Cyber Security Incident Response Leader - Philly
Philadelphia, PA
Hybrid
Full Time
$150k - $200k
Cyber Security Incident Response Leader
As a Cyber Security Incident Response Leader, you will manage the daily operations of the Security Incident Response Team, ensuring all security incident processes align with industry and company standards. You’ll be responsible for leading complex cyber security projects from design to implementation, monitoring, and responding to critical cybersecurity incidents, as well as driving operational and financial objectives.
This position is hybrid 4 days a week on-site in their Philly location.
As a Cyber Security Incident Response Leader, you will manage the daily operations of the Security Incident Response Team, ensuring all security incident processes align with industry and company standards. You’ll be responsible for leading complex cyber security projects from design to implementation, monitoring, and responding to critical cybersecurity incidents, as well as driving operational and financial objectives.
This position is hybrid 4 days a week on-site in their Philly location.
Key Responsibilities:
- Lead the Security Incident Response Team's daily operations and serve as the incident commander for major incidents.
- Communicate incident status clearly to key stakeholders, including Cyber Security, Operations, Legal, and Communications teams.
- Partner with other monitoring, detection, and response functions to ensure comprehensive coverage.
- Own and maintain essential documentation for significant incidents.
- Mentor and support the development of a highly technical incident response team.
- Drive the development of key metrics, KPIs, and reports for continuous improvement.
- Lead the creation and development of a strategic roadmap, enhancing the program’s capabilities.
Required Skills & Qualifications:
- 10+ years of experience in Cyber Security, with at least 5 years focused on leading large-scale incident investigations.
- At least 3 years of leadership or management experience within a Security Operations team.
- Proven experience in incident investigation, including the ability to present complex technical findings to both technical and business audiences.
- In-depth understanding of the Incident Response process and the ability to lead discussions across business units during the incident lifecycle.
- Familiarity with major threat actor groups, their tactics, techniques, and procedures (TTPs).
- Proficiency with enterprise-grade endpoint and network defense tools.
- Experience working with logging technologies and handling large data sets.
- Knowledge of major cloud platforms (AWS, Azure, GCP) and their security challenges.
- Ability to mentor and develop team members with varying skill levels.
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.