Incident Response (IR) Tech Lead
Tasks
- Acquire and analyze disk images and volatile data
- Analyze suspicious emails websites and downloads
- Categorize security incidents with analytics and correlation
- Conduct digital forensics across host network cloud and mobile
- Coordinate enterprise incident response teams
- Coordinate incident tasks across IR team
- Create detection signatures and automate response workflows
- Develop SIEM content and correlation algorithms
- Develop and enhance detection and response processes
- Develop containment, eradication, and recovery plans
- Ensure investigations meet NIST SP 800 86
- Escalate complex incidents and mentor analysts
- Evaluate and integrate security tools
- Improve IR processes from exercises and real world events
- Lead incident response tabletop exercises
- Lead research on new security technologies
- Lead significant incident response
- Lead threat hunting against advanced persistent threats
- Monitor alerts using SIEM and cloud security tools
- Oversee incident triage and scope
- Perform malware analysis and reverse engineering
- Provide executive incident summaries
- Support insider threat investigations
- Write after action reports and lessons learned
Perks/Benefits
Skills/Tech-stack
Advanced Persistent Threats | Automation and response | Computer Networking | Correlation Analytics | Data Analysis | Digital forensics | Disk imaging | Executive reporting | Incident Response | Insider Threat | Malware analysis | NIST SP | NIST SP 800 | NIST SP 800-86 | Network Traffic | Network Traffic Analysis | Operating Systems | Persistent threats | Reverse Engineering | SIEM | SOAR | Security Orchestration | Security Orchestration Automation | Security Orchestration Automation and Response | Threat detection | Threat hunting | Ticket management | Traffic analysis | Volatile data analysis
Education
Related jobs
-
TikTok Shop - Risk Control & Security Operations Lead USD 167K-331KCause analysis | Data Analysis | Fraud Detection | Investigation management | LLMSenior-level Full TimeSeattle, Washington, United States1d ago
-
Security Support Engineer Lead USD 140K-180KAWS Cloud | Active Directory | Agile | Backup administration | Cause analysisOn-call supportSenior-level Full TimeBethesda, MD, United States1d ago
-
Cybersecurity Lead USD 110K-166KACAS | ATO Compliance | CVSS | Continuous Monitoring | DoD CybersecuritySenior-level Full TimeAlbany, Georgia, United States1d ago
-
Security Incident Response Orchestration Lead USD 98K-160KAI Enabled Security Operations | AI-enabled | AI-enabled security | Agentic AI | AuthenticationDiscretionary incentive plan | Paid time offSenior-level Full TimeDenver, United States1d ago
-
.NET | AWS | Azure | C# | CI/CDSenior-level Full TimeCincinnati, OH1d ago
-
Cyber Defense Forensics USD 104K-165KAdvanced Persistent Threat Analysis | Advanced persistent threat | Cyber Threat | Cyber threat analysis | Dashboards401k match | Dental insurance | Discretionary time off | Group Term Life | Health insuranceSenior-level Full TimeAshburn, VA1d ago
-
Lead Security Engineer USD 116K-246KAPI Integration | AWK | Ansible | Artifactory | Artificial IntelligenceFlexible work resources | Paid leave | Paid volunteer time | Personal Resilience Support | Wellbeing programsSenior-level Full TimeNew York, NY, United States2d ago
-
Lead Security Engineer USD 210K-260KAPI Security | AWS Security | Application Security | Application Security Testing | Authentication401k | Flexible PTO | Flexible work schedules | Technology reimbursement | Wellness benefitsSenior-level Full TimeSan Francisco, CA or Remote (USA) … R2d ago
-
Technical Leader, Advanced Cybersecurity Research USD 90K-205KArtificial Intelligence | C# | C++ | CMake | Cryptography401k | Bonus plan | Conference travel | Disability insurance | Flexible working hoursSenior-level Full TimeClifton Park, New York3d ago
-
Cyber Incident Response Team Lead USD 101K-166KCase management | Containment | Cybersecurity | EDR | EradicationSenior-level Full TimeAshburn, VA4d ago
-
Insider Threat Monitoring Lead USD 112K-183KCompliance Management | Counterintelligence | Cybersecurity Analytics | Insider Risk | Insider Risk AssessmentSenior-level Full TimeAshburn, VA4d ago
-
Cyber Threat Intelligence Lead USD 112K-179KCyber Threat | Cyber Threat Intelligence | HTML | Malware analysis | PythonSenior-level Full TimeAshburn, VA4d ago
-
Cyber Threat Hunt Lead USD 107K-202KAttacker Behavior Analysis | Behavior Analysis | Cyber Threat | Cyber Threat Intelligence | Detection engineeringSenior-level Full TimeAshburn, VA4d ago
-
Incident Response Lead (Day - VA) USD 111K-124KAmazon Web Services | Application Infrastructure | Application Infrastructure Support | Azure | Cloud ComputingSenior-level Full TimeReston, VA, United States4d ago
-
Incident Response Lead (Day - VA) USD 111K-124K24x7 support | AWS | Application Infrastructure | Application Infrastructure Support | AzureHigh Severity Escalation Support | Weekend Call RotationSenior-level Full TimeReston, VA, United States4d ago
-
Agentic AI | Battlecards | Certification program | Challenger method | Competitive IntelligenceSenior-level Full TimeDallas, TX R4d ago
-
Cyber Operations Lead and SOC Liaison USD 152K-228KCross-Functional Coordination | Cross-functional | Event management | Executive Communication | IOCs401k plan with matching | Comprehensive health care and wellness plans | Education assistance programs | Flexible spending accounts | Paid HolidaysSenior-level Full TimeColorado Springs, United States5d ago
-
Incident Response Analyst - Lead USD 98K-154KDigital forensics | Incident Response | Log Analysis | Malware analysis | Network Security401k plan | Continuing education | Dental insurance | Employee assistance program | Flexible spending accountSenior-level Full TimeSan Jose, CA, United States6d ago
-
Cybersecurity Operations Center of Excellence (Onsite) USD 132K-251K800-53 | Classified systems | Cybersecurity | IAM | Implementation guide401k match | Dental insurance | Employee assistance program | Health insurance | HolidaysSenior-level Full TimeUS-CT-EAST HARTFORD-ETC ~ 400 Main St …6d ago
-
Lead Security Specialist USD 130K-183K800-53 | Configuration Management | DD254 | DISS | EMASSCollaborative work environment | Competitive benefits | Professional developmentSenior-level Full TimePeebles, United States6d ago
-
Site Reliability Engineering (SRE) Tech Lead USD 250K-280KAWS | Anomaly Detection | Argo CD | CI/CD | Distributed Systems401k | Dental coverage | Equity | Flexible paid time off | HealthcareSenior-level Full TimePalo Alto, California, USa6d ago
-
Senior-level Full TimeArlington, VA6d ago
-
Risk Management Framework (RMF) Lead USD 86K-138K800-37 | 800-53 | Authorization | Continuous Monitoring | Control ValidationSenior-level Full TimeHerndon, VA, United States7d ago
-
SOC Shift Lead USD 104K-166KAlert triage | Detection engineering | EDR | Evidence collection | Incident ResponseSenior-level Full TimeHerndon, VA, United States7d ago
-
Intrusion Detection Team Lead - 4th shift USD 108K-150KAccess Control List | Computer Systems | Computer networks | Firewall Access Control List | Firewall accessCorporate discounts | Employee Assistance Program (EAP) | Flexible work environment | Internal mobility program | Learning & development platformSenior-level Full TimeWashington, D.C., DC, United States7d ago