CrawlJobs Logo

Information Security Operations Specialist - Incident Response

United States, Enfield · Job Posted June 15, 2026
Apply Position
Job Link Share

Job Description

We are looking for an experienced security specialist to strengthen incident response and insider risk operations in Connecticut. This role focuses on protecting sensitive information, improving response readiness, and partnering with cross-functional teams to address security events with speed and accuracy. The ideal candidate brings practical knowledge of cyber defense, data protection technologies, and operational reporting within a structured security environment.

Job Responsibility

  • Lead the investigation and coordination of security incidents, ensuring timely containment, analysis, and resolution of potential threats
  • Develop, refine, and maintain incident response procedures while guiding response exercises to improve organizational preparedness
  • Administer and support insider risk and data protection capabilities, including monitoring policies, classifications, and sensitivity controls
  • Produce meaningful security metrics and operational reports that help stakeholders track trends, risks, and program effectiveness
  • Work closely with legal and human resources partners on insider risk matters that require careful handling and documented escalation
  • Align daily security operations with applicable regulatory and compliance expectations to support governance and audit readiness
  • Evaluate security events and file-related risks to identify patterns, recommend improvements, and strengthen protective controls

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, or a closely related discipline
  • At least 3-5 years of experience in security operations, cyber incident response, or a comparable information security setting
  • Hands-on background with Microsoft Purview Insider Risk Management and data classification or sensitivity labeling tools
  • Experience creating incident response playbooks and facilitating tabletop exercises for operational readiness
  • Ability to prepare security metrics, reporting packages, and program-level status updates for stakeholders
  • Familiarity with partnering across legal and HR functions on insider risk investigations or related case management
  • Working knowledge of common compliance and governance frameworks relevant to cybersecurity and data protection

Nice to have

Industry certifications such as Security+, incident handling, security operations, or ethical hacking credentials

What we offer

  • Medical, vision, dental, and life and disability insurance
  • 401(k) plan

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Information Security Operations Specialist - Incident Response

8 matching positions

Senior Information Security Incident Response Lead

The Senior Information Security Incident Response Lead is responsible for managi...
Location
Location
Mexico , Mexico
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred
  • SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Advanced experience in a Technology Information Security Industry
  • Advanced experience or knowledge of SIEM and IPS technologies
  • Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors
  • Advanced understanding of End Point Protection Software
  • Advanced understanding of Enterprise Detection and Response software
  • Advanced knowledge of technological advances within the information security arena
Job Responsibility
Job Responsibility
  • Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated
  • Performs access management activities according to the policy
  • Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses
  • Interacts with a global team of Cyber Security Analysts and specialists
  • Manages 2nd level triaging of security alerts, events, and notifications
  • Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees
  • Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders
  • Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified
  • Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults
  • Maintains an understanding of current and emerging threats, vulnerabilities, and trends
Read More
Arrow Right

Senior Cyber Incident Management, Operations & Response Specialist - VOIS

We are seeking a Senior Cyber Incident Management, Operations and Response Speci...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in a Security Operations Centre, operating at senior analyst level
  • Strong expertise in SIEM platforms (such as ArcSight, Splunk, QRadar or LogRhythm)
  • Proven experience in security incident investigation, response and management
  • Understanding of malware behaviour, advanced persistent threats and complex attack techniques
  • Skilled in SIEM correlation logic, rule tuning and detection optimisation
  • Ability to create structured workflows, playbooks and triage processes
  • Confident mentoring, coaching and motivating analysts within the team
  • Strong written and verbal communication skills, including the ability to present technical findings to senior stakeholders
  • Degree in Computer Science, Information Technology, Engineering or a related field
  • Prior experience in cloud technologies and the information security domain
Job Responsibility
Job Responsibility
  • Investigate, analyse and accurately triage security alerts and incidents across CSOC platforms
  • Perform deep-dive incident analysis, identify root causes and assess business risk
  • Lead daily stand-ups and act as an escalation point for functional and technical queries from Cyber Defence Analysts
  • Produce clear, high-quality technical and operational reports for stakeholders
  • Maintain and continuously enhance alert triage quality and operational deliverables
  • Develop, document and maintain playbooks, runbooks, SOPs, KEDB articles and knowledge base content
  • Proactively fine-tune detection rules and identify opportunities for alert reduction and effort optimisation
  • Monitor and protect digital systems against unauthorised access, modification or data loss
  • Analyse security breaches and recommend appropriate tools, controls and countermeasures
  • Collaborate closely with Local Market CSIRT teams to manage ongoing cases and reduce backlog
What we offer
What we offer
  • Opportunity to work at the forefront of cyber defence within a global telecommunications organisation
  • Exposure to complex threat landscapes and enterprise-scale security environments
  • A role that combines technical depth with leadership, mentoring and operational ownership
  • The ability to influence detection strategy, incident response quality and process maturity
  • Fulltime
Read More
Arrow Right

Armed Security Operations Specialist

The Armed Security Operations Specialist (Specialist) is tasked with safeguardin...
Location
Location
United States , Portland
Salary
Salary:
42.50 USD / Hour
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess Oregon DPSST Armed Private Security Professional certification
  • Must be a U.S. citizen
  • Must have a valid U.S. driver's license and clean driving record
  • Must have valid Oregon or Washington concealed handgun permit
  • Must be physically fit and maintain a high level of physical fitness and personal appearance
  • Must have a minimum of 5 years of relevant military or law enforcement skills and experience
  • Excellent oral and written communication and analytical skills
  • Possess high levels of integrity and trustworthiness
  • Must possess a high school diploma or equivalent
  • Demonstrate a high level of proficiency with handguns
Job Responsibility
Job Responsibility
  • Provide highly skilled armed protection of personnel, property, and reputation to the designated client
  • Work within a cross-functional team and communicate with security program stakeholders
  • Report to the SECURITY OPERATIONS TEAM management team
  • Safeguard the work site, personnel and maintain highly sensitive and confidential information
  • Conduct all facets of protective duties with a focus on detection and deterrence of risks, threats, & vulnerabilities
  • Follow and enhance the directed SOW (contract) and participate in operational sustainment training
  • Conducts ongoing threat, risk, and vulnerability assessments
  • Operates motor vehicles in a safe and legal manner
  • Liaise and coordinate with local law enforcement to ensure business continuity
  • Document daily operations and non-routine incidents
What we offer
What we offer
  • Medical/Dental/Vision coverage
  • Free employee life insurance
  • Paid employee training and development
  • 401K
  • Employee assistance programs
  • Paid holidays and flexible PTO (Paid Time Off)
  • Career advancement opportunities
  • Great company culture and work/life balance
  • Fulltime
Read More
Arrow Right

Senior Specialist, Security Operations and OT Cybersecurity

This position will lead regional security operations and help expand and mature ...
Location
Location
United States , Princeton
Salary
Salary:
120000.00 - 140000.00 USD / Year
rennerbrown.com Logo
Renner Brown
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of cybersecurity operations experience, with direct involvement in SOC management, incident response, and threat detection
  • Demonstrated hands-on experience in OT/ICS environments within manufacturing, utilities, or other regulated sectors
  • Proven ability to lead cross-functional investigations and vendor-driven engagements in complex enterprise environments
  • Knowledge of relevant cybersecurity frameworks, such as NIST CSF and ISA/IEC 62443, and their application in industrial and regulated settings
  • Strong analytical and communication skills, with the ability to work effectively across technical and business teams
  • Expertise in Security Operations and Incident Response, including triage, investigation, containment, and recovery across IT, OT, and cloud domains
  • Hands-on experience with SOC technologies, including SIEM, SOAR, EDR/XDR, and forensic analysis platforms
  • Strong background in OT/ICS cybersecurity, securing SCADA, PLCs, and manufacturing systems using frameworks such as ISA/IEC 62443 and NIST CSF
  • Familiarity with threat detection engineering, use case development, and integration of threat intelligence into monitoring workflows
  • Experience collaborating on vulnerability management and remediation across IT and OT environments
Job Responsibility
Job Responsibility
  • Lead incident response activities for the region, coordinating with global teams for investigation, escalation, and remediation across IT, OT, and cloud environments
  • Manage and continuously improve security monitoring and detection to ensure high-quality visibility and responsiveness
  • Build and mature OT cybersecurity capabilities, partnering with manufacturing, infrastructure, and operations teams to secure industrial control systems, SCADA, PLCs, and laboratory environments
  • Manage and hold vendors accountable for activities such as threat hunting, penetration testing, and forensic analysis, ensuring service quality and effective outcomes
  • Drive the execution of global SOC playbooks, escalation procedures, and threat intelligence integration
  • Support remediation and post-incident activities to strengthen resilience across technology domains
  • Develop, maintain, and enhance operational runbooks and processes to support consistent, repeatable cyber defense practices
  • Collaborate with IT, engineering, and compliance teams to uphold corporate and regulatory security standards
What we offer
What we offer
  • annual performance bonus and comprehensive benefits package
  • Fulltime
Read More
Arrow Right

Specialist Information Security

SIG is a leading provider of packaging systems and solutions for better. We work...
Location
Location
Switzerland , Neuhausen
Salary
Salary:
Not provided
sig.biz Logo
SIG Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
  • 3+ years of hands-on experience in the Information Security or IT governance domain
  • Foundational understanding of ISO 27001, ISO 42001, AI governance frameworks, and emerging regulatory requirements (e.g., EU AI Act, NIS2, GDPR)
  • Knowledge of ISMS (ISO 27001) requirements, control frameworks, and audit processes
  • Knowledge of AIMS (Artificial Intelligence Management System) concepts such as AI lifecycle governance, data classification, AI risk assessment, and responsible AI principles
  • Familiarity with legal and regulatory requirements, including GDPR, EU AI Act, NIS2, and other security or AI‑related compliance standards
  • Knowledge of risk management methods, including risk identification, assessment, and mitigation techniques
  • Awareness of the operational impacts and business risks caused by cybersecurity or AI‑related incidents
  • Understanding of how ISMS and AIMS controls integrate with IT and business processes, including policy management, governance workflows, and audit readiness
  • Experience supporting compliance initiatives or regulatory readiness activities (e.g., audit preparation, evidence collection, control documentation)
Job Responsibility
Job Responsibility
  • Support the Information Security & Risk Manager in developing, maintaining, and operating both the AIMS and ISMS , including AI governance implementation by ISO/IEC 42001, and ISO/IEC 27001 continuous improvement activities
  • Coordinate internal and external audits by preparing, maintaining, and reviewing ISMS- and AIMS‑related controls, evidence, and remediation actions
  • Perform initial security and AI risk /impact assessments and contribute to enhancing SIG’s IT Risk Management processes within the Risk Management Portal
  • Conduct supplier security assessments and support the procurement process for supplier qualification, including AI‑related vendor and tool risk evaluations
  • Perform initial security assessments for critical IT and AI‑related projects, providing security requirements, risk mitigation guidance, and alignment with SIG’s ISMS and AIMS controls
  • Evaluate AI use cases, integrations, and tools under AIMS and ensure regulatory compliance, including alignment with the EU AI Act, NIS2, data protection requirements, and other applicable security and AI‑related regulations. This includes conducting AI impact assessments, verifying data classification, and ensuring responsible and secure AI usage
  • Support SIG’s Security Governance Framework by maintaining policies, procedures, and technical standards across ISMS and AIMS, ensuring documentation is up-to-date, aligned with global governance requirements, and consistently implemented across regions
What we offer
What we offer
  • Competitive compensation
  • Opportunity to partially work from home
  • Part of a globally successful international company
  • Personal development opportunities
  • Trainings and coaching opportunities from senior team members
  • Fulltime
Read More
Arrow Right

Senior Specialist, Security Operations and OT Cybersecurity

This position will lead regional security operations and help expand and mature ...
Location
Location
United States , Princeton
Salary
Salary:
120000.00 - 140000.00 USD / Year
rennerbrown.com Logo
Renner Brown
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of cybersecurity operations experience, with direct involvement in SOC management, incident response, and threat detection
  • Demonstrated hands-on experience in OT/ICS environments within manufacturing, utilities, or other regulated sectors
  • Proven ability to lead cross-functional investigations and vendor-driven engagements in complex enterprise environments
  • Knowledge of relevant cybersecurity frameworks, such as NIST CSF and ISA/IEC 62443, and their application in industrial and regulated settings
  • Strong analytical and communication skills, with the ability to work effectively across technical and business teams
  • Expertise in Security Operations and Incident Response, including triage, investigation, containment, and recovery across IT, OT, and cloud domains
  • Hands-on experience with SOC technologies, including SIEM, SOAR, EDR/XDR, and forensic analysis platforms
  • Strong background in OT/ICS cybersecurity, securing SCADA, PLCs, and manufacturing systems using frameworks such as ISA/IEC 62443 and NIST CSF
  • Familiarity with threat detection engineering, use case development, and integration of threat intelligence into monitoring workflows
  • Experience collaborating on vulnerability management and remediation across IT and OT environments
Job Responsibility
Job Responsibility
  • Lead incident response activities for the region, coordinating with global teams for investigation, escalation, and remediation across IT, OT, and cloud environments
  • Manage and continuously improve security monitoring and detection to ensure high-quality visibility and responsiveness
  • Build and mature OT cybersecurity capabilities, partnering with manufacturing, infrastructure, and operations teams to secure industrial control systems, SCADA, PLCs, and laboratory environments
  • Manage and hold vendors accountable for activities such as threat hunting, penetration testing, and forensic analysis, ensuring service quality and effective outcomes
  • Drive the execution of global SOC playbooks, escalation procedures, and threat intelligence integration
  • Support remediation and post-incident activities to strengthen resilience across technology domains
  • Develop, maintain, and enhance operational runbooks and processes to support consistent, repeatable cyber defense practices
  • Collaborate with IT, engineering, and compliance teams to uphold corporate and regulatory security standards
What we offer
What we offer
  • annual performance bonus
  • comprehensive benefits package
  • Fulltime
Read More
Arrow Right

Cyber Security Operations Specialist

A Cyber Security Operations Specialist is a professional responsible for protect...
Location
Location
Congo, the Democratic Republic of the , Kinshasa
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 3-5 years of experience in Security Operations and Threat hunting
  • Bachelor's degree in computer science, information technology, cyber security, or a related field
  • Proficiency in security tools (e.g., SIEM, IDS/IPS, firewalls)
  • Knowledge of networking protocols and architecture
  • Familiarity with operating systems (Windows, Linux) and cloud environments
  • Strong analytical and problem-solving abilities to assess risks and respond effectively to incidents
  • Excellent analytical and problem-solving skills
  • Strong communication skills to effectively convey technical information to non-technical stakeholders. [French and English]
  • Ability to work independently and as part of a team in a fast-paced environment
  • A keen eye for detail to detect anomalies in data and logs
Job Responsibility
Job Responsibility
  • Continuously monitor security systems and networks for unusual activity or potential threats
  • Analyse security alerts and logs to identify and respond to incidents
  • Investigate security incidents and breaches to determine their cause and impact
  • Coordinate the response to security incidents, including containment, eradication, and recovery
  • Maintain a concise, audit-ready Incident Response Plan that defines severity matrix, escalation paths, decision authority, evidence handling, and communications (internal, executive, legal, regulator)
  • Own a version-controlled repository of actionable playbooks (phishing, business email compromise, ransomware, webshell, data exfiltration, insider risk, credential theft, cloud token abuse)
  • Ensure that logs from servers, cloud apps, domain controllers, proxies, domain controllers, email and smtp gateways, PUAM, firewalls are collected, easy to read, time-synchronized, and stored securely
  • Build and maintain smart alert rules that spot real attacks (based on MITRE ATT&CK) and reduce noisy false alarms
  • Create dashboards and weekly reports that show what we’re seeing and how fast we respond
  • Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
Read More
Arrow Right

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in pr...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience
  • Minimum 7 years of experience in information security, IT risk management, or related roles, preferably in federal or state government environments
  • Strong knowledge of federal cybersecurity frameworks including NIST SP 800-53, OWASP Top 10, DISA STIGs, and Common Criteria
  • Hands-on experience with networking concepts, system administration, and software development practices
  • Proficiency in using Splunk or comparable SIEM tools for security event monitoring, audit log analysis, and incident response
  • Experience working within Agile or Scaled Agile Framework (SAFe) teams and integrating security in fast-paced development environments
  • Excellent communication skills with the ability to convey complex security concepts to technical and non-technical audiences
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical security controls to verify their effectiveness during all phases of the system lifecycle
  • Identify, evaluate, and mitigate technical and operational security risks, threats, vulnerabilities, and weaknesses across diverse information systems
  • Drive compliance efforts with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA, and SANS Institute guidelines
  • Collaborate within Agile development teams to integrate security throughout the software development lifecycle, supporting secure design, testing, and deployment
  • Utilize hands-on expertise in networking, system administration, and software development to analyze security impacts and recommend improvements
  • Oversee audit log reviews and system alerting using Splunk or similar SIEM platforms to detect, investigate, and respond to security incidents
  • Communicate security findings clearly and effectively to technical teams and leadership, fostering a culture of security awareness and continuous improvement
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right