Incident Response (IR) Tech Lead
Tasks
- Acquire and analyze disk images and volatile data
- Analyze suspicious emails websites and downloads
- Categorize security incidents with analytics and correlation
- Conduct digital forensics across host network cloud and mobile
- Coordinate enterprise incident response teams
- Coordinate incident tasks across IR team
- Create detection signatures and automate response workflows
- Develop SIEM content and correlation algorithms
- Develop and enhance detection and response processes
- Develop containment, eradication, and recovery plans
- Ensure investigations meet NIST SP 800 86
- Escalate complex incidents and mentor analysts
- Evaluate and integrate security tools
- Improve IR processes from exercises and real world events
- Lead incident response tabletop exercises
- Lead research on new security technologies
- Lead significant incident response
- Lead threat hunting against advanced persistent threats
- Monitor alerts using SIEM and cloud security tools
- Oversee incident triage and scope
- Perform malware analysis and reverse engineering
- Provide executive incident summaries
- Support insider threat investigations
- Write after action reports and lessons learned
Perks/Benefits
Skills/Tech-stack
Advanced Persistent Threats | Automation and response | Computer Networking | Correlation Analytics | Data Analysis | Digital forensics | Disk imaging | Executive reporting | Incident Response | Insider Threat | Malware analysis | NIST SP | NIST SP 800 | NIST SP 800-86 | Network Traffic | Network Traffic Analysis | Operating Systems | Persistent threats | Reverse Engineering | SIEM | SOAR | Security Orchestration | Security Orchestration Automation | Security Orchestration Automation and Response | Threat detection | Threat hunting | Ticket management | Traffic analysis | Volatile data analysis
Education
Related jobs
-
Crisis management | Cybersecurity Framework | EDR | Incident Response | NDRSenior-level ContractAmerica, United States Of America21h ago
-
GRC Program Lead USD 93K-131K800-171 | Audit management | Business Continuity | CMMC Level 2 | Disaster Recovery401k match | Career development opportunities | Dental insurance | Disability insurance | Employee resource groupsSenior-level Full TimeBaltimore, MD, United States1d ago
-
Behavior analytics | Cyber Threat | Cyber Threat Mitigation | Cybersecurity Framework | Data Loss PreventionExecutive-level Full TimeNew York, United States2d ago
-
Authorization and Accreditation Lead USD 130K-201K800-171 | 800-53 | Access Review | Continuous Monitoring | Cybersecurity complianceSenior-level Full TimeMcLean, VA2d ago
-
Manager, Security Engineering (Corporate Systems) USD 102K-138KAI | AWS | Access Management | Agile | AntivirusCommunication stipend | Education budget | Healthcare | Paid time off | Parental leaveMid-level Full TimeRaleigh, North Carolina, United States R2d ago
-
SOC Team Lead USD 131K-166KCause analysis | Correlation searches | Data Ingestion | Digital forensics | EDRFederal compliance focused work environment | Secret security clearance eligibility requiredSenior-level Full TimePortland, OR, United States2d ago
-
Lead Artificial Intelligence Cyber Security Engineer USD 100K-150KAPI Development | Agile | AngularJS | Anomaly Detection | Artificial IntelligenceHybrid workstyleSenior-level Full TimeFL - Saint Petersburg - 880 …3d ago
-
Access Management | Authentication | Automation | CNAPP | Cloud Security401k plan | Commuter benefits | Disability benefits | Life insurance | Paid time offSenior-level Full Time141278-NC-CIC Customer Information Ctr, United States3d ago
-
Lead Cyber Security Engineer USD 104K-150K800-171 | AWS | Access Management | Azure | Blue TeamComprehensive benefits eligible day oneSenior-level Full TimeVan Andel Research Institute, United States3d ago
-
Lead Engineer - Incident Response Engineering USD 132K-238KActive Directory | Artifact collection | Behavioral analytics | Data Pipelines | Incident Response401k | Employee discount | Health benefits | Long-term disability | Paid national holidaysSenior-level Full Time7000 Target Pkwy N,NCD-0375 Brooklyn Park,MN …3d ago
-
Security Operations Team Lead USD 99K-166KAccess Control | Customs Trade Partnership Against Terrorism | Data Analysis | Employee training | Evidence collectionEmployee resource groups | Flexible family care days | Medical, dental & vision coverage | Paid Holidays | Paid parental leaveSenior-level Full TimeMemphis, TN, United States5d ago
-
GRC and CMMC Assessment Lead - Senior Manager USD 120K-187K800-171 | 800-172 | 800-53 | CIS Controls | CMMCCareer growthSenior-level Full TimeUnited States6d ago
-
Cyber Security Operations Cell (CSOC) Night Shift Lead USD 112K-140KArtificial Intelligence | Cloud Security | Cyber Security | Cyber Security Risk | Cyber Security Risk AnalysisSenior-level Full TimeUSA FL MacDill AFB - 7115 …6d ago
-
Senior-level Full TimePlano, Texas, United States6d ago
-
Lead Cyber Operations Engineer USD 63K-240KAgentic AI | Amazon Web Services | Attack Simulation | Authentication and Identity | Authentication and identity management401k match | Comprehensive Medical Dental and Mental Health Benefits | Equity | Flexible time off | Paid volunteer daysSenior-level Full TimeOffice - USA - Utah, Pleasant …6d ago
-
Network Reliability Engineering Lead USD 190K-225KAWS | Ansible | Application Firewall | CASB | CIS Controls401k matching | Dental insurance | Employee assistance program | Health insurance | Life insuranceSenior-level Full TimeZionsville Office, United States6d ago
-
Lead Engineeer - Threat Hunting & Countermeasures USD 132K-238KAnomaly Detection | Bash | Batch Processing | Behavioral Modeling | BigQuery401k | Comprehensive health benefits | Employee discount | Long-term disability | Paid national holidaysSenior-level Full Time7000 Target Pkwy N,NCD-0375 Brooklyn Park,MN …7d ago
-
Lead CyberSecurity Engineer USD 119K-258KAlation | BigID | Cloud apps | Data Classification | Data GovernanceHybrid work | In-person collaboration | Work-life balanceSenior-level Full TimeAlpharetta, GA, United States7d ago
-
Lead Engineer – Cyber Visibility UI Development USD 132K-238KAPM | Asynchronous processing | Bull | CI/CD | ContainerizationSenior-level Full Time7000 Target Pkwy N,NCD-0375 Brooklyn Park,MN …8d ago
-
Cybersecurity Lead USD 107K-172K800-53 | CDM | Continuous Monitoring | Cybersecurity | Cybersecurity FrameworkSenior-level Full TimeOak Ridge, TN, United States8d ago
-
Security Operations Lead USD 160K-170KBlue Team | Cybersecurity | Firewall | Incident Response | Intrusion DetectionSenior-level Full TimeGreat Neck, New York, United States8d ago
-
Tier 2 Cyber Incident Response Team (CIRT) Shift Lead USD 135K-216KAPT | Advanced persistent threat | Automation Response | Bash | Cloud SecuritySenior-level Full TimeBeltsville, MD, United States8d ago
-
Lead, Data Center Security Operations (North America) USD 405K-405KIncident Response | Operating procedures | Physical Security Audit | Physical security | Risk ManagementFlexible working hours | Generous vacation | Hybrid work policy | Onsite Work 25 Percent | Parental leaveSenior-level Full TimeSan Francisco, CA | New York …9d ago
-
Principal Lead Analyst, Detection & Response Team (DART) USD 168K-195KAPI Integration | AWS | Azure | Cloud Incident Response | Detection engineering401k match | Company bonus eligibility | Employee assistance program | Hybrid work policy | Medical/Dental/Vision insuranceSenior-level Full Time2919 Allen Parkway, Houston, TX, United …9d ago
-
Senior Manager, Security Engineering USD 230K-240KApplication Security | Cloud Security | Code review | Development Lifecycle | Incident ResponseAnnual company closure | Bereavement leave | Federal Holidays | Flexible PTO | Learning subsidySenior-level Full TimeRemote - US R9d ago