Incident Response Coordinator, Senior

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, Business Administration, or related field, or equivalent relevant work experience.
• 8+ years of experience in incident management, incident response, or related IT roles, including leadership of major incidents in large, complex enterprise or federal IT environments.
• Deep understanding of ITIL principles and advanced incident management and response best practices, including governance of runbooks, escalation models, and communications.
• Demonstrated proficiency with incident management tools, IT service management platforms, and monitoring solutions used to manage major incidents and produce operational and executive reporting.
• Excellent problem-solving, analytical, written, and verbal communication skills, with proven ability to brief senior leadership and translate technical risk into business terms.
• Demonstrated ability to lead multiple concurrent complex incidents, make timely decisions with incomplete information, and drive consensus across diverse technical and business stakeholders.
• Active SECRET clearance or ability to obtain and maintain required background investigation; U.S. citizenship required.

Nice To Haves

• Leadership experience in enterprise-scale or defense-related major incident management, including coordination with external partners or multi-agency stakeholders.
• Advanced incident management or cybersecurity certifications (such as ITIL intermediate/advanced or incident-response-oriented credentials).
• Experience designing or maturing enterprise incident response frameworks, including integration with cyber defense centers, problem management, and governance processes.

Responsibilities

• Structure/facilitate major incident bridges; maintain restoration focus; assign actions/owners; track progress to closure; enforce decision/messaging cadence.
• Maintain/enforce incident playbooks, escalation matrices, and communication templates; ensure ITSM record quality, CI linkage, and documentation discipline.
• Engage dependencies (infra, app, identity, cloud, network) early based on service mapping; identify/remove bottlenecks delaying restoration (approvals, routing).
• Produce leadership updates/executive briefings translating technical impact/risk/remediation into clear business language; maintain SSOT.
• Coordinate with Problem, Change, Release, Service Continuity, and SOC/Cyber IR where service impact/security intersects; support PIRs and trend analysis.
• Run tabletop exercises; review playbooks; audit on-call readiness; ensure consistent execution across shifts/teams.
• Coach coordinators/junior IM staff on escalation protocols, communication discipline, and analysis techniques.
• Ensure timelines, key decisions, and impact assessments are documented and stored to meet compliance and audit requirements.