We are looking for an Incident Response Leader focused on safeguarding the organization from cybersecurity threats that might or already materialized into incidents. This role ensures rapid triage, response, and mitigation of Cyber Security incidents to minimize damage and reduce recovery time. 

You will be responsible for leading an external team of SOC analysts and incident responders, forensic experts, as well as coordinating cross-functional teams to ensure the organization's resilience against emerging threats while also co-designing, maintaining and overseeing incident response strategies and processes. You will be reporting to a Cyber Incident Response Product Manager.

YOUR NEW KEY RESPONSIBILITIES:

• Oversee the entire lifecycle of cybersecurity incidents, from detection to resolution.

• Serve as the primary point of contact for managing third-party SOC and CSIRT providers to triage incidents.

• Coordinate efforts with cross-functional teams to ensure rapid containment, eradication, and recovery of compromised systems.

• Conduct post-incident analysis, documenting lessons learned and implement improvements points.

• Ensure compliance to SLAs, process adherence and process improvement to achieve operational and regulatory objectives.

• Implement industry best practices, co-develop incident playbooks with external SOC/CSIRT teams, and ensure that the organization is prepared to handle any security incidents effectively.

• Ensure incidents are prioritized and response plans are available to effectively react to relevant modern threats.

• Coordinate forensic investigations which includes acquisition and analysis of digital artifacts to determine the root cause, impact, and extent of cyber incidents to support incident response efforts.

• Lead consistent and effective advanced threat hunting based on threat intelligence feeds and against today’s threat landscape and best practices.

• Maintain clear communication channels during an incident and provide timely updates to all relevant stakeholders, including senior management.

• Support continuous training programs (e.g., tabletop exercises).

• Ensure incident response activities align with the organization’s broader business continuity and disaster recovery plans.

ARE THESE YOUR SECRET INGREDIENTS?

• 3 + years of experience in cyber security incident management.

• Strong knowledge of common attack methods, including malware, ransomware, phishing, and their mitigation strategies.

• Familiarity with Security Orchestration, Automation, and Response (SOAR) platforms to streamline incident detection and response workflows.

• Ability to lead and manage external SOC/CSIRT teams, making fast, effective decisions during crises.

• Strong documentation skills for post-incident reporting and sharing insights.

• Strong analytical thinking to continuously refine and improve incident response processes.

• Exceptional ability to communicate complex technical issues in clear, concise terms to non-technical stakeholders.

• Strong communication skills to effectively work with Vendors.