Incident Response Lead - Remote

Strada GlobalNew York, NY
$120,190 - $223,210Remote
Match Resume

About The Position

Our story Strada is a technology-enabled, people powered company committed to delivering world-class payroll, human capital management, and financial management solutions to organizations globally. With a team of more than 8,000 experts and over 30 years of expertise, Strada blends leading-edge technology with human ingenuity to help businesses across the globe design and deliver at scale. Supporting over 1,400 customers in 33 countries, Strada partners with customers at every stage of their journey, to help drive their vision forward. It’s why we’re so driven to connect passion with purpose. Our team’s experience in human insights and cloud technology gives companies and employees around the world the ability to power confident decisions, for life. With a comprehensive total rewards package, continuing education and training, and tremendous potential with a growing global organization, Strada is the perfect place to put your passion to work. To learn more about us, visit stradaglobal.com We are looking for a highly skilled and motivated Incident Response Lead to join our cybersecurity team. This individual will serve as the operational backbone of how Strada handles incidents and ensures Strada is prepared to respond effectively to cybersecurity incidents. This is an individual contributor leadership role with significant cross-functional influence. When things go wrong, you are the person who makes sure the right people are in the room, the right information is flowing, and nothing falls through the cracks. The right person for this role brings structure and rigor to complex situations, drives timely decisions, and helps restore services safely and quickly without waiting for a playbook to be handed to them. This role will strengthen Strada’s incident response readiness by maturing processes, playbooks, escalation paths, exercises, and cross-functional operating mechanisms. You will be a self-starter who turns ambiguity into practical, repeatable operating mechanisms and moves work forward without waiting for detailed direction. The role will partner closely with the SOC Leads, who own monitoring operations, detection engineering, alert triage processes, SIEM management, and SOC team performance.

Requirements

  • Have 5+ years of experience in incident management, with direct experience leading high-severity cybersecurity incidents in complex, global, or distributed environments.
  • Have built or significantly shaped an incident response program, ideally in an environment where you had to create structure rather than inherit it
  • Demonstrate a strong sense of ownership and urgency, with the ability to operate independently and make sound decisions under pressure without waiting for direction
  • Are comfortable working in unprecedented situations where processes are still being defined and guidance may be incomplete or conflicting, leaving things better than you found them
  • Have a track record of effective cross-functional collaboration, particularly with technology, product, security, legal, communications, and executive leadership
  • Have experience with cloud infrastructure incidents and enough technical depth across the stack to engage meaningfully with technology teams during response, including comfort navigating distributed systems, monitoring tools, and logs
  • Are analytically minded, with experience using data (incident metrics, queries, trend analysis) to inform decisions during response and to drive operational improvements over time
  • Excellent communication skills with the ability to communicate clearly and calmly under pressure, both in real-time coordination and in post-incident written communications
  • A strong record as a self-starter: you anticipate needs, identify gaps, set priorities, and drive work to completion with limited direction.
  • Strong process-design and documentation skills, including process mapping, runbook development, workflow design, and translating lessons into repeatable operating practices.
  • Proven coaching, facilitation, and change-enablement skills, with the ability to raise the capability and confidence of technical and non-technical stakeholders.
  • Strong knowledge of incident response methodologies and frameworks, including NIST SP 800-61, the SANS incident response lifecycle, and MITRE ATT&CK.
  • Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience

Nice To Haves

  • Relevant certifications such as CISSP, GCIA, or equivalent are a plus.

Responsibilities

  • Lead Cybersecurity Incident Response
  • Act as incident lead for major cybersecurity incidents, establishing severity, objectives, workstreams, decision rights, communication cadence, and escalation paths.
  • Direct the end-to-end response through validation and scoping, containment, eradication, recovery, and closure, maintaining a clear record of timelines, decisions, actions, and owners.
  • Coordinate security, infrastructure, cloud, identity, network, application, vendor, and business teams to restore affected services safely and validate operational stability and residual risk.
  • Provide concise, timely situation reports and decision recommendations to executives and stakeholders, translating technical findings into business impact and required actions.
  • Partner with Legal, Privacy, Risk, Communications, Human Resources, Business Continuity, and customer-facing teams to meet regulatory, contractual, insurance, notification, and crisis communication obligations.
  • Build readiness for incidents
  • Own and mature incident response by establishing processes, enhancing tooling, and defining operational standards for handling incidents at scale
  • Continually improve the incident response framework, major-incident plans, escalation criteria, call trees, and response and recovery playbooks, including clear handoffs with other teams.
  • Design and facilitate tabletop exercises and simulations to test technical readiness, decision-making, communications, and recovery arrangements.
  • Perform incident readiness activities, and support additional cybersecurity initiatives as needed in a dynamic global corporate environment
  • Coach and enable the organization
  • Provide expert guidance on complex incidents and mentor responders, analysts, and technical stakeholders in effective incident management practices.
  • Lead post-incident reviews, assign and track corrective actions, and ensure lessons learned improve controls, architecture, detections, response capability, and operational resilience.

Benefits

  • health coverage
  • wellbeing programs
  • paid leave (vacation, sick, parental)
  • retirement plans
  • learning opportunities
  • Competitive salary and benefits package.
  • Flexible working arrangements.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Job Search Resources

Similar Incident Response Lead - Remote job opportunities

🔥 New JobIncident Commander / Incident Response Lead
Saliense
Saliense6d
🔥 New JobIncident Response Analyst
Talentgrator
Talentgrator23h
Incident Response Coordinator
Carnegie Mellon University
Carnegie Mellon University • Pittsburgh, PA7d • Onsite
🔥 New JobIncidence Response Lead
Strada
Strada • New York, NY1d • $120,190 - $223,210 • Remote
Director of Incident Response
NorthMark Strategies
NorthMark Strategies • Dallas, TX12d
IT - Incident Response Engineer
Eaton Corporation
Eaton Corporation • Beachwood, OH2d • $113,000 - $165,000 • Onsite

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service