OPCyberTalent is seeking a Senior Incident Response Lead. Are you ready to take on a pivotal role in shaping the future of our security operations? As the Senior Incident Response Lead for our MSSP Customer, you won’t just be reacting to alerts, you’ll be leading the charge to develop and execute a forward-thinking strategy that protects our customers and organization against evolving cyber threats. In this role, you'll oversee the most complex incident response engagements, mature our incident response processes, and foster a culture of collaboration, innovation, and excellence.
We’re looking for a passionate leader who thrives in tackling significant cybersecurity challenges, guiding and inspiring teams, and driving impactful solutions. If this sounds like you, join us to elevate our security operations and make a meaningful difference.
Key Responsibilities:
-
Incident Response Leadership: Manage and lead complex incident response engagements, coordinating technical teams and stakeholders to ensure effective resolution.
-
Process Maturation:Design, refine, and implement advanced playbooks for triage, investigation, and response to cyber threats. Focus on automation and continuous improvement of response processes.
-
Escalation Support:Act as the senior escalation point for high-priority and challenging security incidents, providing expert guidance to junior analysts and the Security Operations Center (SOC) team.
-
Strategic Initiatives:Drive initiatives to enhance incident response processes, utilizing cutting-edge methodologies and tools to increase efficiency and effectiveness.
-
Stakeholder Communication:Translate technical incident findings into actionable intelligence and communicate effectively with customers and stakeholders.
-
Threat Detection Optimization:Oversee the implementation, tuning, and optimization of threat signatures, ensuring top-tier detection capabilities.
-
Team Development:Mentor and develop junior analysts, fostering professional growth and a culture of continuous learning.
-
Training Programs:Organize and lead SOC training initiatives, emphasizing readiness for advanced incident response challenges.
Required Skills & Expertise:
-
Proven leadership and team management experience in a cybersecurity or SOC environment.
-
Advanced knowledge and hands-on experience in incident response and cybersecurity operations.
-
Strong critical thinking, analytical abilities, and attention to detail.
-
Exceptional written and oral communication skills, with the ability to convey technical concepts clearly.
-
Strong interpersonal skills with a demonstrated ability to collaborate across diverse teams.
-
Deep understanding of Windows event logs and other relevant digital artifacts for investigation.
-
Experience with digital forensics is a strong plus.
Minimum Requirements:
-
Experience:At least 5+ years in Security Operations, with significant incident response and leadership experience.
-
Technical Expertise:Strong expertise in log management, SIEM platforms, endpoint protection, and advanced security tools.
-
Availability:Willingness to participate in on-call duties for high-priority incidents, including nights, weekends, and holidays.
Preferred Qualifications:
-
Senior Managed Services Experience:Experience in a senior role within a managed services or incident response team.
-
Threat Hunting Skills:Proven ability to perform proactive threat hunting and develop innovative detection and response solutions.
-
Tool Proficiency:Familiarity with advanced tools such as SOAR, Sigma, Sysmon, Thinkst Canary, and OpenSearch/Elastic.
-
Regulatory Knowledge:Comprehensive understanding of compliance frameworks like HIPAA, PCI-DSS, NIST, and others.
-
Email Security Expertise: Experience managing security operations for email platforms such as Azure/M365, Google Workspace, and Exchange.
#LI-JC2
