Cyber Defense - Incident Responder

NorthMark StrategiesDallas, TX

About The Position

Cyber Defense is responsible for operating and continuously advancing a cloud-first, intelligence-driven cybersecurity program. As a Cyber Incident Responder, you will report to the Manager of Cyber Defense Operations and play a critical role in protecting the organization by leading and executing incident response across enterprise and cloud environments. This role is responsible for the end-to-end execution of the Incident Response lifecycle, leveraging AI-assisted tools, automation, and threat intelligence to accelerate detection, triage, investigation, and containment. You will operate as both a hands-on technical responder and incident leader, driving rapid mitigation actions while improving detection fidelity, response speed, and operational efficiency.

Requirements

  • 6+ years of hands-on experience in Cybersecurity Operations / Incident Response
  • Strong experience within Microsoft Security Ecosystem
  • Proven experience investigating incidents across cloud (Azure/AWS), identity, endpoint, and email platforms
  • Demonstrated experience integrating or leveraging AI/automation in security operations (e.g., security copilots, ML-based detections, automated triage)
  • Strong proficiency in KQL (Kusto Query Language) for threat hunting and investigation
  • Strong analytical and critical thinking skills with the ability to operate under pressure
  • Excellent written and verbal communication skills, including executive-level reporting
  • Ability to lead incidents, influence stakeholders, and drive rapid decision-making
  • Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
  • Certified in one or more of the following: CISSP, CISM, CISA, SANS GIAC Security Certifications.
  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Responsibilities

  • Act as Incident Commander for high-impact security incidents, coordinating cross-functional response efforts and driving containment, eradication, and recovery actions
  • Execute the full Incident Response lifecycle (detect, triage, investigate, contain, remediate, recover) with a focus on reducing time-to-detect and time-to-contain
  • Leverage frameworks such as MITRE ATT&CK and the Cyber Kill Chain to guide investigations and response strategies
  • Lead real-time decision-making during active incidents, ensuring business risk is clearly understood and mitigated
  • Utilize AI-assisted platforms to pre-triage alerts, enrich incidents, and prioritize high-risk activity in the response queue
  • Drive the adoption of AI-based correlation and context aggregation across SIEM/XDR, case management, and threat intelligence sources
  • Conduct deep-dive investigations across endpoint, identity, email, network, and cloud environments
  • Perform host forensics, log analysis, and malware triage to determine scope, impact, and persistence mechanisms
  • Drive operational efficiency by reducing manual touchpoints and enabling automated containment and remediation actions
  • Provide technical leadership and mentorship to junior and mid-level analysts, elevating team capability and consistency
  • Collaborate with IT, Engineering, Legal, HR, and business stakeholders during investigations and incident response activities
  • Serve as a key contributor across multiple concurrent initiatives, including tool enablement, process improvement, and security strategy
  • Deliver clear, concise, and executive-ready incident reports, including impact assessments and recommended actions
  • Conduct post-incident reviews and root cause analysis, driving improvements to detection, response, and prevention controls

Benefits

  • Company-Paid Lunch Stipend: Lunch is provided via GrubHub
  • 100% Employer-Paid Medical in our High Deductible Health Plan
  • Dental and Vision benefits for employees and their families
  • 16 weeks of Paid Parental Leave
  • Employee Assistance Program
  • Life insurance
  • Short-Term Disability and Long-Term Disability
  • Company will match 100% of your contributions up to 6% (401(k))
  • Medical insurance in our PPO plan
  • Health Savings Accounts (with Company Contribution!)
  • Flexible Spending Accounts
  • Supplemental Life Insurance
  • Wellhub
  • 25 days of Paid Time Off
  • 12 company holidays
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service