Incident Response Coordinator

ASM Research

23d

About The Position

The Incident Response Coordinator supports the end‑to‑end response to IT incidents and service disruptions, helping restore normal operations quickly and reduce impact on mission‑critical systems. The role serves as the central coordination point for incident response activities, ensuring alignment with established incident management processes, service incident models, and enterprise IT objectives in a highly regulated federal environment. The coordinator orchestrates communication among technical teams, vendors, and leadership; provides clear and timely status reporting; and executes functional and hierarchical escalations to Senior Coordinators and the Senior Incident Manager as defined in the incident management practice and Major Incident Process. The coordinator maintains complete, audit‑ready documentation throughout the incident lifecycle and contributes to lessons‑learned activities and process improvements.

Requirements

Bachelor’s degree in information technology, Computer Science, Business Administration, or related field, or equivalent relevant work experience.
4–7 years of experience in incident management, incident response, or related IT operations roles with direct responsibility for coordinating multi‑party incident activities.
Strong understanding of ITIL‑aligned incident management and structured incident response practices, including prioritization, escalation, and lifecycle management.
Proficiency with IT service management platforms and monitoring solutions. Ability to manage multiple incidents and communicate clearly in a high‑pressure operations center environment.
Excellent problem‑solving, analytical, written, and verbal communication skills, with the ability to tailor content for both technical staff and business leadership.
Active SECRET clearance or ability to obtain and maintain required background investigation; U.S. citizenship required.

Nice To Haves

ITIL Foundation or similar IT service management certification, ideally combined with training in structured IT or cybersecurity incident response.
Hands‑on experience coordinating incident response in large enterprise or defense‑focused operations centers.
Experience contributing to the design or optimization of incident response runbooks, coordination models, and ITSM workflows.

Responsibilities

Operational Coordination: Organize response efforts across the full end-to-end lifecycle of incidents, high-impact events, and multiple concurrent incidents; set priorities; assign actions; track progress through restoration; maintain disciplined status calls.
Runbook & ITSM Execution: Ensure accurate categorization, CI linkage, documentation, and knowledge updates; maintain audit‑ready records/timelines, and capture key decisions, timelines, and impacts accurately.
Telemetry‑Informed Engagement: Use monitoring/ITSM data to route incidents; engage infra/app/cyber/vendor dependencies.
Communications & Handoffs: Provide structured internal messaging (leadership updates, stakeholder briefings, and status pages); manage shift handoffs and continuity of incident coordination.
PIR Support & Improvement: Help lead PIRs; identify recurring patterns; update runbooks/workflows; track action closure.
Escalation Discipline: Elevate deteriorating/unresolved incidents per SLA/escalation guidelines.
Evidence Management: Collect/store key decisions, impact summaries, timelines for compliance/audits.
Single point of contact: facilitate collaboration for IT incidents between infrastructure, application, cybersecurity, and vendor teams to drive timely resolution.
IT service management platforms/ related monitoring tools: track incidents, verify remediation steps, and maintain accurate records required for audits, compliance reviews, and post‑incident analysis.
Post‑incident reviews: participate by identifying systemic issues and recurring patterns, and translate lessons learned into updates to runbooks, workflows, and ITSM configurations.