CrawlJobs Logo

Cybersecurity Incident Response Coordinator

https://www.microsoft.com/ Logo

Microsoft Corporation

Location Icon

Location:
United States , Multiple Locations

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

119800.00 - 234700.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Microsoft Incident Response Team - Detection and Response Team (DART) are seeking a skilled and experienced Cybersecurity Incident Response Coordinator to join our team - DART is the first port of call for many customers during a security incident. This pivotal, customer-facing position calls for a tactical and agile leader and influencer, one who is adept at managing complex cybersecurity incidents, fostering synergistic teamwork across multifaceted groups and ensuring the effective staffing and resolution of both proactive and reactive deliveries.

Job Responsibility:

  • Scope customer engagements as part of pre-engagement activities, including assessing client needs, defining desired outcomes, and estimating resources and timelines to ensure a successful delivery.
  • Oversee escalation pathways ensuring timely responses, directing issues to the appropriate delivery teams, monitoring progress to resolution, and raising matters to leadership, when necessary, especially in cases of urgent and sensitive nature.
  • Collaborate closely with delivery teams to manage and resolve customer escalations promptly and effectively, ensuring customer satisfaction and maintaining delivery timelines.
  • Oversee staffing and capacity planning for engagements and special event support, ensuring the appropriate allocation of resources to meet demand and client needs effectively.
  • Fulfill on-call duties on a scheduled rotation, inclusive of weekends and holidays.
  • Manage and document the implementation of incident management frameworks and procedures.
  • Collaborate with internal teams, including Legal, Security Research, Product Groups, and others, to address and resolve emerging issues.
  • Ensure operational processes maintain alignment with business objectives.
  • Track the status of operational activities, ensuring schedules and priorities are met.
  • Manage daily and weekly communication and status reporting proactively.
  • Lead daily and weekly standup meetings and follow up on meeting minutes and action items.
  • Identify trends in customer activity that may require an adjustment in operational engagement
  • Following Microsoft policies, compliance, and procedures (e.g., Enterprise Services Authorization Policy, Standards of Business Conduct, labor logging, expenses, travel guidelines).
  • Completing operational tasks and readiness with timeliness and accuracy.
  • Leading by example and guiding team members on operational tasks, readiness, and compliance.
  • Exercising rigor in meticulous data tracking and concise, detailed communications

Requirements:

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
  • Flexibility to work shifts, including assignments during non-standard business hours that may include evening, nighttime, weekends, and/or holidays.
  • 2+ years of hands-on experience with Active Directory, Entra ID, or other enterprise identity platforms and/OR 2+ years threat hunting, windows forensics OR 2+ years pentesting experience
  • 1+ years ability to script or automate tasks using PowerShell or similar tools or 1+ years KQL experience
  • Experience in high pressure reactive incident response environments where customers are experiencing a potentially business-ending event and your evidence-driven plans of action dictate their next steps.
  • Security Certifications in any of the following: OSCP, CISSP, SANS Certifications, SC Certifications from Microsoft.
  • Experience working with methods utilized for evidence collection, maintenance of chain of custody and associated documentation, evidence storage and analysis, and evidentiary reporting.
  • Seasoned expertise in Incident Management or the Incident Response sector, with a focus on enhancing the efficacy and efficiency of incident management operations.
  • Resilience under stress, coupled with a readiness to occasionally operate beyond standard business hours to assist with incidents.
  • Effective interpersonal and communication abilities, conducive to productive collaboration within diverse team structures.
  • Proactive approach in initiating actions and advocating for improvements to establish more streamlined and effective incident management processes

Nice to have:

  • Doctorate in Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience

Additional Information:

Job Posted:
March 20, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Microsoft Corporation - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cybersecurity Incident Response Coordinator

Principal Cybersecurity Incident Response Analyst

Principal Cybersecurity Incident Response Analyst role at HPE's Cyber Defense Ce...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • Typically 8+ years of relevant experience
  • SOC team/Incident response/Advanced threat analyst experience is required
  • Proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • Extensive understanding of adversary tactics, techniques, and procedures (TTPs)
  • Extensive Cyber and IT security knowledge
  • Extensive understanding of Cyber and IT security risks, best practices, threats and prevention measures
  • Extensive understanding of SQL and relevant scripting languages
  • Extensive data security system analysis skills
  • Extensive risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most severe and complex cybersecurity incidents
  • Guide cross-functional teams through containment, eradication, and recovery
  • Provide executive-level oversight and decision-making during critical incidents
  • Effectively analyze associated logs and respond to high severity incidents
  • Contribute to the company's security response methods
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies
  • Foster a culture of continuous improvement and innovation
  • Provide insight and guidance through after action reviews
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Incident Response Analyst

You will work as a Senior Cybersecurity Incident Response Analyst as part of Hew...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • typically 4+ years of relevant experience
  • SOC team/Incident response analyst experience is required
  • proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • advanced understanding of adversary tactics, techniques, and procedures (TTPs)
  • advanced Cyber and IT security knowledge
  • advanced understanding of Cyber and IT security risks, best practices, threats and prevention measures as well as containment and remediation actions
  • advanced understanding of SQL and relevant scripting languages
  • advanced data security system analysis skills
  • advanced risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery
  • analyze associated logs and respond to high severity incidents
  • suggest automation opportunities to enhance IR
  • mentor and provide technical guidance to less experienced cybersecurity professionals
  • stay at the forefront of cybersecurity trends, threats, and technologies
  • foster a culture of continuous improvement and innovation
  • encourage the adoption of new technologies and methodologies
  • provide insight and guidance through after action reviews working with stakeholders.
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • programs for professional and personal career development
  • unconditional inclusion and flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Incident Response and SOC Analyst

The role supports the Cyber Security Operations Centre for the EU critical infra...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong incident response methodology and hands-on experience in end-to-end incident handling in multinational settings
  • Advanced knowledge of XSOAR playbook creation and automation
  • Proficiency in designing and adapting automated workflows and enrichment
  • Python programming skills
  • Ability to present technical and business information effectively to diverse EC stakeholders
  • High standards for incident documentation, KPI reporting, and compliance with security frameworks
  • Familiarity with cloud-native services (AWS, Azure), EDR, SIEM-SOAR platforms, and container security
  • Excellent communication skills for working in multicultural teams and liaising with technical and non-technical audiences
  • Certifications or experience in relevant security technologies (e.g., Palo Alto Cortex XSOAR, Splunk, Microsoft SC-200, AWS Security Specialty)
  • Level 6 European Qualification Framework (Bachelor's degree or higher) for senior profiles
Job Responsibility
Job Responsibility
  • Define incident handling procedures, automation requirements, and playbook logic aligned with the needs
  • Prepare incident response workflows, automated enrichment steps, and technical documentation for standardized alert handling
  • Handle cybersecurity incidents from detection through escalation, containment, and resolution
  • Develop and maintain XSOAR playbooks, integrations, and automations across platforms such as Splunk, AWS, Azure Sentinel, Carbon Black Cloud, and Sysdig
  • Coordinate and review playbook updates, incident reports, and cross-team collaboration
  • Report key performance metrics, including FPTP rate, MTTH, escalation rate, automation coverage, time saved, and error reductions
  • Assist training analysts on playbook usage and incident response methods
  • Collaborate with CSIRC, CATCH analysts, infrastructure teams, and external stakeholders to validate playbook coverage and share threat intelligence.
What we offer
What we offer
  • Mobility options (including a company car)
  • Insurance coverage
  • Meal vouchers
  • Eco-cheques
  • Continuous learning opportunities through the Sopra Steria Academy
  • Participation in team events.
  • Fulltime
Read More
Arrow Right

Blue Team Coordinator

We are looking for a Blue Team Coordinator to lead and work closely with the cyb...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in cybersecurity team coordination, especially in Blue Team environments
  • Strong knowledge of security architecture, incident response, threat hunting, and security automation
  • Experience with ticketing and workflow solutions, such as Remedy
  • Relevant certifications such as ITIL, ISO27001, CEH, BTL1, CompTIA Security+
  • Strong leadership and communication skills in multidisciplinary environments
  • Strategic mindset and results-oriented
  • Proactive, collaborative, and committed to continuous improvement
Job Responsibility
Job Responsibility
  • Lead the team in monitoring, detection, and response to security incidents
  • Inspire, guide, and develop team members, fostering a collaborative and continuous learning environment
  • Oversee operations in SIEMs such as Rapid7/InsightIDR, QRadar, FortiSIEM, and Microsoft Sentinel, as well as security tools like EDR, SOAR, Firewalls, IDS/IPS
  • Define and review playbooks, policies, and performance metrics, ensuring ongoing process improvement
  • Directly support critical investigations, conducting technical analysis and strategic decision-making alongside the team
  • Fulltime
Read More
Arrow Right

Blue Team Coordinator

We are looking for a Blue Team Coordinator to lead and work closely with the cyb...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in cybersecurity team coordination, especially in Blue Team environments
  • Strong knowledge of security architecture, incident response, threat hunting, and security automation
  • Experience with ticketing and workflow solutions, such as Remedy
  • Relevant certifications such as ITIL, ISO27001, CEH, BTL1, CompTIA Security+
  • Strong leadership and communication skills in multidisciplinary environments
  • Strategic mindset and results-oriented
  • Proactive, collaborative, and committed to continuous improvement
Job Responsibility
Job Responsibility
  • Lead the team in monitoring, detection, and response to security incidents
  • Inspire, guide, and develop team members, fostering a collaborative and continuous learning environment
  • Oversee operations in SIEMs such as Rapid7/InsightIDR, QRadar, FortiSIEM, and Microsoft Sentinel, as well as security tools like EDR, SOAR, Firewalls, IDS/IPS
  • Define and review playbooks, policies, and performance metrics, ensuring ongoing process improvement
  • Directly support critical investigations, conducting technical analysis and strategic decision-making alongside the team
  • Fulltime
Read More
Arrow Right

Security Incident Management Analyst

The Security Incident Management Analyst is an intermediate level position respo...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Relevant professional certifications issued by GIAC, AWS, etc., preferably GCCC, GCIH, CEH, ECSA
  • General Industry knowledge of reporting obligations pertaining to local and national laws and regulatory bodies such as OCC, SEC, ECB, MAS
  • Working knowledge of common security models (Defense-in-Depth) and frameworks (MITRE Attack, Cyber Kill Chain, STIX)
  • Working knowledge of VERIS taxonomy
  • Working knowledge of OSI model
  • Working knowledge of security and/or incident response in cloud environments
  • Working knowledge of software development best practices, including agile methods
  • Familiar with Atlassian tools
  • Previous experience working in highly regulated environment
  • Previous experience in a fusion center and/or exposure to large scale incident response
Job Responsibility
Job Responsibility
  • Work as part of a best in class ‘follow the sun’ security incident response team
  • Lead and manage incident response activities to ensure that requisite triage, containment, and eradication are completed within targeted timeframes
  • Ensure that the security incident record is complete, accurate and fit for purpose
  • Collect and analyze evidence including investigative findings and prepare to coordinate with internal and external compliance and audit personnel
  • Execute incident response meetings and communicate complex security topics
  • exhibit good judgment and discretion when initiating escalations to all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed by appropriate selection
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing information security standards to align procedures and practices in pursuit of compliance with Citigroup standards
  • Validate compliance with information security policies, practices, and procedures, and resolve a variety of information security related issues in coordination with the relevant business(es)
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Consultant

Join Our Expert Team. We are seeking a skilled Senior Cyber Security Consultant ...
Location
Location
Austria , Vienna
Salary
Salary:
Not provided
alpenite.com Logo
Arsenalia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s degree in Computer Science, Cybersecurity, Engineering or similar fields
  • 6-8 years of experience in senior cybersecurity roles, with at least 3 years in technical leadership positions
  • Solid expertise in enterprise security architectures, zero-trust frameworks, and multi-cloud security (AWS, Azure, GCP)
  • Proven track record in managing enterprise security programs and coordinating incident response teams
  • Strong skills in analyzing advanced threats and designing defense-in-depth strategies
  • Excellent strategic coordination and executive-level communication
  • Fluent in English (C1/C2) with experience in international environments
  • Willingness to travel frequently and lead projects across multiple geographies
  • Strong results orientation, strategic mindset, and continuous innovation drive
Job Responsibility
Job Responsibility
  • Design and implement security solutions for multi-cloud and hybrid environments
  • Lead strategic threat analysis and large-scale vulnerability assessments to shape long-term security planning
  • Manage complex incidents and breaches, coordinating cross-functional teams and engaging with C-level stakeholders
  • Embed security-by-design into digital transformation programs and enterprise architectures
  • Define and apply governance frameworks aligned with international standards (ISO 27001, NIST, SOC2)
  • Build proactive threat intelligence and hunting strategies to stay ahead of emerging risks
  • Mentor junior and mid-level security professionals, fostering a strong security-first mindset
  • Represent Arsenalia in high-level technical and business contexts, acting as a trusted advisor to enterprise clients
What we offer
What we offer
  • Welfare Package: A comprehensive corporate welfare platform, offering a wide range of benefits and healthcare support
  • Worklife Kit: A complete welcome package with all essentials for day-to-day productivity, complemented by comprehensive benefits
  • digital meal vouchers and flexible reimbursement options
  • Empowering People: Engagement initiatives, team building, and mentoring programs
  • Open Space, Open Mind: Modern open-space offices and collaborative areas
  • Career Path: internal Changemaker Path methodology to grow key relational, communication, and leadership skills
  • Learning & Development: Continuous improvement programs, certification opportunities, and incentives
Read More
Arrow Right

Cybersecurity Incident Response Team Lead

The Cybersecurity Incident Response Team Lead is a leadership role responsible f...
Location
Location
United States , New York
Salary
Salary:
150000.00 - 185000.00 USD / Year
assessfirst.com Logo
Assessfirst
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Cybersecurity knowledge
  • Incident response
  • Regulatory compliance
  • Collaboration and teamwork
  • Training and development
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive security operations strategy aligned with the bank’s risk appetite and business objectives
  • Provide thought leadership on emerging cyber risks and recommend proactive measures to mitigate them
  • Serve as a trusted advisor to executive leadership, management committees, and the board on cyber risk issues
  • Define, maintain, and report operational metrics to evaluate Security Operations program performance, effectiveness, and adherence with organizational and regulatory requirements
  • Direct and manage Americas Cyber Security Incident Response Team (CSIRT) to ensure timely monitoring, detection, and response to threats
  • Lead the development and execution of the bank’s incident response plan and associated playbooks
  • Coordinate responses to security incidents, ensuring minimal impact and quick recovery
  • Establish and maintain a threat intelligence program to proactively identify and respond to emerging threats
  • Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities
  • Collaborate with IT and engineering teams to integrate security into systems and processes
  • Fulltime
Read More
Arrow Right