Added
12 days ago
Type
Full time
Salary
Upgrade to Premium to se...
Related skills
cloud security operations incident response hybrid soarπ Description
- Act as U.S. escalation lead / incident commander for high-severity incidents.
- Lead cross-functional response with CIRT, infra, cloud, identity, legal, and stakeholders.
- Provide executive-ready briefings and situational updates during active incidents.
- Ensure post-incident reviews translate into remediation and program improvements.
- Perform advanced investigations across endpoint, network, cloud, SaaS, and on-prem telemetry.
- Develop investigative narratives: attacker objectives, sequence of actions, assets, and residual risk.
π― Requirements
- 6+ years in Incident Response, Security Operations, or Blue Team roles, including leading high-severity incidents end-to-end.
- Proven ability to serve as escalation lead and incident commander, calm and decisive under pressure.
- Strong communication skills: translate complex technical details into clear, actionable updates for executives and stakeholders.
- Experience operating in cloud-forward enterprises, including hybrid environments spanning SaaS, cloud-native workloads, and on-prem systems.
- Strong familiarity with MITRE ATT&CK and applying it to investigative thinking, readiness planning, and validation priorities.
- Experience designing, using, or validating automated response workflows (SOAR) and promoting safe automation patterns.
π Benefits
- Equal opportunity employer.
- In-office role based in New York or Boston (5 days per week).
- Hybrid, cloud-first operating model with MSSP and internal teams.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!