Incident Response Lead

About The Position

Requirements

• Bachelor’s degree in computer science, Information Security, or related field, or equivalent experience
• 7+ years of progressive experience in Information Security with significant exposure to incident response and post-incident review activities
• Proven leadership experience managing technical and/or non-technical teams in a cybersecurity environment
• Strong expertise in root cause analysis, incident timeline reconstruction, and application of frameworks such as MITRE ATT&CK
• Deep understanding of Cyber Threat TTPs, threat hunting techniques, and enterprise SIEM/security analytics platforms (e.g., Splunk, Exabeam)
• Excellent communication skills with ability to translate complex technical findings for diverse audiences including executives
• Experience developing and refining SOPs, playbooks, and training materials for post incident review or incident response programs
• Familiarity with security frameworks such as ISO 27001, NIST, SOX, and regulatory compliance requirements

Nice To Haves

• Relevant certifications preferred (e.g., CISSP, GCIH, GSEC, OSCP, CYSA+)

Responsibilities

• Lead and manage the Post Incident Review team, providing guidance, mentorship, and performance management to senior and junior analysts
• Oversee all post-incident investigations to ensure comprehensive root cause analysis, impact assessment, and actionable remediation recommendations
• Collaborate closely with Security Operations, IT, Risk Management, Business Units, and executive leadership to communicate findings and drive resolution
• Develop and enhance post-incident review frameworks, methodologies, and tools to improve efficiency and effectiveness of incident analysis
• Facilitate lessons learned sessions and ensure key insights are integrated into incident response playbooks, SOPs, and training programs
• Identify systemic risks and trends from incident data to inform strategic risk mitigation and security program enhancements
• Ensure compliance with regulatory requirements and internal policies through detailed documentation and audit support
• Drive continuous improvement initiatives in incident response processes based on evolving threat landscape and industry best practices
• Represent the PIR function in cross-functional security governance forums and contribute to enterprise-wide cybersecurity strategy

Benefits

• A work environment built on teamwork, flexibility and respect
• Professional growth and development programs to help advance your career, as well as tuition reimbursement
• Team Member Vehicle Purchase Discount
• Toyota Team Member Lease Vehicle Program (if applicable)
• Comprehensive health care and wellness plans for your entire family
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools and more
• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)
• Relocation assistance (if applicable)