Director, Cyber Security Incident Response Team (CSIRT)
US - Gaithersburg - MD, United States
USD 169K-253K Executive-level Full Time
Tasks
- Coordinate digital evidence preservation collection and analysis
- Coordinate incident notifications with legal privacy risk comms
- Define incident categories severity and decision authorities
- Deliver dashboards and quarterly lessons learned
- Drive post incident detection and control improvements
- Ensure 24x7 coverage and follow the sun handoffs
- Lead CSIRT planning and strategy
- Lead incident response execution
- Lead recruitment and targeted upskilling
- Maintain 24x7 on call rotations and surge models
- Maintain IR retainer partner readiness
- Maintain incident governance and crisis handoffs
- Manage chain of custody and legal holds
- Operationalize SIEM XDR and SOAR playbooks
- Partner on vulnerability management and offensive security testing
- Provide mentorship for DFIR cloud identity and OT ICS teams
- Run tabletop exercises and purple team exercises
- Scope contain eradicate investigate incidents
- Track incident response metrics and executive reporting
- Use LLM assisted runbooks and automated triage
Perks/Benefits
Skills/Tech-stack
Access Management | Automation | Chain of Custody | Cloud Security | Crisis Communication | Dashboarding | Digital forensics | Endpoint Security | Evidence handling | Executive reporting | Forensics Evidence Handling | ICS Security | Identity and Access Management | Identity and access | Incident Command | Incident Response | LLM | MITRE ATT&CK | OT Security | Offensive security | Purple Teaming | Risk Management | SIEM | SOAR | Security analytics | Security metrics | Tabletop Exercises | Threat Intelligence | Vulnerability Management | XDR
Education
Related jobs
-
Access Management | Business Continuity | Business Continuity Planning | Change Management | Cloud ComputingSenior-level Full TimeCharlotte, NC13h ago
-
Cyber Defense Analyst USD 126K-243KCyber Threat | Cyber Threat Intelligence | Digital forensics | EDR | Incident ResponseCertifications and training | Hands-on experienceSenior-level Full TimeWashington, DC13h ago
-
Cyber Security Engineer - Information Systems Security Engineer (ISSE) - Senior Principal USD 150K-190K800-53 | AWS Security | Authentication | Authorization | COMSECTravel up to 20%Senior-level Full TimeWright- Patterson AFB, OH18h ago
-
Senior Manager/Director, Infrastructure & Cybersecurity USD 160K-180KAccess Management | Business Continuity | Cloud Architecture | Cloud Computing | CybersecuritySenior-level Full TimeEl Segundo, CA18h ago
-
800-53 | Audit Readiness | CISA | CISM | CISSPPaid time off | Tuition reimbursement | Wellness and healthcare benefitsExecutive-level Full TimeUS-TX-Austin21h ago
-
Cyber Security Operations Analyst USD 117K-152KBash | Cause analysis | Google Workspace | Incident Response | Kusto QueryCommitment to quality | Innovation | Modern technology | Professional growthMid-level Full TimeWeatherford, United States1d ago
-
Access Management | Application Security | Authorization controls | Bash | Cloud SecurityExecutive-level Full TimePhoenix, AZ, United States1d ago
-
Director - Security Integration & Engineering-Application Security/ Vulnerability Management USD 144K-256KAPI Integration | API Security | Access Management | Application Security Testing | Attack surface managementExecutive-level Full TimePhoenix, AZ, United States1d ago
-
Director - Cyber Security (IAM Engineering) USD 174K-225KAPI Security | AWS | Access Controls | Access Lifecycle | Access ManagementExecutive-level Full TimePhoenix, AZ, United States1d ago
-
Cyber Security Engineer USD 125K-180KAWS | Access Management | Cloud Security | Endpoint protection | Identity & AccessSenior-level Full TimeR244-Kansas City, United States1d ago
-
Cyber Security Manager USD 124K-155KAccess Control | Access Management | Active Directory | Audit Reviews | Authentication Protocols401k company match | Health and wellness packages | Hybrid work schedule | Internal mobility support | Paid education and certificationsMid-level Full TimeUSA VA Falls Church - 3150 …1d ago
-
Cyber Security Analyst Sr USD 93K-118KAudit Logging | Cyber Defense | Cybersecurity | Incident Response | Network Defense401k match | Health and wellness packages | Internal mobility opportunities | Paid education and certifications | Paid vacation and holidaysMid-level Full TimeUSA CA Beale AFB - Beale …1d ago
-
Cyber Security Engineer -VPM (Onsite) USD 86K-165KAccess Management | Active Directory | Configuration Manager | Credential and Access Management | Cyber situational awareness401k match | Employee Assistance Program counseling sessions | Life insurance and disability coverage | Medical, dental, and vision insurance | Relocation assistanceExecutive-level Full TimeUS-FL-LARGO-382SS ~ 7887 Bryan Dairy Rd. …1d ago
-
Cyber Defense Forensics Lead USD 170K-230KCloud Security | Detection Systems | Digital forensics | Endpoint threat detection | Event managementSenior-level Full TimeUSA VA Ashburn - 22001 Loudoun …1d ago
-
AWS | Access Controls | Application Security | Azure | Cloud Security401k match | Dental insurance | Diversity and inclusion programs | Employee assistance program | Employee resource groupsExecutive-level Full TimeTempe, AZ, United States R1d ago
-
Cyber Security Engineer USD 99K-192KAccess Management | Ansible | Automation | Azure | CI/CDCommunity service time | Employee resource groups | Flexible family care | Medical dental prescription coverage | Paid HolidaysSenior-level Full TimeUnited States R1d ago
-
Director IT Risk and Security Management USD 190K-225KAccess Management | Agile | Certificate management | Cloud Access Security Broker | Cloud SecurityFlexible hybrid work model | Health and life insurance | Paid time off | Pension and retirement benefitsExecutive-level Full TimeTampa, FL, United States R1d ago
-
Sr. Investigator, Cyber Security USD 100K-125KAccess Management | Case management | Cloud Security | DLP | Data Loss PreventionSenior-level Full TimeOrlando, Florida, United States1d ago
-
800-53 | AD Connect | Access Certification | Access Management | Active Directory401k plan with company matching | Bereavement | Employee assistance program | Employee discount program | Health dental vision careSenior-level Full TimeRemote - Nationwide, United States R1d ago
-
Cyber Security Platform Engineer - Cyber Defense USD 97K-190KAnsible | Bash | CI/CD | Cloud Run | Cloud platformEmployee resource groups | Flexible family care | Immediate dental coverage | Immediate medical coverage | Paid HolidaysSenior-level Full TimeUnited States R1d ago
-
Cyber Security Incident Response Team Analyst USD 86K-123KDatabases | EDR | Firewall Log Analysis | IPS | Incident ManagementMid-level Full TimeAuburn Hills, MI, United States1d ago
-
Associate Director, Product Software Engineering USD 159K-284K.NET | AI | API Security | Agile | Angular401k | Commuter benefits | Dental insurance | FSA/HSA | Health insuranceMid-level Full TimeUSA - Minneapolis, MN, United States2d ago
-
2012 R2 | Account Management | Authorization Package | Authorization package review | COMSEC401k match | Accidental death and dismemberment insurance | Critical illness insurance | Dental insurance options | Flex work weeksMid-level Full TimeUSA CO Colorado Springs - - …2d ago
-
Sr Director, Cyber Security Operations / Deputy CISO USD 204K-306KCloud Security | Cybersecurity | Dashboards | Endpoint Security | Enterprise Risk401k company match | Dental insurance | Employee wellness programs | Medical insurance | Paid time off (PTO)Senior-level Full TimeUS - Massachusetts (Acton - Office), …2d ago
-
ISSO and Cyber Security Analyst USD 77K-176KAWS | Azure | Cloud Security | Cyber Security | Digital forensicsDependent care | Paid leave | Professional development | Recognition awards | Tuition assistanceSenior-level Full TimeUndisclosed Location - USA, TX, San …2d ago