Incident Response Leader

Key Role:

Apply advanced comprehension of monitoring, analyzing, detecting, and responding to Cyber events and incidents within information systems and networks. Consult on integrated, dynamic Cyber defense and leverage Cybersecurity solutions to deliver Cybersecurity operational effects, including intrusion detection and prevention, situational awareness of network intrusions, security events and data spillage, and incident response actions. Lead staff on intelligence and counterintelligence collection through network analysis and reporting. Analyze Cyber policy and tradecraft and provide leadership and mentoring to junior employees. Contribute to the development of innovative principles and ideas. Work on unusually complex problems and provide solutions that are highly creative. Act as a leader on large programs or projects that affect the organizations long-term goals and objectives.

Basic Qualifications:
-7+ years of experience with leading project delivery teams with private sector clients as a technical consultant
-5+ years of experience with Cybersecurity consulting
-5+ years of experience with incident response and security operations
-Experience with triage analysis, forensics, threat hunting, and Cyber threat intelligence
-Experience with key Cybersecurity operations related tools, including SIEM and TIP
-Ability to lead fast-paced delivery in challenging commercial environments, work with senior leaders to foster positive client relationships, identify new business opportunities with existing clients, and develop new intellectual capital
-Ability to build excellent relationships with technology vendors and develop mutually beneficial partnerships
-BA or BS degree

Additional Qualifications:

-8+ of experience with leading significant or high-profile incidents, including validating and escalating incidents and coordinating response activities across multiple entities

-Experience with large-scale and complex incidents of all types, including APT, DDOS, insider, Web and mobile applications, and data exfiltration

-Experience with providing strategic guidance on and tracking of tools, visibility, and capabilities gaps affecting information security posture

-Experience with testing and updating incident response plans and processes to address existing and emerging threats

-Experience with forensic analysis and big data concepts

-Ability to make rapid, independent decisions in stressful and fluid situations, including those that impact critical life, safety, and business systems

-Ability to provide timely reports and updates

-Ability to travel up to 80% of the time

-Possession of excellent oral and written communication skills to be a liaison between the Security Operations Center and business and technical teams during an incident with multiple stakeholders

-GCIH, GCIA, GCFA, or GCFE Certification

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.