Security Operations - Incident Response & Forensics
About The Position
This role is responsible for leading the firm's incident response, digital forensics, threat intelligence, and security operations activities. Working closely with technical teams and business stakeholders, you will strengthen the organization's ability to detect, respond to, and recover from cybersecurity threats while enhancing overall security resilience. The role translates threat intelligence into actionable defensive measures, drives continuous improvement of incident response and crisis management capabilities, and helps ensure alignment with industry best practices. The successful candidate will bring a collaborative, analytical, and process-driven approach to protecting the firm from evolving cyber threats.
Requirements
- 3-5 years of experience in incident response, security operations, threat intelligence, or a related cybersecurity discipline
- Forensics certifications preferred (e.g., GCFE, GCFA, GCFR, GCIH, etc.)
- Hands-on experience with forensic tools, SIEM platforms, and EDR solutions
- Demonstrated knowledge of incident response lifecycle activities, including triage, containment, remediation, and lessons learned
- Experience using threat intelligence sources and frameworks to support detection engineering and threat hunting
- Strong written and verbal communication skills, with the ability to present technical information to non-technical audiences
- Proven ability to manage multiple priorities in a fast-paced environment and respond effectively to high-severity events
Nice To Haves
- Bachelor’s degree in cybersecurity, information security, computer science, information technology, or a related field preferred
Responsibilities
- Lead investigations into security breaches, malware infections, insider threats, brand impersonations, and other security incidents
- Coordinate containment, eradication, and recovery activities to reduce business impact and restore operations quickly
- Manage crisis communications, executive updates, and post-incident reporting with clear, concise documentation
- Develop, maintain, and regularly test incident response playbooks, runbooks, and supporting response procedures
- Gather, analyze, and operationalize threat data from internal and external sources to improve detection and response
- Apply threat intelligence frameworks and methodologies, including MITRE ATT&CK, to identify adversary tactics, techniques, and procedures
- Support threat hunting efforts by identifying suspicious activity, investigating anomalies, and recommending detection improvements
- Identify opportunities to improve incident monitoring, detection, and response processes, and support the implementation of enhancements
- Help design and enhance Crisis & Incident Response capabilities aligned with industry standards and frameworks, including ISO 27001, NIST, and CIS, to improve organizational readiness, response, and recovery
- Partner with security governance, technical teams, and business units to maintain an effective security posture and align with corporate security policies
- Automate recurring operational security tasks and integrate threat intelligence into detection pipelines and workflows
- Serve as a bridge between technical teams and business stakeholders, ensuring security priorities are understood and addressed across the organization
Benefits
- Discretionary bonus
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
