CrawlJobs Logo
JFrog Logo JFrog · IT - Administration

Incident Response Lead

United States 185000.00 - 200000.00 USD / Year · Job Posted March 05, 2026
Apply Position
Job Link Share

Job Description

As the Incident Response Lead, you will be the captain of the front-line defense. You won't just respond to threats; you will build the team and the infrastructure that detects them before they happen. You will lead a group of high-performing engineers to mature our Incident Response program, automate security operations, and partner with R&D and DevOps to ensure our "liquid software" remains secure.

Job Responsibility

  • Incident Commander: Act as the primary escalation point for high-priority security incidents, leading the triage, containment, and post-mortem processes
  • Drive Automation: Champion "Security as Code" by leading the development of internal tools (Python/Go) to automate monitoring and remediation
  • Cross-Functional Partnership: Collaborate with SRE, DevOps, and Product teams to drive holistic fixes for systemic architectural vulnerabilities
  • Evangelize Security: Build a culture of security across the organization through training, documentation, and proactive risk management

Requirements

  • Optional: Leadership Experience: 2+ years of experience leading technical teams or acting as a formal mentor/technical lead in a security context
  • Deep Technical Roots: 7+ years of industry experience in IR with a focus on Information Security principles
  • Cloud Mastery: Proven expertise in attack and mitigation methods within complex AWS, GCP, or Azure environments
  • Incident Response Prowess: Extensive experience in risk prioritization and managing the lifecycle of security incidents in a global production environment
  • Technical Breadth: Mastery in at least 5 of the following: Endpoint Protection (EDR/XDR) & Zero Trust architecture
  • Identity Management (IAM/IDM) and SSO/SAML
  • Security Analytics (SIEM/Logging) such as ELK or Splunk
  • Container Security (Docker, Kubernetes)
  • Email Protection & Patch Management
  • Coding Proficiency: Ability to review and guide the development of security tools in Python or Go
  • Communication: Exceptional ability to translate complex technical risks into actionable business insights for stakeholders

What we offer

  • Open to remote work for candidates outside a reasonable commuting distance to the Atlanta office
  • equity package of restricted stock units (RSU)
  • eligibility to participate in our Employee Stock Purchase Plan
  • comprehensive benefits including medical, dental, vision, retirement, wellness and much more
JFrog - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Incident Response Lead

8 matching positions

Incident Response Lead - Global Security

The Incident Response (IR) Lead is accountable for leading and maturing the orga...
Location
Location
Poland; Sweden; United Kingdom , Łódź; Stockholm; London
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in cybersecurity, with significant hands-on involvement in Incident Response and Detection & Response functions
  • Demonstrated experience leading and managing IR or SOC teams in complex environments
  • Strong expertise in incident response methodologies, digital forensics, threat hunting, and attacker tactics, techniques, and procedures (TTPs)
  • Solid understanding of security technologies (EDR, SIEM, SOAR), network protocols, operating systems, and enterprise infrastructure
  • Proven ability to translate technical findings into business-relevant insights and communicate effectively with senior stakeholders
  • Experience developing and operationalizing playbooks, detection use cases, and response frameworks
  • Strong analytical and problem-solving capabilities, with attention to detail under pressure
  • Ability to lead in high-stress situations, make informed decisions quickly, and manage competing priorities
  • Experience fostering a high-performing team culture focused on collaboration, ownership, and continuous improvement
  • Excellent written and verbal communication skills, including experience delivering executive briefings
Job Responsibility
Job Responsibility
  • Own and lead the Incident Response function, including strategy, governance, and operational execution
  • Direct and optimize daily IR operations, ensuring efficient handling of security incidents, escalations, and threat hunting activities
  • Act as the central coordination point during major incidents, ensuring structured response, clear communication, and minimal business disruption
  • Design, maintain, and continuously improve incident response playbooks, workflows, and escalation procedures
  • Review and quality-assure investigations, ensuring consistency in analysis, evidence handling, and decision-making
  • Collaborate with internal teams and external partners to ensure seamless incident management
  • Lead, mentor, and develop the IR team, promoting technical excellence, accountability, and continuous learning
  • Support crisis management activities, including participation in tabletop exercises and real-world incident coordination
  • Ensure alignment with regulatory, legal, and compliance requirements related to incident response and breach handling
  • Drive integration between detection engineering, threat intelligence, and response to enhance overall security effectiveness
  • Fulltime
Read More
Arrow Right

Senior Information Security Incident Response Lead

The Senior Information Security Incident Response Lead is responsible for managi...
Location
Location
Mexico , Mexico
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred
  • SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Advanced experience in a Technology Information Security Industry
  • Advanced experience or knowledge of SIEM and IPS technologies
  • Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors
  • Advanced understanding of End Point Protection Software
  • Advanced understanding of Enterprise Detection and Response software
  • Advanced knowledge of technological advances within the information security arena
Job Responsibility
Job Responsibility
  • Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated
  • Performs access management activities according to the policy
  • Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses
  • Interacts with a global team of Cyber Security Analysts and specialists
  • Manages 2nd level triaging of security alerts, events, and notifications
  • Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees
  • Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders
  • Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified
  • Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults
  • Maintains an understanding of current and emerging threats, vulnerabilities, and trends
Read More
Arrow Right

Cyber Security Incident Response Lead

The Microsoft Detection and Response Team (DART) are seeking a skilled and exper...
Location
Location
United Kingdom , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Computer Science, Computer Security, or related field
  • Master's Degree in Computer Science, Computer Security, or related field AND several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • Bachelor's Degree in Computer Science, Computer Security, or related field AND several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • equivalent experience
  • Experience in high pressure incident response environments
  • Lead and manage high-profile incident response efforts for some of the world’s largest businesses
  • Coordinate and lead all key stakeholders as the primary point of contact for major incidents
  • Identify gaps early in the engagement process and request appropriate resources to fill those gaps
  • Balance the need for rapid recovery with data collection and evidence preservation
  • Direct activities to secure Enterprise-scale environments and assess potential data exfiltration or data collection
Job Responsibility
Job Responsibility
  • Contextualizing and prioritizing findings to put together a comprehensive account and briefing of the events that transpired during a security incident
  • Pulling together multiple disparate events to build and communicate a cohesive timeline of activity
  • Collaborating with stakeholders at every level of the business, including legal, compliance, cybersecurity, engineering, and executive functions
  • Communicating key objectives and results with clarity and context
  • Managing all of the complexities of large-scale cybersecurity investigations for global multi-national organizations, serving as the primary point of contact
  • Leading research and analysis of security threats, and sharing findings across the team
  • Identifying, conducting, and supporting others in conducting research into critical security areas, such as current attacks, adversary tracking, and academic literature
  • Analyzing complex issues using multiple data sources to develop insights and identify security problems and threats
  • Creating new solutions to mitigate security issues
  • Recommending prioritization and validation methods for technical indicators, developing tools to automate analyses
  • Fulltime
Read More
Arrow Right

Cybersecurity Incident Response Team Lead

The Cybersecurity Incident Response Team Lead is a leadership role responsible f...
Location
Location
United States Of America , NEW YORK
Salary
Salary:
150000.00 - 185000.00 USD / Year
credit-agricole.com Logo
Crédit Agricole
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Business Administration, or a related field
  • Minimum 10+ years of experience in information security or related field
  • Ability to analyze, prioritize, and manage security incidents effectively
  • Ability to align cyber risk initiatives with business objectives
  • Strong ensure thorough documentation and clear communications over security operations activities
  • Proven track record of building and leading high performing teams
  • Expertise in navigating banking regulations
  • Strong knowledge with information security technologies such as SIEM, SOAR, EDR, NDR, etc.
  • Strong knowledge with leading security investigations
  • Deep understanding of frameworks such as NIST Cybersecurity Framework
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive security operations strategy aligned with the bank's risk appetite and business objectives
  • Provide thought leadership on emerging cyber risks and recommend proactive measures to mitigate them
  • Serve as a trusted advisor to executive leadership, management committees, and the board on cyber risk issues
  • Define, maintain, and report operational metrics to evaluate Security Operations program performance, effectiveness, and adherence with organizational and regulatory requirements
  • Direct and manage Americas Cyber Security Incident Response Team (CSIRT) to ensure timely monitoring, detection, and response to threats
  • Lead the development and execution of the bank’s incident response plan and associated playbooks
  • Coordinate responses to security incidents, ensuring minimal impact and quick recovery
  • Establish and maintain a threat intelligence program to proactively identify and respond to emerging threats
  • Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities
  • Collaborate with IT and engineering teams to integrate security into systems and processes
  • Fulltime
Read More
Arrow Right

Cybersecurity Incident Response Team Lead

The Cybersecurity Incident Response Team Lead is a leadership role responsible f...
Location
Location
United States , New York
Salary
Salary:
150000.00 - 185000.00 USD / Year
assessfirst.com Logo
Assessfirst
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Cybersecurity knowledge
  • Incident response
  • Regulatory compliance
  • Collaboration and teamwork
  • Training and development
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive security operations strategy aligned with the bank’s risk appetite and business objectives
  • Provide thought leadership on emerging cyber risks and recommend proactive measures to mitigate them
  • Serve as a trusted advisor to executive leadership, management committees, and the board on cyber risk issues
  • Define, maintain, and report operational metrics to evaluate Security Operations program performance, effectiveness, and adherence with organizational and regulatory requirements
  • Direct and manage Americas Cyber Security Incident Response Team (CSIRT) to ensure timely monitoring, detection, and response to threats
  • Lead the development and execution of the bank’s incident response plan and associated playbooks
  • Coordinate responses to security incidents, ensuring minimal impact and quick recovery
  • Establish and maintain a threat intelligence program to proactively identify and respond to emerging threats
  • Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities
  • Collaborate with IT and engineering teams to integrate security into systems and processes
  • Fulltime
Read More
Arrow Right

Senior Incident Handler - Security Incident Response Team

As an Expert Security Analyst – Incident Coordinator, you will take a leadership...
Location
Location
Netherlands , Veldhoven
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field
  • 7+ years experience in advanced cybersecurity roles
  • Experience working with stakeholders in a complex organization
  • Proven record of influencing upper management towards security best practices
  • Expertise in Security Monitoring, Log Analysis, and Threat Hunting
  • Deep knowledge of Endpoint, Network, OT, Information and Cloud Security
  • Certifications – CISSP, GCIH, GCFA, CISM preferred
Job Responsibility
Job Responsibility
  • Security Monitoring – monitor security alerts for malicious activity or anomalies, ensuring swift response
  • Incident Handling – Lead investigations into high-profile, complex, or advanced persistent threats (APTs)
  • Threat Hunting – Proactively search for hidden threats and improve detection capabilities
  • Incident Analysis – Correlate data across multiple sources to detect sophisticated attack patterns
  • Detection & Response Optimization – Develop advanced detection techniques and security automation strategies
  • Technology Leadership – Act as an SME for SecOps tools and threat domains
  • Mentorship & Training – Provide guidance and mentorship to analysts at all levels
  • Fulltime
Read More
Arrow Right

Cyber Incident Lead

As the nation’s flag carrier, we take great pride in connecting Britain with the...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
britishairways.com Logo
British Airways
Expiration Date
June 24, 2026
Flip Icon
Requirements
Requirements
  • Strong hands-on experience responding to and managing cyber incidents
  • Ability to remain calm, structured and decisive under pressure
  • Strong analytical and problem-solving skills
  • Clear communication skills for technical and non-technical audiences
  • Pragmatic, methodical and outcome-focused approach
  • Collaborative mindset with strong influencing capability
  • Experience in cyber incident response within a large or complex organisation
  • Understanding of incident response methodologies
Job Responsibility
Job Responsibility
  • Lead and manage cyber incidents across the BA estate as part of a 24/7 on-call response function
  • Develop, maintain and continuously improve cyber incident response processes
  • Coordinate technical and business stakeholders during incidents
  • Communicate complex technical issues clearly to stakeholders at all levels
  • Perform risk assessments with incomplete or ambiguous information
  • Support the development of in-house digital forensics capability
  • Feed incident learnings into threat intelligence and cyber control tuning
  • Liaise with other operating companies to share indicators of compromise and lessons learnt
  • Manage and continuously improve supplier relationships supporting incident response
What we offer
What we offer
  • Brilliant staff travel benefits including unlimited basic and premium standby tickets on British Airways flights
  • Up to 30 discounted ‘Hotline’ airfares per year for yourself, friends, and family
  • Market-leading defined contribution (DC) pension
  • Flexible benefits including critical illness cover, childcare vouchers, cycle to work, additional life insurance cover, private medical insurance, dental plan, and healthcare cash plan
  • Electric car scheme
  • Gymflex
  • Heathrow Express 75% discount
  • Fulltime
!
Read More
Arrow Right

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right