Skip to main content
Posted 20 June, 2026

Senior Security Incident Responder

WPP
Chennai Full Time
Reference: 102_701267_8589510002

Why we're hiring:

The Senior Security Incident Responder is a lead technical authority for incident response execution, responsible for handling the most complex, high-impact, and business-critical security incidents across WPP. The role does not have line management responsibility; people management remains with the Security Incident Management Lead.

What you'll be doing:

KEY RESPONSIBILITIES

  1. Advanced Incident Detection, Analysis & Response

- Lead investigations for high-severity and complex security incidents.

- Perform deep technical analysis using SIEM, SOAR, EDR/XDR, identity, email, and cloud telemetry.

- Execute and oversee containment, eradication, and recovery actions.

- Act as technical incident commander when delegated.

  1. Escalation Handling & Stakeholder Coordination

- Serve as the primary escalation point for complex incidents.

- Coordinate with Legal, Privacy, Risk, Technology Operations, and agency teams.

- Provide clear technical updates to senior stakeholders.

  1. Forensics, Evidence Handling & Assurance

- Lead forensic evidence collection, preservation, and analysis.

- Ensure documentation and artefacts are audit-ready.

- Support external forensic or law-enforcement engagement when required.

  1. Quality Assurance, Playbook Maturity & Continuous Improvement

- Review incident handling quality and identify process or tooling gaps.

- Improve incident response playbooks and SOPs.

- Lead or support post-incident reviews and ensure actions are tracked.

  1. Technical Leadership & Capability Uplift

- Mentor Security Incident Responders without line management responsibility.

- Partner with Detection Engineering, Threat Intelligence, Automation, and VM teams.

- Identify opportunities for automation and response optimisation.

What you'll need:

Essential:

- Extensive hands-on experience responding to enterprise-scale security incidents.

- Deep technical expertise across SIEM, SOAR, EDR/XDR, identity, email, and cloud platforms.

- Strong forensic, investigation, and root cause analysis skills.

- Ability to operate calmly under pressure and communicate clearly.

Desirable:

- Experience acting as incident commander or senior escalation point.

- Familiarity with MITRE ATT&CK and threat-led response.

- Relevant certifications (GCIH, GCFA, GCED, CISSP).

Who you are:

You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.

You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.

What we'll give you:

Passionate, inspired people - We aim to create a culture in which people can do extraordinary work.

Scale and opportunity - We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.

Challenging and stimulating work - Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?

Apply to this Job

Sign up for Job Alerts

By clicking Create Alert, you agree to the Global Terms of Use Agreement and acknowledge that you have read and understand the Global Privacy Policy.