CrawlJobs Logo

Cybersecurity Incident Response Coordinator

https://www.microsoft.com/ Logo

Microsoft Corporation

Location Icon

Location:
United States , Multiple Locations

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

119800.00 - 234700.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Microsoft Incident Response Team - Detection and Response Team (DART) are seeking a skilled and experienced Cybersecurity Incident Response Coordinator to join our team - DART is the first port of call for many customers during a security incident. This pivotal, customer-facing position calls for a tactical and agile leader and influencer, one who is adept at managing complex cybersecurity incidents, fostering synergistic teamwork across multifaceted groups and ensuring the effective staffing and resolution of both proactive and reactive deliveries.

Job Responsibility:

  • Scope customer engagements as part of pre-engagement activities, including assessing client needs, defining desired outcomes, and estimating resources and timelines to ensure a successful delivery.
  • Oversee escalation pathways ensuring timely responses, directing issues to the appropriate delivery teams, monitoring progress to resolution, and raising matters to leadership, when necessary, especially in cases of urgent and sensitive nature.
  • Collaborate closely with delivery teams to manage and resolve customer escalations promptly and effectively, ensuring customer satisfaction and maintaining delivery timelines.
  • Oversee staffing and capacity planning for engagements and special event support, ensuring the appropriate allocation of resources to meet demand and client needs effectively.
  • Fulfill on-call duties on a scheduled rotation, inclusive of weekends and holidays.
  • Manage and document the implementation of incident management frameworks and procedures.
  • Collaborate with internal teams, including Legal, Security Research, Product Groups, and others, to address and resolve emerging issues.
  • Ensure operational processes maintain alignment with business objectives.
  • Track the status of operational activities, ensuring schedules and priorities are met.
  • Manage daily and weekly communication and status reporting proactively.
  • Lead daily and weekly standup meetings and follow up on meeting minutes and action items.
  • Identify trends in customer activity that may require an adjustment in operational engagement
  • Following Microsoft policies, compliance, and procedures (e.g., Enterprise Services Authorization Policy, Standards of Business Conduct, labor logging, expenses, travel guidelines).
  • Completing operational tasks and readiness with timeliness and accuracy.
  • Leading by example and guiding team members on operational tasks, readiness, and compliance.
  • Exercising rigor in meticulous data tracking and concise, detailed communications

Requirements:

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
  • Flexibility to work shifts, including assignments during non-standard business hours that may include evening, nighttime, weekends, and/or holidays.
  • 2+ years of hands-on experience with Active Directory, Entra ID, or other enterprise identity platforms and/OR 2+ years threat hunting, windows forensics OR 2+ years pentesting experience
  • 1+ years ability to script or automate tasks using PowerShell or similar tools or 1+ years KQL experience
  • Experience in high pressure reactive incident response environments where customers are experiencing a potentially business-ending event and your evidence-driven plans of action dictate their next steps.
  • Security Certifications in any of the following: OSCP, CISSP, SANS Certifications, SC Certifications from Microsoft.
  • Experience working with methods utilized for evidence collection, maintenance of chain of custody and associated documentation, evidence storage and analysis, and evidentiary reporting.
  • Seasoned expertise in Incident Management or the Incident Response sector, with a focus on enhancing the efficacy and efficiency of incident management operations.
  • Resilience under stress, coupled with a readiness to occasionally operate beyond standard business hours to assist with incidents.
  • Effective interpersonal and communication abilities, conducive to productive collaboration within diverse team structures.
  • Proactive approach in initiating actions and advocating for improvements to establish more streamlined and effective incident management processes

Nice to have:

  • Doctorate in Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience

Additional Information:

Job Posted:
March 20, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Microsoft Corporation - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cybersecurity Incident Response Coordinator

Principal Cybersecurity Incident Response Analyst

Principal Cybersecurity Incident Response Analyst role at HPE's Cyber Defense Ce...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • Typically 8+ years of relevant experience
  • SOC team/Incident response/Advanced threat analyst experience is required
  • Proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • Extensive understanding of adversary tactics, techniques, and procedures (TTPs)
  • Extensive Cyber and IT security knowledge
  • Extensive understanding of Cyber and IT security risks, best practices, threats and prevention measures
  • Extensive understanding of SQL and relevant scripting languages
  • Extensive data security system analysis skills
  • Extensive risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most severe and complex cybersecurity incidents
  • Guide cross-functional teams through containment, eradication, and recovery
  • Provide executive-level oversight and decision-making during critical incidents
  • Effectively analyze associated logs and respond to high severity incidents
  • Contribute to the company's security response methods
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies
  • Foster a culture of continuous improvement and innovation
  • Provide insight and guidance through after action reviews
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Incident Response Analyst

You will work as a Senior Cybersecurity Incident Response Analyst as part of Hew...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • typically 4+ years of relevant experience
  • SOC team/Incident response analyst experience is required
  • proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • advanced understanding of adversary tactics, techniques, and procedures (TTPs)
  • advanced Cyber and IT security knowledge
  • advanced understanding of Cyber and IT security risks, best practices, threats and prevention measures as well as containment and remediation actions
  • advanced understanding of SQL and relevant scripting languages
  • advanced data security system analysis skills
  • advanced risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery
  • analyze associated logs and respond to high severity incidents
  • suggest automation opportunities to enhance IR
  • mentor and provide technical guidance to less experienced cybersecurity professionals
  • stay at the forefront of cybersecurity trends, threats, and technologies
  • foster a culture of continuous improvement and innovation
  • encourage the adoption of new technologies and methodologies
  • provide insight and guidance through after action reviews working with stakeholders.
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • programs for professional and personal career development
  • unconditional inclusion and flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Expert Security Analyst – Incident Coordinator

As an Expert Security Analyst – Incident Coordinator, you will take a leadership...
Location
Location
Netherlands , Veldhoven
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field
  • 7+ years experience in advanced cybersecurity roles
  • Experience working with stakeholders in a complex organization
  • Proven record of influencing upper management towards security best practices
  • Expertise in Security Monitoring, Log Analysis, and Threat Hunting
  • Deep knowledge of a wide range of domains such as Endpoint, Network, OT, Information and Cloud Security
  • Certifications – CISSP, GCIH, GCFA, CISM preferred
  • A Certificate of Good Conduct “Verklaring Omtrent het Gedrag (VOG)” is required
  • Possess a valid work permit for the Netherlands (preferred)
  • Legally authorized to access controlled technology as defined in the United States Export Administration Regulations
Job Responsibility
Job Responsibility
  • Security Monitoring – Actively monitor security alerts for malicious activity or anomalies, ensuring swift response
  • Incident Handling – Lead investigations into high-profile, complex, or advanced persistent threats (APTs)
  • Threat Hunting – Proactively search for hidden threats and improve detection capabilities
  • Incident Analysis – Correlate data across multiple sources to detect sophisticated attack patterns
  • Detection & Response Optimization – Develop advanced detection techniques and security automation strategies
  • Technology Leadership – Act as an SME for SecOps tools and threat domains
  • Mentorship & Training – Provide guidance and mentorship to analysts at all levels
  • Fulltime
Read More
Arrow Right

Incident Response and SOC Analyst

The role supports the Cyber Security Operations Centre for the EU critical infra...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong incident response methodology and hands-on experience in end-to-end incident handling in multinational settings
  • Advanced knowledge of XSOAR playbook creation and automation
  • Proficiency in designing and adapting automated workflows and enrichment
  • Python programming skills
  • Ability to present technical and business information effectively to diverse EC stakeholders
  • High standards for incident documentation, KPI reporting, and compliance with security frameworks
  • Familiarity with cloud-native services (AWS, Azure), EDR, SIEM-SOAR platforms, and container security
  • Excellent communication skills for working in multicultural teams and liaising with technical and non-technical audiences
  • Certifications or experience in relevant security technologies (e.g., Palo Alto Cortex XSOAR, Splunk, Microsoft SC-200, AWS Security Specialty)
  • Level 6 European Qualification Framework (Bachelor's degree or higher) for senior profiles
Job Responsibility
Job Responsibility
  • Define incident handling procedures, automation requirements, and playbook logic aligned with the needs
  • Prepare incident response workflows, automated enrichment steps, and technical documentation for standardized alert handling
  • Handle cybersecurity incidents from detection through escalation, containment, and resolution
  • Develop and maintain XSOAR playbooks, integrations, and automations across platforms such as Splunk, AWS, Azure Sentinel, Carbon Black Cloud, and Sysdig
  • Coordinate and review playbook updates, incident reports, and cross-team collaboration
  • Report key performance metrics, including FPTP rate, MTTH, escalation rate, automation coverage, time saved, and error reductions
  • Assist training analysts on playbook usage and incident response methods
  • Collaborate with CSIRC, CATCH analysts, infrastructure teams, and external stakeholders to validate playbook coverage and share threat intelligence.
What we offer
What we offer
  • Mobility options (including a company car)
  • Insurance coverage
  • Meal vouchers
  • Eco-cheques
  • Continuous learning opportunities through the Sopra Steria Academy
  • Participation in team events.
  • Fulltime
Read More
Arrow Right

Blue Team Coordinator

We are looking for a Blue Team Coordinator to lead and work closely with the cyb...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in cybersecurity team coordination, especially in Blue Team environments
  • Strong knowledge of security architecture, incident response, threat hunting, and security automation
  • Experience with ticketing and workflow solutions, such as Remedy
  • Relevant certifications such as ITIL, ISO27001, CEH, BTL1, CompTIA Security+
  • Strong leadership and communication skills in multidisciplinary environments
  • Strategic mindset and results-oriented
  • Proactive, collaborative, and committed to continuous improvement
Job Responsibility
Job Responsibility
  • Lead the team in monitoring, detection, and response to security incidents
  • Inspire, guide, and develop team members, fostering a collaborative and continuous learning environment
  • Oversee operations in SIEMs such as Rapid7/InsightIDR, QRadar, FortiSIEM, and Microsoft Sentinel, as well as security tools like EDR, SOAR, Firewalls, IDS/IPS
  • Define and review playbooks, policies, and performance metrics, ensuring ongoing process improvement
  • Directly support critical investigations, conducting technical analysis and strategic decision-making alongside the team
  • Fulltime
Read More
Arrow Right

Blue Team Coordinator

We are looking for a Blue Team Coordinator to lead and work closely with the cyb...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in cybersecurity team coordination, especially in Blue Team environments
  • Strong knowledge of security architecture, incident response, threat hunting, and security automation
  • Experience with ticketing and workflow solutions, such as Remedy
  • Relevant certifications such as ITIL, ISO27001, CEH, BTL1, CompTIA Security+
  • Strong leadership and communication skills in multidisciplinary environments
  • Strategic mindset and results-oriented
  • Proactive, collaborative, and committed to continuous improvement
Job Responsibility
Job Responsibility
  • Lead the team in monitoring, detection, and response to security incidents
  • Inspire, guide, and develop team members, fostering a collaborative and continuous learning environment
  • Oversee operations in SIEMs such as Rapid7/InsightIDR, QRadar, FortiSIEM, and Microsoft Sentinel, as well as security tools like EDR, SOAR, Firewalls, IDS/IPS
  • Define and review playbooks, policies, and performance metrics, ensuring ongoing process improvement
  • Directly support critical investigations, conducting technical analysis and strategic decision-making alongside the team
  • Fulltime
Read More
Arrow Right

Security Incident Management Analyst

The Security Incident Management Analyst is an intermediate level position respo...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Relevant professional certifications issued by GIAC, AWS, etc., preferably GCCC, GCIH, CEH, ECSA
  • General Industry knowledge of reporting obligations pertaining to local and national laws and regulatory bodies such as OCC, SEC, ECB, MAS
  • Working knowledge of common security models (Defense-in-Depth) and frameworks (MITRE Attack, Cyber Kill Chain, STIX)
  • Working knowledge of VERIS taxonomy
  • Working knowledge of OSI model
  • Working knowledge of security and/or incident response in cloud environments
  • Working knowledge of software development best practices, including agile methods
  • Familiar with Atlassian tools
  • Previous experience working in highly regulated environment
  • Previous experience in a fusion center and/or exposure to large scale incident response
Job Responsibility
Job Responsibility
  • Work as part of a best in class ‘follow the sun’ security incident response team
  • Lead and manage incident response activities to ensure that requisite triage, containment, and eradication are completed within targeted timeframes
  • Ensure that the security incident record is complete, accurate and fit for purpose
  • Collect and analyze evidence including investigative findings and prepare to coordinate with internal and external compliance and audit personnel
  • Execute incident response meetings and communicate complex security topics
  • exhibit good judgment and discretion when initiating escalations to all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed by appropriate selection
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing information security standards to align procedures and practices in pursuit of compliance with Citigroup standards
  • Validate compliance with information security policies, practices, and procedures, and resolve a variety of information security related issues in coordination with the relevant business(es)
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Analyst/ Lead Cybersecurity Analyst

We are looking for Senior Cybersecurity Analyst/ Lead Cybersecurity Analyst to j...
Location
Location
Poland , Katowice
Salary
Salary:
12000.00 - 16000.00 PLN / Month
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Advanced analysis of security incidents in onpremises and cloud environments
  • Ability to create monitoring content for SOC security tools
  • Coordinating incident response activities within the SOC and across other teams
  • Advanced skills in collecting and preserving digital evidence across operating systems
  • Understanding of advanced digital forensics techniques
  • Preparing clear and comprehensive incident reports for stakeholders
  • Integrating threat intelligence into incident analysis and response processes
  • Knowledge of incident response planning and strategy development
  • Awareness of legal and regulatory requirements for incident handling
  • Strong understanding of cloud platforms (e.g., AWS, Azure)
Job Responsibility
Job Responsibility
  • Independently conducting in-depth analysis of security incidents for on-premises and cloud infrastructure to identify root causes and potential mitigations
  • Create additional correlation, pivotal or monitoring content to support incident analysis and get updates on ongoing incidents
  • Coordinating incident response efforts within the Cybersecurity Operations Center and with other relevant teams
  • Collecting and preserving digital evidence for forensic analysis
  • Writing new playbooks if needed
  • Incident Reporting
  • Preparing comprehensive incident reports for management and stakeholders
  • Solving problems according to existing report planning
What we offer
What we offer
  • Luxmed
  • Medicover Sport
  • Worksmile
  • educational platforms
  • languages learning platform
  • referral bonus
  • life insurance
  • workation
  • certifications (paid by the company)
  • conferences
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy