Act as Incident Commander for all security issues across the enterprise
Lead the incident response team in identifying, analyzing, and resolving cybersecurity incidents
Coordinate with stakeholders for timely and effective resolution
Develop and maintain incident response plans, playbooks, and SOPs
Manage on-call rotation
Communicate clearly with senior management and external stakeholders during and post-incident
Prepare detailed incident reports with post-incident analysis and recommendations
Collaborate with other cybersecurity teams to improve detection rules, refine security policies, and enhance overall security posture
Analyze security monitoring alerts and respond to cybersecurity incidents
Serve as a subject matter expert who defines visibility and response requirements
Perform forensic analysis on data and endpoints
Lead complex investigations into advanced cyber threats, including malware outbreaks, targeted attacks, and persistent threats
Conduct thorough investigations to determine root cause and impact of incidents
Use threat intelligence and advanced analytics to identify and address potential threats
Implement and oversee remediation measures to prevent recurrence
Hunt for hidden threats within enterprise networks proactively using threat intelligence and behavioral analytics
Partner with Detection Engineering to refine threat detection rules to improve SOC visibility
Create automation solutions for expedient response and effective detection
Automate incident and remediation reports, leveraging AI where possible
Drive a culture of continuous improvement
Perform root cause analysis on security incidents and recommend improvements to security controls
Stay updated on industry best practices and evolving attack techniques to ensure effective defenses

Requirements

Minimum of 8 years of experience in cybersecurity with at least 5 years in incident response (IR)
3+ years of proven experience in an IR management role, with a track record of building, mentoring, and scaling security teams
Background in Security Operations Center (SOC) operations, including incident response, and security monitoring
Experience with leveraging threat intelligence to anticipate and mitigate cyber threats, and extensive experience in digital forensics, covering evidence collection, analysis, and reporting
Experience leading global, cross-functional, and complex security incidents
Experience with data and SIEM tools (e.g., Splunk, Databricks, Sentinel)
Experience working with security automation and orchestration tools (SOAR), including how to prioritize efforts, forecast, and show cost savings
Experience with cyber threat landscape, attacker tactics, techniques, and procedures (TTPs), and frameworks such as MITRE ATT&CK
Experience with security tools and technologies such as SIEM/SOAR platforms (e.g., Splunk, Sentinel), EDR, IDS/IPS, network traffic analysis tools (e.g., Zeek, Suricata, Yara), and cloud security solutions, with an understanding of their architecture and integration
Exceptional communication (written and verbal) and presentation skills, with the ability to convey technical findings and recommendations to diverse audiences, including explaining complex engineering concepts

Benefits

Paid Time Off: earned time off, as well as paid company holidays based on region
Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
Retirement Plans: select retirement and pension programs with potential for employer contributions
Learning and Development: options for coaching, online courses and education reimbursements
Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

incident responseforensic analysisroot cause analysisthreat intelligencecybersecurity incident managementsecurity monitoringautomation solutionsdigital forensicssecurity controlsbehavioral analytics

Soft skills

communication skillsleadershipcollaborationmentoringproblem-solvinganalytical thinkingpresentation skillsstakeholder managementcontinuous improvementteam building