Data Breach Handler

As a Data Breach Handler, you will lead the response to high-criticality security incidents, acting across three key areas: strategic incident response, technical team coordination, and crisis management with the affected client. You will define investigation hypotheses, prioritize containment and recovery actions, and make decisions under uncertainty to minimize business impact. You will also coordinate DFIR analysts and collaborate closely with Red Team, Detection Engineering and Threat Intelligence teams to understand and anticipate attacker behavior. During major incidents, you will act as the main point of contact for the client, advising leadership and crisis committees on operational, legal and regulatory decisions, including notifications to authorities, insurer coordination and communication with relevant cybersecurity bodies. What you'll do

• Lead and coordinate high-criticality security incidents.
• Define investigation, containment and recovery strategies.
• Guide DFIR analysts during complex investigations.
• Work closely with Threat Intelligence, Detection Engineering and Red Team teams.
• Communicate clearly with clients, executive teams, legal teams, insurers and regulators.
• Prepare and supervise technical and executive incident reports.
• Support decision-making during crisis situations.

Hack in Hire is looking for a skilled Data Breach Handler in Bilbao to lead responses to high-criticality security incidents. The successful candidate will coordinate technical teams and manage crisis situations with clients, making critical decisions to minimize impact., * Minimum 1 year of experience in incident response.

• Minimum 3 years in cybersecurity or related roles.
• Experience with ransomware, identity compromise, or critical attacks.

Responsabilidades

• Lead and coordinate high-criticality security incidents.

• Define investigation and recovery strategies.

• Guide DFIR analysts during complex investigations., Experience in incident response Knowledge of attack vectors and TTPs Excellent communication skills in Spanish Leadership and coordination skills, * Minimum 1 year of experience in incident response, with exposure to real crisis situations.

• Minimum 3 years of experience in cybersecurity or related roles.

• Experience managing incidents such as ransomware, BEC, identity compromise or critical infrastructure attacks.

• Strong understanding of attack vectors, TTPs and MITRE ATT&CK.

• Functional knowledge of Windows/Active Directory, M365/Entra ID and cloud environments such as Azure or AWS.

• Good networking and communication protocol knowledge.

• Excellent communication skills in Spanish; strong English is a plus.

• Leadership, coordination and stakeholder management skills under pressure.

• DFIR, incident management or cybersecurity certifications such as GCIH, GCFA, CISM, CISSP, ECIH or similar will be valued.

Salary range: €34,000 - €38,000 gross/year On-call compensation Adaptable working hours Continuous training Career development plan, This role requires a minimum of 3 years in cybersecurity, with experience handling incidents like ransomware. You'll benefit from adaptability in working hours and a competitive salary package., * Salary range: €34,000 - €38,000 gross/year + variable compensation.

• Additional on-call compensation, including:

• Fixed weekly availability payment when on-call.
• Payment for hours worked when intervention is required.

• Remote work or office-based work in central Barcelona.
• Adaptable working hours and work-life balance support.
• Continuous internal and external training.
• Career development plan tailored to your interests and growth.
• Direct involvement in real high-impact incidents across different sectors.