CrawlJobs Logo

Head of Detection & Incident Response

United States, New York City · Job Posted March 19, 2026
Apply Position
Job Link Share

Job Description

This is not a shift-management SOC role. We’re looking for someone with deep IR experience, strong technical judgement, and the ability to set strategy and execute building monitoring, hunting, and response capabilities that materially reduce risk. This role stands out to me as you’ll be trusted to lead when it matters most and your impact will be measured by stronger detection, faster response, and a more resilient security posture.

Job Responsibility

  • Lead incident response, threat hunting, detection engineering, and forensics across the organisation
  • Build and advance internal monitoring and auditing frameworks
  • Develop and execute a vision for where our SecOps program goes next
  • Act as a senior escalation point during incidents, communicating clearly with leadership and stakeholders
  • Drive pragmatic adoption of AI-enabled approaches in detection/response (build vs buy, risks and controls)

Requirements

  • Demonstrated leadership in high-severity incidents with strong judgement and crisp communication
  • Technical depth in threat hunting, detection engineering, incident response, forensics, and threat intelligence
  • Experience building or running monitoring/detection programs (and improving signal quality over time)
  • Comfortable partnering with compliance and governance while maintaining operational effectiveness
  • Thoughtful, practical approach to AI in security operations (not buzzword-led
  • not AI-averse)

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Head of Detection & Incident Response

8 matching positions

Head of Detection and Response

I’m working with the global CISO of a world leading Hedge Fund in New York looki...
Location
Location
United States , New York City
Salary
Salary:
Not provided
thisisiceberg.com Logo
Iceberg Cyber Security
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated leadership in high-severity incidents with strong judgement and crisp communication
  • Technical depth in threat hunting, detection engineering, incident response, forensics, and threat intelligence
  • Experience building or running monitoring/detection programs (and improving signal quality over time)
  • Comfortable partnering with compliance and governance while maintaining operational effectiveness
  • Thoughtful, practical approach to AI in security operations (not buzzword-led
  • not AI-averse)
Job Responsibility
Job Responsibility
  • Lead incident response, threat hunting, detection engineering, and forensics across the organisation
  • Build and advance internal monitoring and auditing frameworks
  • Develop and execute a vision for where our SecOps program goes next
  • Act as a senior escalation point during incidents, communicating clearly with leadership and stakeholders
  • Drive pragmatic adoption of AI-enabled approaches in detection/response (build vs buy, risks and controls)
  • Fulltime
Read More
Arrow Right
New

Head of IT Security

We are looking for a senior IT security leader to define, implement and assure o...
Location
Location
United Kingdom , Birmingham; Leeds; London
Salary
Salary:
Not provided
capsticks.com Logo
Capsticks Solicitors LLP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior IT security leadership experience, ideally with exposure to CISO-level responsibilities
  • Strong knowledge of security operations, identity and access management, cloud and network security, endpoint protection, email security and modern models such as Zero Trust / ZTNA
  • Experience working with ISO27001, Cyber Essentials Plus and recognised security frameworks such as CIS Controls or NIST
  • The ability to translate risk and compliance requirements into practical controls, services and improvement plans
  • Experience managing teams, vendors and managed security services, ideally in a SaaS-focused professional services environment
  • Clear communication skills, with the confidence to explain complex security topics to senior stakeholders, technical teams and external parties
  • A pragmatic, outcome-focused and forward-looking approach, with the resilience to work effectively under pressure
Job Responsibility
Job Responsibility
  • Defining and implementing security strategy, standards and controls aligned to ISO27001, Cyber Essentials Plus and the firm’s wider data, AI and innovation strategies
  • Overseeing security operations, monitoring, detection and response across areas such as SOC, SIEM, XDR, vulnerability management and incident response
  • Embedding security by design into projects, change and solution architecture, including identity, endpoint, cloud, network, email and secure remote access controls
  • Working with Governance & Risk to maintain and improve the ISMS, support audits and ensure regulatory and client expectations are met
  • Providing clear reporting on security posture, risks, incidents and improvement plans to technical and non-technical stakeholders
  • Promoting a strong security culture through awareness, training and practical guidance on secure behaviours
What we offer
What we offer
  • Inclusive employer
  • reasonable adjustments
  • Fulltime
Read More
Arrow Right

Head of IT Security

We are looking for a senior IT security leader to define, implement and assure o...
Location
Location
United Kingdom , Birmingham, Leeds, London
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior IT security leadership experience, ideally with exposure to CISO-level responsibilities
  • Strong knowledge of security operations, identity and access management, cloud and network security, endpoint protection, email security and modern models such as Zero Trust / ZTNA
  • Experience working with ISO27001, Cyber Essentials Plus and recognised security frameworks such as CIS Controls or NIST
  • The ability to translate risk and compliance requirements into practical controls, services and improvement plans
  • Experience managing teams, vendors and managed security services, ideally in a SaaS-focused professional services environment
  • Clear communication skills, with the confidence to explain complex security topics to senior stakeholders, technical teams and external parties
  • A pragmatic, outcome-focused and forward-looking approach, with the resilience to work effectively under pressure
Job Responsibility
Job Responsibility
  • Define and implement security strategy, standards and controls aligned to ISO27001, Cyber Essentials Plus and the firm’s wider data, AI and innovation strategies
  • Oversee security operations, monitoring, detection and response across areas such as SOC, SIEM, XDR, vulnerability management and incident response
  • Embed security by design into projects, change and solution architecture, including identity, endpoint, cloud, network, email and secure remote access controls
  • Work with Governance & Risk to maintain and improve the ISMS, support audits and ensure regulatory and client expectations are met
  • Provide clear reporting on security posture, risks, incidents and improvement plans to technical and non-technical stakeholders
  • Promote a strong security culture through awareness, training and practical guidance on secure behaviours
What we offer
What we offer
  • Inclusive employer
  • reasonable adjustments to application and interview process
  • Fulltime
Read More
Arrow Right

Head of Cyber Defence

An experienced cyber security leader responsible for developing and executing en...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
idexconsulting.com Logo
IDEX Consulting Ltd
Expiration Date
September 16, 2026
Flip Icon
Requirements
Requirements
  • Cyber Security Strategy
  • Security Operations (SOC)
  • Incident Response & Crisis Management
  • Threat Intelligence
  • Vulnerability Management
  • Security Architecture
  • Risk Management
  • Team Leadership & Development
  • Stakeholder Management
  • Regulatory & Compliance Requirements
Job Responsibility
Job Responsibility
  • Lead and manage the Cyber Defence function, overseeing security operations, threat intelligence, vulnerability management, and incident response capabilities
  • Develop and implement cyber defence strategies, policies, and procedures to protect against evolving cyber threats
  • Direct Security Operations Centre (SOC) activities, ensuring effective monitoring, detection, investigation, and response to security incidents
  • Oversee threat intelligence programmes, identifying emerging risks and implementing proactive defensive measures
  • Lead cyber incident response activities, coordinating technical teams and business stakeholders during security events
  • Manage vulnerability assessment and remediation programmes across enterprise infrastructure and applications
  • Collaborate with technology, risk, compliance, and business teams to strengthen organisational cyber resilience
  • Provide strategic advice and reporting to senior leadership on cyber threats, security posture, and risk exposure
  • Manage relationships with external security vendors, consultants, and industry partners
  • Lead, mentor, and develop a team of cyber security professionals
  • Fulltime
Read More
Arrow Right

Head Of Infrastructure And Ai Systems

Radix is building the most trusted data and analytics platform in multifamily. J...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
radix.com Logo
Radix (AZ)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Brings 10 or more years of experience in platform, infrastructure, or systems engineering, with deep exposure to operating complex production systems rather than only building them
  • Demonstrates deep expertise in AWS core services, along with hands on experience in Azure, including identity federation and cross cloud integration patterns
  • Possesses production level experience with Kubernetes and strong proficiency in Databricks, including cluster management, scaling, security, Spark tuning, and data governance
  • Treats infrastructure as code as a default practice, with Terraform preferred, and builds robust observability systems across metrics, tracing, and logging with a proactive mindset
  • Thinks in systems, maintaining a full stack perspective from DNS through application layers to agent behavior, while identifying risks and anti patterns early
  • Operates with a strong Day 2 mindset, embedding reliability, operational readiness, and security as core design principles from the outset
  • Has real world experience integrating AI and LLM systems into production environments, with a deep understanding of agent safety, trust boundaries, observability, and failure modes
  • Is motivated by the challenge of enabling reliable collaboration between human engineers and AI agents, while staying current on the evolving AI infrastructure landscape
  • Exhibits curiosity, resilience, and adaptability when navigating ambiguity and working within fast moving, evolving systems
  • Thrives in high growth startup environments with strong ownership, operating with autonomy and transparency while leading through hands on execution
Job Responsibility
Job Responsibility
  • Architect and build the Agent Harness, the system of controls, context, and guardrails that govern how AI agents are deployed, monitored, constrained, and evolved across the platform
  • Define and enforce operational contracts between human engineers and AI agents, including access boundaries, audit trails, rollback mechanisms, and trust boundaries
  • Translate desired agent outcomes into concrete infrastructure requirements, including defining what context agents require, what systems they can interact with, and how failures are handled
  • Own the reliability and observability of agent driven workflows end to end, from initial invocation through downstream system impact
  • Evaluate, select, and integrate LLM tooling, agent orchestration frameworks, and emerging AI native infrastructure primitives as the ecosystem evolves
  • Own and operate all cloud infrastructure across AWS as primary and Azure, including compute, networking, storage, security posture, and cross cloud integration patterns
  • Architect, operate, and continuously improve Kubernetes clusters at production scale, including workload isolation, autoscaling strategies, cost optimization, and multi environment lifecycle management
  • Own and evolve the Databricks environment, including cluster configuration, job orchestration, access controls, and data governance, while defining clear infrastructure contracts between data engineering and the broader platform
  • Drive infrastructure as code practices with Terraform preferred and with a strong emphasis on repeatability, auditability, and operational simplicity
  • Ensure infrastructure is appropriately sized and cost efficient, intentionally architected for current team needs rather than speculative future scale
What we offer
What we offer
  • Medical, dental and vision coverage designed to support your wellbeing
  • Uncapped Paid Time Off
  • Pre-IPO Equity
  • Performance Bonus
  • Learn From the Best
  • Build Category-Defining Products
  • Fulltime
Read More
Arrow Right

Global Head of Cyber Risk and Compliance

The Technology & Cyber Compliance and Operational Risk Office (TCCORO) at Citi i...
Location
Location
United States , Irving, Texas, United States, New York, New York, United States
Salary
Salary:
250000.00 - 500000.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 20+ years' experience in technology risk and/or cyber risk management in the banking/financial services industry, or related field, with at least 5+ years in 2nd or 3rd line senior leadership positions
  • Subject matter expert in technology risk and/or cyber risk management principles and practices across various information system architecture and engineering domains
  • Proven experience in managing complex risk portfolios and developing strategic risk management frameworks for large organizations
  • Robust understanding of operational risk management frameworks, industry standards, regulatory requirements, and risk mitigation practices
  • Experience managing and overseeing large remediation and transformation programs to achieve intended results
  • Extensive experience in effective written and verbal communication with executive audiences including Boards
  • Experienced risk challenger who balances risks vs. rewards aligned with corporate risk culture
  • Understanding of Citi products and services and downstream impacts of technology risk and/or cyber risk strategy
  • Professional certifications in either technology risk and/or cyber risk preferred, including: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), ERM, CET, ISO27001, COBIT, TOGAF, or CRI
  • In-depth, working knowledge of banking technologies, fraud, cybercrime detection and countermeasures, encryption, data retention, as well as information security support for segregation of duties, application development, network and systems operation, testing and vendor management
Job Responsibility
Job Responsibility
  • Oversight and challenge of the cybersecurity incident response programs
  • Oversight of the security operations center (SOC) and cybersecurity fusion center (CSFC)
  • Oversight of cybersecurity penetration testing and red-team operations
  • Oversight of the Chief Information Security Office (CISO), including the review of the effectiveness of the controls, standards and programs across the enterprise
  • Implementation of guidance for overseeing Emerging Technology and Operational Risks, in compliance with OCC Heightened Standards
  • Able to present and lead discussions with key Regulators, internal and external auditors, as well the Board of Directors and the Risk and Audit sub-committees
  • Governance and Oversight of security risks impacting the business and technology
  • Support in the development of Cyber Policy and Standards
  • Oversight of Key Operational Risks and related indicators and thresholds
  • Challenge of Cyber Risk Self Assessments
What we offer
What we offer
  • Discretionary and formulaic incentive and retention awards
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right

Head of IT

The Head of IT is responsible for overseeing the organisation's core technology ...
Location
Location
United Kingdom
Salary
Salary:
Not provided
admiralgroup.co.uk Logo
Admiral Group Plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of infrastructure
  • Experience with monitoring, alerting and observability
  • Knowledge of cybersecurity principles and vulnerability management
  • Understanding of integrations, API's and application ecosystems
  • Experience managing third-party technology platforms
  • Experience in technology management or technical operations roles
  • Experience setting and delivering technology strategy
  • Experience with change management and vendor governance
  • Familiarity with tender processes and contract management
  • Strategic thinker with strong decision-making
Job Responsibility
Job Responsibility
  • Develop and maintain the organisation's technology strategy and multi-year roadmap
  • Translate strategic goals into actionable technical plans, ensuring alignment with business priorities
  • Partner with Strategy, IT, Operations and supplier teams to ensure delivery against agreed outcomes
  • Identifying emerging technologies, trends and opportunities that could enhance performance, automation and resilience for the future
  • Own the end-to-end lifecycle of the technology stack, including infrastructure, applications, integrations and monitoring tools
  • Maintain architectural documentation, standards and minimum service expectations
  • Oversee capacity and performance planning to ensure scalability and resilience
  • Act as the primary technical owner for File Dynamics, ensuring platform meets service levels, roadmap commitments and compliance standards
  • Maintain strong supplier governance including performance reviews, audit readiness and issue remediation
  • Manage integration touchpoints, platform configuration and change cycles
What we offer
What we offer
  • Financial & Mortgage Advice
  • 24-Hour Ecare
  • Cycle to Work Scheme
  • Annual Holiday Allowance
  • Flexible Working
  • Simply Health
  • Private Health Cover
  • Critical Illness Cover
  • Fulltime
Read More
Arrow Right

Head of Physical Security

Join Archer as the Director of Physical Security to lead the development, implem...
Location
Location
United States , San Jose
Salary
Salary:
200000.00 - 240000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in corporate physical security, law enforcement, or military security operations, preferably with leadership experience in the aerospace, aviation, or manufacturing sectors
  • Demonstrated expertise in security risk management, incident response, and emergency planning
  • Strong knowledge of security technology systems (CCTV, access control, alarms)
  • Experience working with global teams and managing security in diverse geographic locations
  • Excellent leadership, organizational, and communication skills
  • Ability to operate in a dynamic, fast-paced environment and adapt to changing priorities
  • Willingness to travel domestically and internationally as required
Job Responsibility
Job Responsibility
  • Develop and execute a global physical security strategy aligned with corporate objectives and regulatory requirements
  • Lead a team of security professionals and manage third-party security providers
  • Conduct comprehensive threat and risk assessments across all facilities and operations
  • Oversee the design and implementation of physical security systems including surveillance, access control, perimeter security, and intrusion detection
  • Collaborate with engineering, infrastructure, flight operations, and HR teams to ensure security is integrated into all facets of company activities
  • Develop emergency response and crisis management protocols and lead incident response efforts
  • Coordinate closely with local, state, federal, and international law enforcement and security agencies
  • Develop and maintain executive-level reporting on security posture, incidents, and risk mitigation activities
  • Foster a culture of security awareness through training, communications, and engagement across the organization
  • Ensure compliance with all relevant legal and regulatory standards, including aviation and industrial security requirements
  • Fulltime
Read More
Arrow Right