Incident Response Lead

Job Summary

A company is looking for a SOC Incident Response Lead NXTG.

Key Responsibilities

• Direct and execute the full incident response lifecycle, including detection, analysis, containment, eradication, recovery, and post-incident improvement
• Lead investigations for high-severity incidents and maintain situational awareness while providing updates to stakeholders
• Enhance incident response playbooks and lead incident readiness activities such as tabletop exercises and threat hunt planning

Required Qualifications

• 10-12 years of hands-on cybersecurity experience within a SOC, with at least 6 years in incident response or DFIR roles
• Demonstrated ability to lead major incidents affecting cloud infrastructure, particularly AWS
• Strong command of digital forensics methodologies, log and SIEM analysis, and EDR platforms
• Deep familiarity with MITRE ATT&CK, NIST SP 800-61, and cyber kill chain frameworks
• U.S. Citizenship and ability to obtain Public Trust 6C