Country: Ireland 
Req ID: 525808
Job Type: Full Time   
Workplace Type: Hybrid
Seniority Level: Associate 

About CRH
 
CRH is the leading provider of building materials critical to modernizing infrastructure. With our team of 83,000 people across 4,000 locations, our unmatched scale, connected portfolio, and deep local relationships make us the partner of choice for transportation, water, and reindustrialization projects, shaping communities for a better tomorrow. CRH (NYSE: CRH) is a member of the S&P 500 Index. For more information, visit www.crh.com.
 
Without you noticing our products, we are everywhere you live, work, and relax.
 
Our project portfolio includes some of the most sustainable and cutting-edge building projects around the world. Think of the asphalt on the Silverstone Grand Prix Circuit, the Paris Metro Rail project, but also the Louis Vuitton Museum in Paris, parts of the Burj Khalifa, and the Kennedy Space Centre.

Role Overview

We are seeking an experienced Senior Cybersecurity Incident Response Analyst to act as a key escalation point from the Security Operations Centers (SOC). In this role, you will lead the investigation, containment, and resolution of complex, high-impact security incidents, working closely with incident response leadership and cross-functional teams. You will provide clear, data-driven insights and communications to support timely decision-making.

Outside of incident response, you will strengthen security posture through threat hunting and detection engineering, leveraging lessons learned and threat intelligence to enhance SOC capabilities. This is a hands-on role suited to a technically strong professional with sound judgment and a collaborative approach in a global environment.

This role operates within a global function and requires flexibility for out-of-hours support. While work-life balance is supported, regular presence in a CRH office is expected, particularly for onboarding, sensitive activities, and team collaboration.

Key Responsibilities

Incident Response:

• Work with a team of responders, the incident response manager and cybersecurity leadership as needed and collaborate with infrastructure, IT, vulnerability, threat intelligence, and application security teams
• Serve as a point of contact to respond and investigate suspected and confirmed cybersecurity incidents, which may include off-hours or on a scheduled rotation
• Examine incidents that may be related to ransomware, host compromise, account compromise, phishing, anomalous user behavior, third parties and data leakage
• Collect and analyze information from multiple event sources and internal and external sources
• Document and communicate incident details from initial investigation through closure and post-mortem including to validate, document, prioritize, recommend and complete root cause analysis
• Support process improvement of monitoring and response metrics including mean time to respond, key performance indicators (KPIs), and service-level objectives (SLOs) for security events and incidents
• Liaise with security operations to improve monitoring and response workflows
• Perform incident analysis and trend reporting for host, network, identity, and third-party events
• Regularly participate in IR tabletop exercises designed to test, identify gaps, improve skills, enhance communication, and engage with key stakeholders
• Refine and maintain playbooks, policies, procedures, and guidelines to ensure they align with industry best practices
• Remain current with emerging threats and share knowledge with colleagues to improve incident response

Threat Hunting:

• Identify misconfigurations, vulnerabilities, missing, or improperly applied security controls
• Conduct research of current and emerging threats facing the business and industry sector to identify associated indicators of compromise, tactics, techniques, and procedures
• Review events to support threat hunting based on anomalies and possible true-positive incidents
• Review reports from tabletops, vulnerability, and penetration testing assessments to proactively identify weaknesses
• Actively hunt for exposures and identify incidents warranting action to disrupt and remediate threats
• Actively participate in threat hunting exercises to hone and strengthen skills across the team

Detection Engineering Activities:

• Build or modify scripts for detection engineering and threat hunting
• Take observables (e.g., IOCs, TTPs, etc.) and use these to create searches or detections for signs of observables on internal systems
• Proactively identify and define the lifetime value of observables / detections
• Test detections to identify and tune out false positives
• Provide detection logic to Security Engineering team for deployment to production
• Support Security Operations and Engineering efforts to refine detection logic as required
• Be familiar with prompting, AI agents, copilots and MCP solutions to analyze events across data sources
• Perform other duties as assigned

Education & Experience

• 5–8 years’ experience in cybersecurity, with a focus on incident response or SOC operations
• Proven experience leading major incident investigations and response
• Strong background in threat hunting and detection engineering
• Hands-on expertise with SIEM, EDR, IDS/IPS, and forensic tools
• Experience across cloud environments (AWS/Azure) and identity systems (AD/Azure AD)
• Relevant certifications (e.g., GCIH, GCFA, CISSP) desirable

What CRH Offers You

• A culture that values opportunity for growth, development, and internal promotion

• Highly competitive salary package

• Comprehensive secondary benefits

• Significant contribution to your pension plan

• Health and wellness programs, including an on-site gym and fitness classes

• Excellent opportunities to develop and progress with a global organization

Connect your future to CRH

We are curious to learn more about you. At CRH, we believe our mutual differences contribute to the healthy, productive, and enjoyable workspace we create. Please introduce yourself and send us your application. Following a positive review of your application, you will be invited to an introductory call with one of our Recruiters.

Is this role not for you, but do you know someone who would love to join the team? Please let us know!

CRH finds it important that vacancies are shared to individuals that may find them interesting and/or could be suitable for the role

Please contact our recruitment team at careers@crh.com.

CRH is an equal opportunity employer. We are committed to creating an inclusive work environment for all employees and actively encourage applications from all sectors of the community.

Benefits/perks listed above may vary depending on the nature of the employment with CRH and the country where you work.

Please note that we cannot accept any applications submitted through email for GDPR purposes. Candidates must apply through our job portal.

We do not accept candidate introductions for this position from recruitment agencies, unless you have been instructed to do so by our recruitment team.