Senior Detect & Respond Analyst

About the Role

As organizations expand their digital and operational technology (OT) environments, the cyber-attack surface grows rapidly. High-profile incidents across industries demonstrate that cyber threats are real, sophisticated, and persistent — impacting business continuity, data integrity, and brand reputation.

To stay resilient, our Detect & Respond team plays a critical role in identifying intrusions, uncovering vulnerabilities, and responding to cyber incidents across both IT and OT landscapes. We are strengthening our global detection and incident response capabilities, and we are now looking for a Senior Detect & Respond Analyst to help elevate our cyber defense posture.

What You’ll Be Doing

Your role is ideal for someone who thrives in high-pressure environments, enjoys deep technical investigation, and wants to contribute to protecting critical infrastructure.

As a Senior Detect & Respond Analyst, you will:

• Execute end-to-end Detect & Incident Response processes — from initial detection through containment, eradication, and post-incident review
• Identify, triage, and respond to real-time cyber intrusions across IT and OT environments
• Lead detailed investigations to minimize business impact and uncover root causes
• Collaborate with security engineering, automation, threat intelligence, and other cyber capabilities to continuously enhance detection and response
• Analyze and correlate security events using industry-leading SIEM, EDR, and network monitoring technologies (e.g., SIEM platforms, endpoint protection, IDS/IPS, network telemetry)
• Monitor the performance and effectiveness of deployed security controls
• Report vulnerabilities and drive corrective actions with stakeholders
• Conduct forensic analysis, threat hunting, and advanced investigations
• Develop and refine playbooks, standard operating procedures, and detection logic
• Provide clear communication of incident impact and remediation progress to technical and executive stakeholders
• Support wargame exercises, tabletop simulations, and continuous improvement initiatives
• Participate in a rotating on-call schedule to support 24/7 operations during critical incidents

What You Bring

We’re looking for someone with:

• A bachelor’s degree (Master’s preferred) in Computer Science, Cybersecurity, or a related field. Certifications such as SANS, GCIH, GCIA, GCFA are a plus
• Extensive experience in Cyber Detect & Respond, SOC operations, cybersecurity investigations, or network operations
• Strong preference for OT SOC experience — including monitoring and responding to threats in industrial control systems (ICS), SCADA, and critical infrastructure environments
• A solid background in one or more technical security domains, such as:
  • Ethical hacking / penetration testing
  • Red teaming / adversary simulation
  • Digital forensics
  • Threat hunting
  • Network security engineering
• Strong analytical and problem-solving skills, with the ability to examine complex data sets and identify patterns, anomalies, and attack indicators
• Hands-on experience with SIEM, EDR, IDS/IPS, firewalls, proxies, and network monitoring technologies
• Understanding of the current threat landscape, attacker TTPs, malware behavior, and incident response practices
• Familiarity with cloud platforms (AWS, Azure), scripting (PowerShell, Python, Bash), and system internals (Windows/Linux)
• Ability to work under pressure, manage multiple investigations, and coordinate effectively across teams
• Willingness to support after-hours and on-call responsibilities during high-priority incidents

What We Offer

You bring your skills and experience to Shell and in return you work with talented, committed people on one of the most important challenges facing our planet. You’ll have the opportunity to develop the skills you need to grow in an environment where we value honesty, integrity, and respect for one another.

You’ll be able to balance your priorities as you become the best version of yourself.

• Progress as a person as we work on the energy transition together
• Continuously grow the transferable skills you need to get ahead
• Work at the forefront of technology, trends, and practices
• Collaborate with experienced colleagues with unique expertise
• Achieve your balance in a value-led culture that encourages you to be the best version of yourself
• Benefit from flexible working hours, and the possibility of remote/mobile working
• Perform at your best with a competitive starting salary and annual performance related salary increase – our pay and benefits packages are considered to be among the best in the world
• Take advantage of paid parental leave, including for non-birthing parents
• Join an organisation working to become one of the most diverse and inclusive in the world. We strongly encourage applicants of all genders, ages, ethnicities, cultures, abilities, sexual orientation, and life experiences to apply
• Grow as you progress through diverse career opportunities in national and international teams
• Gain access to a wide range of training and development programmes

Note: As part of your application, please submit a motivation letter along with your resume. The motivation letter should outline your reasons for applying to this position and how your skills and experiences align with the job requirements. This will help us better understand your interest in the role and your suitability for the position.

We'd like you to know that Shell has a bold goal: to become one of the world’s most diverse and inclusive companies. You can get to know more about how we're working towards that goal, click here.

Key skills/competency

• Cyber Detect & Respond
• Incident Response
• OT Security
• SIEM Platforms
• EDR Technologies
• Network Monitoring
• Digital Forensics
• Threat Hunting
• Scripting (PowerShell, Python)
• Cloud Security (AWS, Azure)