, preservation, and analysis.

- Ensure documentation and artefacts are audit-ready.

- Support external forensic or law-enforcement engagement when required.

  1. Quality Assurance, Playbook Maturity & Continuous Improvement

- Review incident handling quality and identify process or tooling gaps.

- Improve incident response playbooks and SOPs.

- Lead or support post-incident reviews and ensure actions are tracked.

  1. Technical Leadership & Capability Uplift

- Mentor Security Incident Responders without line management responsibility.

- Partner with Detection Engineering, Threat Intelligence, Automation, and VM teams.

- Identify opportunities for automation and response optimisation.

What you'll need:

Essential:

- Extensive hands-on experience responding to enterprise-scale security incidents.

- Deep technical expertise across SIEM, SOAR, EDR/XDR, identity, email, and cloud platforms.

- Strong forensic, investigation, and root cause analysis skills.

- Ability to operate calmly under pressure and communicate clearly.

Desirable:

- Experience acting as incident commander or senior escalation point.

- Familiarity with MITRE ATT&CK and threat-led response.

- Relevant certifications (GCIH, GCFA, GCED, CISSP).

Who you are:

You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.

You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.

 

What we'll give you:

Passionate, inspired people – We aim to create a culture in which people can do extraordinary work.

Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.

Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?

 

We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process.

WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers.

Please read our Privacy Notice (https://www.wpp.com/en/careers/wpp-privacy-policy-for-recruitment) for more information on how we process the information you provide.

Ready to apply to WPP?
Apply to WPP
Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free