Incident Response (IR) Tech Lead
Tasks
- Acquire and analyze disk images and volatile data
- Analyze suspicious emails websites and downloads
- Categorize security incidents with analytics and correlation
- Conduct digital forensics across host network cloud and mobile
- Coordinate enterprise incident response teams
- Coordinate incident tasks across IR team
- Create detection signatures and automate response workflows
- Develop SIEM content and correlation algorithms
- Develop and enhance detection and response processes
- Develop containment, eradication, and recovery plans
- Ensure investigations meet NIST SP 800 86
- Escalate complex incidents and mentor analysts
- Evaluate and integrate security tools
- Improve IR processes from exercises and real world events
- Lead incident response tabletop exercises
- Lead research on new security technologies
- Lead significant incident response
- Lead threat hunting against advanced persistent threats
- Monitor alerts using SIEM and cloud security tools
- Oversee incident triage and scope
- Perform malware analysis and reverse engineering
- Provide executive incident summaries
- Support insider threat investigations
- Write after action reports and lessons learned
Perks/Benefits
Skills/Tech-stack
Advanced Persistent Threats | Automation and response | Computer Networking | Correlation Analytics | Data Analysis | Digital forensics | Disk imaging | Executive reporting | Incident Response | Insider Threat | Malware analysis | NIST SP | NIST SP 800 | NIST SP 800-86 | Network Traffic | Network Traffic Analysis | Operating Systems | Persistent threats | Reverse Engineering | SIEM | SOAR | Security Orchestration | Security Orchestration Automation | Security Orchestration Automation and Response | Threat detection | Threat hunting | Ticket management | Traffic analysis | Volatile data analysis
Education
Related jobs
-
Regional Security Operations Lead, Cloud USD 171K-257KAccess Control | Crisis management | Critical Infrastructure | Critical Infrastructure Protection | CybersecurityTravelSenior-level Full TimeGuam9h ago
-
Team Lead, Solution Architecture (OCTO Scanning) - US USD 220K-240KAWS | Azure | Cloud Security | Cloud platform | Data AnalysisDental insurance | Health insurance | Life insurance | Long-term disability | Office setup reimbursementSenior-level Full TimeNew York, NY, US R20h ago
-
800-53 | ACAS | Cybersecurity | EMASS | Information Assurance401k plan | Dental insurance | Employee assistance program | Flexible savings account | Health savings accountSenior-level Full TimeWashington, DC, United States R1d ago
-
Lead IT Security Auditor USD 100K-145KAccess Management | Application Security | Control Evaluation | Control Testing | Cybersecurity Risk AssessmentSenior-level Full TimeCleveland, OH, United States1d ago
-
Penetration Testing Lead USD 150K-170K800-53 | Incident Response | NIST 800 | NIST 800-53 | Penetration Testing401k matching | Dental insurance | Flexible spending accounts | Health insurance | Paid HolidaysSenior-level Full TimeWashington, DC, US1d ago
-
Audit Support | Cloud Security | Continuous Assessment | Continuous Monitoring | Cybersecurity Risk AnalysisSenior-level Full TimeWashington, DC, United States1d ago
-
Cybersecurity Analyst Team Lead USD 107K-165KACAS | Activity monitoring | Continuous Monitoring | Credentialed Scanning | DISA STIGSenior-level Full TimeCharleston, SC, United States1d ago
-
Access Management | Authentication and directory services | Automation | Business Continuity | CNAPP401k plan | Accident insurance | Adoption reimbursement | Commuter benefits | Critical caregiving leaveSenior-level Full Time141278-NC-CIC Customer Information Ctr, United States1d ago
-
Lead Cloud Platform Engineer USD 120K-130KAWS CloudFormation | AWS Config | AWS Control Tower | AWS IAM | Active DirectoryAfter hours incident support | On-call rotation | Team mentorship | TravelSenior-level Full TimeUnited States - Ohio, United States1d ago
-
Risk-Based Asset Management Lead (RBAM) USD 145K-203KAWS | Agile | Amazon RDS | Audit Logging | Azure401k match | Bereavement leave | Company laptop | Dental insurance | Disability insuranceSenior-level Full TimeMaryland2d ago
-
Cyber Threat Intelligence Team Lead USD 160K-185KCrowdStrike | Cyber Threat | Cyber Threat Intelligence | Cybersecurity Framework | Digital forensics401 K Retirement | Dental benefits | Disability benefits | Employee assistance program | FSASenior-level Full TimeSan Francisco, California, United States - … R2d ago
-
Cyber Security Program Delivery Lead USD 105K-243KAccess Management | Critical Path management | Critical path | Dependency management | Executive reportingFlexible work arrangements | Health and wellbeing benefits | Inclusion programs | Professional development programsSenior-level Full TimeFrisco, Texas, United States of America2d ago
-
Cyber Security Program Delivery Lead USD 105K-243KAccess Management | BeyondTrust | Critical path | Critical path analysis | CyberArkHealth benefits | Inclusion programs | Professional development opportunitiesSenior-level Full TimeFrisco, Texas, United States of America2d ago
-
Cyber Security Program Delivery Lead USD 105K-243KAccess Management | Critical path | Dependency management | Executive reporting | GovernanceSenior-level Full TimeFrisco, Texas, United States of America2d ago
-
Cyber Threat Intelligence & Data Manager, Top Secret USD 170K-230KAI machine learning | Cyber Kill Chain | Cyber Threat | Cyber Threat Intelligence | Dashboards401k match | Career growth | Flex work weeks | Health and wellness benefits | Hybrid work scheduleSenior-level Full TimeUSA VA Herndon - 13857 Mclearen …3d ago
-
Vulnerability Management Lead, Top Secret USD 170K-230KAI red teaming | Adversary Emulation | Anomaly Detection | Application Scanning | Blue TeamingSenior-level Full TimeUSA VA Herndon - 13857 Mclearen …3d ago
-
Remediation and Mitigation Lead, Top Secret USD 170K-230KAI threat intelligence | Countermeasure development | Cyber Threat | Cyber Threat Intelligence | Deception Operations401k match | Career growth | Health and wellness benefits | Paid vacation and holidays | Professional developmentSenior-level Full TimeUSA VA Herndon - 13857 Mclearen …3d ago
-
Senior-level Full TimeRemote, United States R5d ago
-
Cybersecurity And Network Operations Lead USD 120K-150KAntivirus | Breach prevention | CIS Controls | DHCP | DNSSenior-level Full TimeMorrisville, NC, US, 275605d ago
-
Cybersecurity M&A Lead USD 156K-260K800-171 | 800-53 | 800-82 | AI for Cybersecurity | Access ManagementProfessional development | Remote work optionsSenior-level Full TimeRemote, United States R5d ago
-
Predictive Analytics and Early Detection Lead USD 109K-170KAnomaly Detection | Dashboard Development | Data Analysis | Data Anomaly | Data Anomaly DetectionSenior-level Full TimeAuburn Hills, MI, United States6d ago
-
Cybersecurity Lead USD 122K-231KAccess Management | Azure CLI | Azure Policy | CIS | Cloud apps401k match | Commute options | Continuing education reimbursements | Dental insurance | Disability insuranceSenior-level Full TimeHouston, United States6d ago
-
Senior Cybersecurity Support Lead W/Secret Clearance USD 110K-145KACAS | EMASS | HBSS | Incident Response | Navy CyberSenior-level Full TimeNorfolk, VA, United States6d ago
-
Lead Cybersecurity USD 165K-237KApplication Security | Cybersecurity | Encryption | Ethical Hacking | Network sniffing401k plan | Adoption reimbursement | Employee assistance program | Employee wellness programs | Life insuranceSenior-level Full TimeUSA:TX:Plano / W Plano Pkwy - …6d ago
-
Lead Cybersecurity USD 160K-215KAWS | Access Control | Authentication | Azure | Cloud Networking401k plan | Adoption reimbursement | Disability benefits | Employee assistance programs | Employee discountsSenior-level Full TimeUSA:TX:Plano / W Plano Pkwy - …6d ago