Telenor Cyberdefence AS is a wholly owned, newly started Nordic cyber security company in the Telenor Group. Telenor Cyberdefence AS' ambition is to become a leading MSSP (Managed Security Services Provider) in the Nordic market, among other things by using Telenor's unique access to threat intelligence to support our services. In addition to delivering modern managed security services, Telenor Cyberdefence AS will also offer specialist expertise through consultancy services and testing of infrastructure / applications with our Offensive Security team.
Join our growing IR Team at Telenor Cyberdefence as a Senior Incident Response Handler
At Telenor Cyberdefence, our strength lays not just in our technology, but in the people who lead the response when cyber threats strike. We are now looking to strengthen our Incident Response capability with a Senior Incident Response Handler – someone who thrives in high-pressure situations, is technically sharp, and cares deeply about quality, collaboration, and customer trust.
You will be joining a dedicated IR team embedded in one of Norway’s most specialized security environments for cloud-based security services. While your focus will be on Incident Response, you’ll work closely with our 24/7 SOC, Detection and Threat Intelligence teams to deliver high-quality response services to a wide range of customers across critical sectors.
This role is ideal for someone who wants to take a lead in investigations, coordinate response efforts, contribute to detection quality, and mentor others – and who’s not afraid to roll up their sleeves during complex cases or high-stake incidents.
Key Responsibilities
Lead or support incident response investigations involving advanced threats, including malware, ransomware, insider activity, and cloud compromise
Analyze complex cases escalated from Tier 1/2 analysts, perform root cause analysis, and deliver actionable recommendations
Participate in 24/7 on-call rotation and provide leadership during high-priority cases requiring urgent containment and coordination
Interface directly with customers during active incidents and proactive engagements, serving as a trusted IR lead
Contribute to development of IR playbooks, response procedures, threat actor tracking, and forensic readiness
Mentor and support junior analysts, conduct quality assurance on escalated cases, and foster a strong security culture
Bridge IR and SOC by collaborating on detection tuning, telemetry validation, and post-incident feedback
Take ownership of specific projects or internal initiatives related to IR capability development
We believe you bring the following:
Solid experience from Security Operations, Incident Response, or similar field roles (typically 3–5+ years)
Deep understanding of attacker techniques, IR methodology, and modern threat landscapes
Strong investigation skills across endpoints, networks, logs, and identity systems
Experience with or interest in Microsoft Defender XDR, Microsoft Sentinel, and forensic/SOAR tooling
Proven ability to work in customer-facing scenarios with clarity, professionalism, and composure
Good documentation habits and structured approach to coordination and reporting
Experience guiding others, building team competence, or driving internal improvement work
Sustaining relevant certifications (e.g. GCIH, GCFA, SC-200, AZ-500, BTL2) - but equivalent experience is just as valuable
We offer:
A visible, strategic role in a high-growth security company focused on protecting critical Nordic infrastructure and enterprises
The opportunity to shape and strengthen our national-level IR capability together with highly skilled colleagues
A professional environment where learning, collaboration, and ownership are valued
Flexibility to evolve the role based on your strengths – whether that’s technical depth, leadership, or customer strategy
Opportunities for growth, certifications, and participation in community and industry initiatives
Competitive compensation and a modern office at Telenor Fornebu or Grimstad
At Telenor Cyberdefence, we place strong emphasis on purpose, psychological safety, and continuous learning.
If you’re passionate about helping customers when it matters most — and want to grow your impact in a trusted team — we’d love to hear from you. We evaluate applications continuously.