PayPal Sr Analyst Incident Response 

France, Occitania, Toulouse 

248268084

This role is responsible for orchestrating and executing all phases of the cybersecurity incident response lifecycle. You will lead high-impact investigations, coordinate multifaceted response efforts, and collaborate with interdisciplinary teams to contain and remediate security incidents. Drawing on hands-on experience, you will also guide process improvements and provide mentorship to junior analysts.

Essential Responsibilities:

• Independently apply security best practices to enhance and optimize cyber threat management, ensuring robust protection and efficiency, while beginning to understand and align security measures with business objectives.
• Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture and cyber threat management.
• Analyze and resolve security challenges by adapting standard cyber threat management processes and exploring alternative approaches to address complex threats.
• Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams.
• Collaborate with key partners to gather and incorporate feedback, driving continuous improvements in cyber threat management.

Minimum Qualifications:

• Minimum of 5 years of relevant work experience and a Bachelor's degree or equivalent experience.

KEY RESPONSIBILITIES

• Serve as the primary Incident Response lead on significant cybersecurity incidents, coordinating all aspects from detection to resolution.

• Conduct technical investigations, leveraging advanced security tools, log analysis, threat intelligence, and forensics to identify root causes and potential impacts.

• Advise on and refine incident response protocols, playbooks, and standard operating procedures to streamline detection, containment, and remediation efforts.

• Collaborate with cross-functional teamsincluding infrastructure, applications, and risk managementto ensure escalations and communications are handled promptly and effectively.

• Drive proactive threat hunting initiatives to detect malicious activity and prevent potential incidents.

• Work directly with external stakeholders (such as third-party providers and consulting partners) to enhance the organization’s overall cybersecurity posture.

• Provide expertise and leadership in after-action reviews, collaborating on lessons learned and integrating new insights back into operational and strategic plans.

• Mentor and support junior team members, sharing knowledge on emerging threats, new security technologies, and investigation tactics.

DAY TO DAY RESPONSIBILITIES

• Coordinate Incident Detection and Triage

• Serve as the Incident Commander for Cybersecurity Events

• Conduct Technical Investigations and Analysis

• Facilitate Crisis-Level Escalations

• Orchestrate Containment and Eradication Efforts

• Drive Communication with Stakeholders and External Partners

• Oversee Recovery Activities and Post-Incident Closure

• Compile Evidence, Documentation, and Reports

• Lead After-Action Reviews and Root Cause Analysis

• Mentor and Guide Junior Analysts

QUALIFICATIONS & EXPERIENCE

• Proven track record of leadership in cybersecurity incident response, ideally gained as a lead in a SOC environment or as an incident manager/commander at a specialized security consulting firm.

• Solid understanding of incident handling techniques, digital forensics, threat intelligence, and the end-to-end incident response lifecycle.

• Proficiency with SIEM, EDR, threat intelligence platforms, forensic tools, and other security technologies to investigate security alerts.

• Experience interfacing with executive leadership and non-technical stakeholders, communicating complex security concerns in a clear and concise manner.

• Demonstrated ability to perform deep-dive investigations under pressure, maintaining accuracy and thoroughness during high-stake incidents.

• Familiarity with industry standards and best practices, with agility to map concepts across multiple cybersecurity disciplines.

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). Professional certifications (e.g., GCIH, GCFA, CISSP) are a plus.

Travel Percent:

The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit .

The US national annual pay range for this role is $111,500 to $191,950

Our Benefits:

Any general requests for consideration of your skills, please