About The Position

The CSIRT L3 Relay acts as a Level 3 (N3) cybersecurity operational coordinator and CSIRT support relay for a large international automotive customer. Working closely with central Cyber Detection & Response (CDOC) teams, this role strengthens local operational support, accelerates response to complex or critical incidents, and provides expert guidance when needed. The role also supports collaboration across business, functional, and technical teams, ensuring effective escalation management, mitigation tracking, and incident coordination.

Requirements

  • Strong knowledge of cybersecurity operations, SOC/CDOC environments, and incident response
  • Experience coordinating technical and non-technical stakeholders
  • Skilled in incident management, escalation handling, and mitigation tracking
  • Ability to translate business needs into technical cybersecurity requirements
  • Strong communication, facilitation, and coordination skills
  • Autonomous, proactive, and solution-oriented mindset
  • Hands-on experience with SIEM platforms such as Microsoft Sentinel, QRadar, or Splunk/ELK
  • Experience with EDR solutions such as CrowdStrike and/or Microsoft Defender
  • Mandatory or equivalent certifications: GCIH or GCFE/GCFA; Microsoft SC-200 (Sentinel)
  • English required; French is an asset
  • Bachelor’s degree in Cybersecurity, IT, or a related field, or equivalent experience

Nice To Haves

  • Experience with Logic Apps, SOAR platforms, or threat intelligence tools such as MISP or OpenCTI
  • Additional certifications such as CISSP, CISM, GREM, CEH, or CHFI
  • Experience in large enterprise environments or IT/OT boundary contexts
  • Background in automotive, manufacturing, OT/ICS security, or 24/7 SOC environments

Responsibilities

  • Act as the local cybersecurity contact for client sites
  • Maintain strong operational proximity with onsite teams
  • Liaise between local stakeholders and central CDOC teams
  • Coordinate incident escalations and expert support
  • Track mitigation, remediation, and corrective actions
  • Support complex or critical cybersecurity incidents
  • Lead or assist response, remediation, and recovery activities
  • Align technical risks with business and operational priorities
  • Provide expert support and coordinate response during major incidents or cyber crises
  • Translate business needs into cybersecurity requirements and global solutions
  • Support continuous improvement of detection and response processes
  • Ensure clear two-way communication between local and central teams
  • Promote knowledge sharing, best practices, and service quality improvements

Benefits

  • Competitive compensation including a strong base salary and annual performance bonus
  • A comprehensive, fully covered benefits package designed with your well‑being in mind: life insurance, long-term disability, health, dental, and vision coverage, HSA (Health Spending Account)
  • Access to Dialogue telehealth
  • Generous paid time off, including sick leave, personal days, and 3 weeks of vacation
  • A monthly transportation allowance
  • Excellent learning, development, and career advancement opportunities
  • All the equipment you need to stay productive and perform at your best from day one.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service