Cyber Incident Lead

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Assurance, or a related field completed and verified prior to start from an accredited institution.
• 8+ years of experience in cybersecurity, with 3+ years in a senior incident response or leadership role.

Nice To Haves

• Master’s degree preferred.
• Proven experience leading major incident response efforts, including ransomware, insider threats, and supply chain attacks.
• Deep knowledge of digital forensics, malware analysis, and incident containment strategies.
• Familiarity with legal and regulatory requirements for breach notification and evidence handling.
• Strong leadership and crisis management skills, with the ability to coordinate across technical, legal, and executive teams.
• Excellent verbal and written communication skills, including executive-level reporting and stakeholder engagement.
• Certifications such as CISM, CISSP, GCFA, or C-CISO are highly desirable.

Responsibilities

• Lead and coordinate cross-functional response teams during cybersecurity incidents, ensuring timely decision-making and clear communication.
• Design, facilitate, and lead cyber tabletop exercises to test and enhance organizational preparedness, coordination, and decision-making under simulated attack scenarios.
• Develop and maintain the organization’s cyber incident response strategy, playbooks, and escalation protocols.
• Conduct regular incident response exercises and simulations to ensure readiness across technical and business teams.
• Mentor and guide incident response personnel, fostering a culture of preparedness, accountability, and continuous improvement.
• Direct the technical investigation of security incidents, including root cause analysis, impact assessment, and containment strategies.
• Coordinate and oversee the documentation of activities, analysis, and remediation actions for cybersecurity incidents.
• Ensure incident documentation is thorough, accurate, and aligned with regulatory and legal requirements.
• Continuously evaluate and improve incident response tools, processes, and capabilities based on lessons learned and threat landscape evolution.
• Serve as the primary liaison between technical teams, executive leadership, legal, communications, and external stakeholders during incidents.
• Communicate incident status, risks, and business impact clearly and effectively to both technical and non-technical audiences.
• Partner with IT, OT, and business units to ensure incident response coverage across all environments.
• Ensure compliance with internal policies, industry standards, and regulatory requirements related to incident response and breach notification.
• Lead post-incident reviews and drive remediation efforts to strengthen the organization’s cyber resilience.

Benefits

• Medical, Dental & Vision
• Health Savings Accounts
• Health Care & Dependent Care Flexible Spending Accounts
• Disability Benefits
• Life Insurance
• Voluntary Benefits
• Paid Absences
• Retirement Benefits