Incident Response Lead - Remote

Overview

The Incident Response Lead supports and enhances Security Operation Center (SOC) and Incident Response (IR) efforts, leading and mentoring SOC teams to ensure efficient incident handling and a proactive security stance.

In Short

• Assist in developing and implementing SOC IR strategies.
• Lead and mentor IR SOC teams.
• Support and oversee high-severity incident response efforts.
• Coordinate with internal and external stakeholders during incidents.
• Drive continuous improvement initiatives within the SOC.
• Refine and test incident response playbooks and procedures.
• Conduct advanced threat-hunting activities.
• Stay updated on emerging cybersecurity threats and trends.
• Generate and present insightful metrics and reports to leadership.
• Foster a culture of proactive security within the SOC.

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, or a related field.
• 7+ years of experience in cybersecurity, with a focus on incident response and SOC operations.
• 3+ years in a leadership role within a SOC.
• Strong analytical and problem-solving skills.
• Proficiency in SIEM, EDR, and NDR tools.
• Ability to develop and refine incident response playbooks.
• Knowledge of advanced threat-hunting techniques.
• Excellent communication and leadership skills.
• Familiarity with frameworks such as MITRE ATT&CK and NIST SP 800-61.
• Understanding of malware analysis, digital forensics, and network forensics.
• Ability to work in a fast-paced, 24/7 environment.
• Willingness to be on-call for high-severity incidents.
• Certifications: CISSP, CISM, or equivalent advanced security certifications.

Benefits

• Supportive work environment with opportunities for growth.
• Values that prioritize client obsession, teamwork, health, diversity, and problem-solving.
• Engagement in a culture that emphasizes information security responsibility.