CrawlJobs Logo
Assessfirst Logo Assessfirst · IT - Administration

Cybersecurity Incident Response Team Lead

United States, New York 150000.00 - 185000.00 USD / Year · Job Posted January 04, 2026
Apply Position
Job Link Share

Job Description

The Cybersecurity Incident Response Team Lead is a leadership role responsible for leading and enhancing the bank’s Security Operations strategy. The Cybersecurity Incident Response Lead will oversee the incident response and threat intelligence programs to safeguard critical assets and data. The ideal candidate will combine technical expertise, operational efficiency, and a strategic mindset to mitigate risks and ensure compliance with regulatory requirements. This role requires exceptional leadership, technical skills, and communication skills to drive cross-functional collaboration and instill a culture of security across the organization.

Job Responsibility

  • Develop and execute a comprehensive security operations strategy aligned with the bank’s risk appetite and business objectives
  • Provide thought leadership on emerging cyber risks and recommend proactive measures to mitigate them
  • Serve as a trusted advisor to executive leadership, management committees, and the board on cyber risk issues
  • Define, maintain, and report operational metrics to evaluate Security Operations program performance, effectiveness, and adherence with organizational and regulatory requirements
  • Direct and manage Americas Cyber Security Incident Response Team (CSIRT) to ensure timely monitoring, detection, and response to threats
  • Lead the development and execution of the bank’s incident response plan and associated playbooks
  • Coordinate responses to security incidents, ensuring minimal impact and quick recovery
  • Establish and maintain a threat intelligence program to proactively identify and respond to emerging threats
  • Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities
  • Collaborate with IT and engineering teams to integrate security into systems and processes
  • Stay updated on emerging technologies and recommend solutions to address evolving threats
  • Ensure adherence to cyber risk management regulations, including FFIEC and other applicable laws
  • Represent the bank during regulatory examinations, audits, and executive presentations on cyber risk topics
  • Maintain thorough documentation to demonstrate adherence to policies and standards
  • Build and mentor a high-performing security operations team
  • Provide training and development opportunities to ensure team members stay current in the field
  • Foster a culture of accountability, collaboration, and continuous improvement

Requirements

  • Cybersecurity knowledge
  • Incident response
  • Regulatory compliance
  • Collaboration and teamwork
  • Training and development
Assessfirst - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cybersecurity Incident Response Team Lead

8 matching positions

Cybersecurity Incident Response Team Lead

The Cybersecurity Incident Response Team Lead is a leadership role responsible f...
Location
Location
United States Of America , NEW YORK
Salary
Salary:
150000.00 - 185000.00 USD / Year
credit-agricole.com Logo
Crédit Agricole
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Business Administration, or a related field
  • Minimum 10+ years of experience in information security or related field
  • Ability to analyze, prioritize, and manage security incidents effectively
  • Ability to align cyber risk initiatives with business objectives
  • Strong ensure thorough documentation and clear communications over security operations activities
  • Proven track record of building and leading high performing teams
  • Expertise in navigating banking regulations
  • Strong knowledge with information security technologies such as SIEM, SOAR, EDR, NDR, etc.
  • Strong knowledge with leading security investigations
  • Deep understanding of frameworks such as NIST Cybersecurity Framework
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive security operations strategy aligned with the bank's risk appetite and business objectives
  • Provide thought leadership on emerging cyber risks and recommend proactive measures to mitigate them
  • Serve as a trusted advisor to executive leadership, management committees, and the board on cyber risk issues
  • Define, maintain, and report operational metrics to evaluate Security Operations program performance, effectiveness, and adherence with organizational and regulatory requirements
  • Direct and manage Americas Cyber Security Incident Response Team (CSIRT) to ensure timely monitoring, detection, and response to threats
  • Lead the development and execution of the bank’s incident response plan and associated playbooks
  • Coordinate responses to security incidents, ensuring minimal impact and quick recovery
  • Establish and maintain a threat intelligence program to proactively identify and respond to emerging threats
  • Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities
  • Collaborate with IT and engineering teams to integrate security into systems and processes
  • Fulltime
Read More
Arrow Right

Senior Incident Handler - Security Incident Response Team

As an Expert Security Analyst – Incident Coordinator, you will take a leadership...
Location
Location
Netherlands , Veldhoven
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field
  • 7+ years experience in advanced cybersecurity roles
  • Experience working with stakeholders in a complex organization
  • Proven record of influencing upper management towards security best practices
  • Expertise in Security Monitoring, Log Analysis, and Threat Hunting
  • Deep knowledge of Endpoint, Network, OT, Information and Cloud Security
  • Certifications – CISSP, GCIH, GCFA, CISM preferred
Job Responsibility
Job Responsibility
  • Security Monitoring – monitor security alerts for malicious activity or anomalies, ensuring swift response
  • Incident Handling – Lead investigations into high-profile, complex, or advanced persistent threats (APTs)
  • Threat Hunting – Proactively search for hidden threats and improve detection capabilities
  • Incident Analysis – Correlate data across multiple sources to detect sophisticated attack patterns
  • Detection & Response Optimization – Develop advanced detection techniques and security automation strategies
  • Technology Leadership – Act as an SME for SecOps tools and threat domains
  • Mentorship & Training – Provide guidance and mentorship to analysts at all levels
  • Fulltime
Read More
Arrow Right

Incident Response Lead - Global Security

The Incident Response (IR) Lead is accountable for leading and maturing the orga...
Location
Location
Poland; Sweden; United Kingdom , Łódź; Stockholm; London
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in cybersecurity, with significant hands-on involvement in Incident Response and Detection & Response functions
  • Demonstrated experience leading and managing IR or SOC teams in complex environments
  • Strong expertise in incident response methodologies, digital forensics, threat hunting, and attacker tactics, techniques, and procedures (TTPs)
  • Solid understanding of security technologies (EDR, SIEM, SOAR), network protocols, operating systems, and enterprise infrastructure
  • Proven ability to translate technical findings into business-relevant insights and communicate effectively with senior stakeholders
  • Experience developing and operationalizing playbooks, detection use cases, and response frameworks
  • Strong analytical and problem-solving capabilities, with attention to detail under pressure
  • Ability to lead in high-stress situations, make informed decisions quickly, and manage competing priorities
  • Experience fostering a high-performing team culture focused on collaboration, ownership, and continuous improvement
  • Excellent written and verbal communication skills, including experience delivering executive briefings
Job Responsibility
Job Responsibility
  • Own and lead the Incident Response function, including strategy, governance, and operational execution
  • Direct and optimize daily IR operations, ensuring efficient handling of security incidents, escalations, and threat hunting activities
  • Act as the central coordination point during major incidents, ensuring structured response, clear communication, and minimal business disruption
  • Design, maintain, and continuously improve incident response playbooks, workflows, and escalation procedures
  • Review and quality-assure investigations, ensuring consistency in analysis, evidence handling, and decision-making
  • Collaborate with internal teams and external partners to ensure seamless incident management
  • Lead, mentor, and develop the IR team, promoting technical excellence, accountability, and continuous learning
  • Support crisis management activities, including participation in tabletop exercises and real-world incident coordination
  • Ensure alignment with regulatory, legal, and compliance requirements related to incident response and breach handling
  • Drive integration between detection engineering, threat intelligence, and response to enhance overall security effectiveness
  • Fulltime
Read More
Arrow Right

Cybersecurity Team Lead

The Cybersecurity Team Lead provides technical leadership, strategic direction, ...
Location
Location
United States , Rockville
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's degree, One-and-one- half (1.5) years of additional experience can substitute for one (1) year of a typical degree program
  • Minimum 10 years of experience in cybersecurity engineering or security operations
  • Minimum 5 years of experience leading/coordinating a team of people delivering enterprise security initiatives in complex IT environments with 3,000+ users
  • Minimum 5 years of experience with at least 3 enterprise security technologies (e.g., firewalls, SIEM, IDS/IPS, EDR, vulnerability management tools)
  • Minimum 3 years of experience working in regulated federal environments with document exposure to security frameworks such as NIST 800-53, RMF, FISMA, or FedRAMP
  • Must be a US Citizen who can obtain a Public Trust Security Clearance
Job Responsibility
Job Responsibility
  • Lead the design, implementation, and operation of enterprise cybersecurity technologies and solutions
  • Develop and maintain the organization’s cybersecurity roadmap aligned with evolving threats, mission needs, and regulatory requirements
  • Oversee security operations, including monitoring, alerting, incident response, escalation, and post-incident root cause analysis
  • Manage and optimize security technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR), SIEM, SOAR, vulnerability scanning tools, and network access control solutions
  • Ensure effective security monitoring across networks, servers, cloud environments, endpoints, and applications
  • Lead vulnerability management activities, including scanning, risk prioritization, remediation coordination, and reporting
  • Conduct and support risk assessments, threat modeling, and security architecture reviews for new and existing systems
  • Collaborate with infrastructure, network, hosting, and cloud teams to ensure secure system design and secure-by-default configurations
  • Support system authorization processes, including development and maintenance of security documentation such as system security plans (SSPs), POA&Ms, and related artifacts
  • Ensure compliance with applicable federal security frameworks, policies, and standards (e.g., FISMA, NIST, agency security requirements)
  • Fulltime
Read More
Arrow Right

Cybersecurity Incident Response Coordinator

The Microsoft Incident Response Team - Detection and Response Team (DART) are se...
Location
Location
United States , Multiple Locations
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
  • Flexibility to work shifts, including assignments during non-standard business hours that may include evening, nighttime, weekends, and/or holidays.
  • 2+ years of hands-on experience with Active Directory, Entra ID, or other enterprise identity platforms and/OR 2+ years threat hunting, windows forensics OR 2+ years pentesting experience
  • 1+ years ability to script or automate tasks using PowerShell or similar tools or 1+ years KQL experience
  • Experience in high pressure reactive incident response environments where customers are experiencing a potentially business-ending event and your evidence-driven plans of action dictate their next steps.
  • Security Certifications in any of the following: OSCP, CISSP, SANS Certifications, SC Certifications from Microsoft.
Job Responsibility
Job Responsibility
  • Scope customer engagements as part of pre-engagement activities, including assessing client needs, defining desired outcomes, and estimating resources and timelines to ensure a successful delivery.
  • Oversee escalation pathways ensuring timely responses, directing issues to the appropriate delivery teams, monitoring progress to resolution, and raising matters to leadership, when necessary, especially in cases of urgent and sensitive nature.
  • Collaborate closely with delivery teams to manage and resolve customer escalations promptly and effectively, ensuring customer satisfaction and maintaining delivery timelines.
  • Oversee staffing and capacity planning for engagements and special event support, ensuring the appropriate allocation of resources to meet demand and client needs effectively.
  • Fulfill on-call duties on a scheduled rotation, inclusive of weekends and holidays.
  • Manage and document the implementation of incident management frameworks and procedures.
  • Collaborate with internal teams, including Legal, Security Research, Product Groups, and others, to address and resolve emerging issues.
  • Ensure operational processes maintain alignment with business objectives.
  • Track the status of operational activities, ensuring schedules and priorities are met.
  • Manage daily and weekly communication and status reporting proactively.
  • Fulltime
Read More
Arrow Right

Cyber Security Incident Response Lead

The Microsoft Detection and Response Team (DART) are seeking a skilled and exper...
Location
Location
United Kingdom , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Computer Science, Computer Security, or related field
  • Master's Degree in Computer Science, Computer Security, or related field AND several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • Bachelor's Degree in Computer Science, Computer Security, or related field AND several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • equivalent experience
  • Experience in high pressure incident response environments
  • Lead and manage high-profile incident response efforts for some of the world’s largest businesses
  • Coordinate and lead all key stakeholders as the primary point of contact for major incidents
  • Identify gaps early in the engagement process and request appropriate resources to fill those gaps
  • Balance the need for rapid recovery with data collection and evidence preservation
  • Direct activities to secure Enterprise-scale environments and assess potential data exfiltration or data collection
Job Responsibility
Job Responsibility
  • Contextualizing and prioritizing findings to put together a comprehensive account and briefing of the events that transpired during a security incident
  • Pulling together multiple disparate events to build and communicate a cohesive timeline of activity
  • Collaborating with stakeholders at every level of the business, including legal, compliance, cybersecurity, engineering, and executive functions
  • Communicating key objectives and results with clarity and context
  • Managing all of the complexities of large-scale cybersecurity investigations for global multi-national organizations, serving as the primary point of contact
  • Leading research and analysis of security threats, and sharing findings across the team
  • Identifying, conducting, and supporting others in conducting research into critical security areas, such as current attacks, adversary tracking, and academic literature
  • Analyzing complex issues using multiple data sources to develop insights and identify security problems and threats
  • Creating new solutions to mitigate security issues
  • Recommending prioritization and validation methods for technical indicators, developing tools to automate analyses
  • Fulltime
Read More
Arrow Right

Principal Cybersecurity Incident Response Analyst

Principal Cybersecurity Incident Response Analyst role at HPE's Cyber Defense Ce...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • Typically 8+ years of relevant experience
  • SOC team/Incident response/Advanced threat analyst experience is required
  • Proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • Extensive understanding of adversary tactics, techniques, and procedures (TTPs)
  • Extensive Cyber and IT security knowledge
  • Extensive understanding of Cyber and IT security risks, best practices, threats and prevention measures
  • Extensive understanding of SQL and relevant scripting languages
  • Extensive data security system analysis skills
  • Extensive risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most severe and complex cybersecurity incidents
  • Guide cross-functional teams through containment, eradication, and recovery
  • Provide executive-level oversight and decision-making during critical incidents
  • Effectively analyze associated logs and respond to high severity incidents
  • Contribute to the company's security response methods
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies
  • Foster a culture of continuous improvement and innovation
  • Provide insight and guidance through after action reviews
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Incident Response Analyst

You will work as a Senior Cybersecurity Incident Response Analyst as part of Hew...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • typically 4+ years of relevant experience
  • SOC team/Incident response analyst experience is required
  • proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • advanced understanding of adversary tactics, techniques, and procedures (TTPs)
  • advanced Cyber and IT security knowledge
  • advanced understanding of Cyber and IT security risks, best practices, threats and prevention measures as well as containment and remediation actions
  • advanced understanding of SQL and relevant scripting languages
  • advanced data security system analysis skills
  • advanced risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery
  • analyze associated logs and respond to high severity incidents
  • suggest automation opportunities to enhance IR
  • mentor and provide technical guidance to less experienced cybersecurity professionals
  • stay at the forefront of cybersecurity trends, threats, and technologies
  • foster a culture of continuous improvement and innovation
  • encourage the adoption of new technologies and methodologies
  • provide insight and guidance through after action reviews working with stakeholders.
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • programs for professional and personal career development
  • unconditional inclusion and flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right