CrawlJobs Logo

Senior Information Security Incident Response Lead

Mexico, Mexico · Job Posted February 07, 2026
Apply Position
Job Link Share

Job Description

The Senior Information Security Incident Response Lead is responsible for managing security breaches and ensuring effective incident management processes. This role requires advanced knowledge of information security, risk management principles, and the ability to communicate effectively with technical and non-technical stakeholders. A bachelor’s degree in Information Technology or Computer Science is preferred, along with certifications such as SANS GIAC Security Essentials (GSEC). The Security Advisor is an advanced subject matter expert, responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments). This role acts as the technical second responder for the team and supports the work of technical staff from various business areas, as well as third-party technical experts. The Security Advisor uses their technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets.

Job Responsibility

  • Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated
  • Performs access management activities according to the policy
  • Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses
  • Interacts with a global team of Cyber Security Analysts and specialists
  • Manages 2nd level triaging of security alerts, events, and notifications
  • Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees
  • Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders
  • Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified
  • Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults
  • Maintains an understanding of current and emerging threats, vulnerabilities, and trends

Requirements

  • Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred
  • SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Advanced experience in a Technology Information Security Industry
  • Advanced experience or knowledge of SIEM and IPS technologies
  • Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors
  • Advanced understanding of End Point Protection Software
  • Advanced understanding of Enterprise Detection and Response software
  • Advanced knowledge of technological advances within the information security arena
  • Advanced understanding of inter-relationships in an overall system or process
  • Advanced knowledge of information security management and policies
  • Advanced understanding risk management principles and frameworks
  • Advanced understanding of the organization's business operations, goals, and objectives
  • Ability to effectively communicate technical information to both technical and non-technical stakeholders, and end-users, as well as working with cross-functional teams during incident response
  • Ability to think critically, analyze information, and solve medium to complex problems

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Information Security Incident Response Lead

8 matching positions

Senior Incident Handler - Security Incident Response Team

As an Expert Security Analyst – Incident Coordinator, you will take a leadership...
Location
Location
Netherlands , Veldhoven
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field
  • 7+ years experience in advanced cybersecurity roles
  • Experience working with stakeholders in a complex organization
  • Proven record of influencing upper management towards security best practices
  • Expertise in Security Monitoring, Log Analysis, and Threat Hunting
  • Deep knowledge of Endpoint, Network, OT, Information and Cloud Security
  • Certifications – CISSP, GCIH, GCFA, CISM preferred
Job Responsibility
Job Responsibility
  • Security Monitoring – monitor security alerts for malicious activity or anomalies, ensuring swift response
  • Incident Handling – Lead investigations into high-profile, complex, or advanced persistent threats (APTs)
  • Threat Hunting – Proactively search for hidden threats and improve detection capabilities
  • Incident Analysis – Correlate data across multiple sources to detect sophisticated attack patterns
  • Detection & Response Optimization – Develop advanced detection techniques and security automation strategies
  • Technology Leadership – Act as an SME for SecOps tools and threat domains
  • Mentorship & Training – Provide guidance and mentorship to analysts at all levels
  • Fulltime
Read More
Arrow Right

Incident Response Lead - Global Security

The Incident Response (IR) Lead is accountable for leading and maturing the orga...
Location
Location
Poland; Sweden; United Kingdom , Łódź; Stockholm; London
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in cybersecurity, with significant hands-on involvement in Incident Response and Detection & Response functions
  • Demonstrated experience leading and managing IR or SOC teams in complex environments
  • Strong expertise in incident response methodologies, digital forensics, threat hunting, and attacker tactics, techniques, and procedures (TTPs)
  • Solid understanding of security technologies (EDR, SIEM, SOAR), network protocols, operating systems, and enterprise infrastructure
  • Proven ability to translate technical findings into business-relevant insights and communicate effectively with senior stakeholders
  • Experience developing and operationalizing playbooks, detection use cases, and response frameworks
  • Strong analytical and problem-solving capabilities, with attention to detail under pressure
  • Ability to lead in high-stress situations, make informed decisions quickly, and manage competing priorities
  • Experience fostering a high-performing team culture focused on collaboration, ownership, and continuous improvement
  • Excellent written and verbal communication skills, including experience delivering executive briefings
Job Responsibility
Job Responsibility
  • Own and lead the Incident Response function, including strategy, governance, and operational execution
  • Direct and optimize daily IR operations, ensuring efficient handling of security incidents, escalations, and threat hunting activities
  • Act as the central coordination point during major incidents, ensuring structured response, clear communication, and minimal business disruption
  • Design, maintain, and continuously improve incident response playbooks, workflows, and escalation procedures
  • Review and quality-assure investigations, ensuring consistency in analysis, evidence handling, and decision-making
  • Collaborate with internal teams and external partners to ensure seamless incident management
  • Lead, mentor, and develop the IR team, promoting technical excellence, accountability, and continuous learning
  • Support crisis management activities, including participation in tabletop exercises and real-world incident coordination
  • Ensure alignment with regulatory, legal, and compliance requirements related to incident response and breach handling
  • Drive integration between detection engineering, threat intelligence, and response to enhance overall security effectiveness
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right
New

Senior Information Security Engineer

Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
July 08, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • Linux/Unix /Windows Administration
  • Vulnerability Remediation & Patch Management
  • Change, Incident, Problem & Major Incident Management (ServiceNow)
  • Production Support & Rotational On-Call Support
  • Shell/Python Scripting & Automation
  • SQL/MySQL/PostgreSQL/Oracle Knowledge
  • ServiceNow, Jira & Confluence
  • Splunk, Grafana, Nagios, Zabbix & ThousandEyes
  • Agile/Scrum & ITIL Practices
Job Responsibility
Job Responsibility
  • Lead or participate in computer security incident response activities for moderately complex events
  • Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
  • Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
  • Review and correlate security logs
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
  • Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
  • Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
  • Fulltime
!
Read More
Arrow Right

Senior Information Security Engineer

Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
July 27, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Job Responsibility
Job Responsibility
  • Lead or participate in computer security incident response activities for moderately complex events
  • Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
  • Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
  • Review and correlate security logs
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
  • Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
  • Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
  • Fulltime
Read More
Arrow Right

Information Security Senior Engineer

To lead the organisation’s security assurance and standards capability. The role...
Location
Location
United Kingdom , Coventry
Salary
Salary:
70000.00 - 78000.00 GBP / Year
the-mtc.org Logo
Manufacturing Technology Centre
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in information security assurance, governance or audit‑facing security roles
  • Strong understanding of network security principles and the ability to challenge and validate technical designs
  • Led enterprise classification approach, technically and assured
  • Demonstrable experience supporting customer audits and completing security questionnaires & bid assurance responses
  • Ability to produce clear, evidence‑led documentation that stands up to scrutiny
  • Strong influencing and communication skills
  • Self‑starting approach with high ownership
Job Responsibility
Job Responsibility
  • Own the interpretation and day‑to‑day operation of relevant standards and assurance frameworks (Defence, CE/CE+)
  • Maintain an evidence library and control narratives suitable for customer audits and formal assessments
  • Lead responses to customer security audit requests and new business Security Assurance Questionnaires (SAQs), working closely with technical colleagues
  • Strengthen the organisation’s network security assurance capability: challenge designs, validate controls, and support secure integration into enterprise facilities
  • Coordinate internal assurance activities supporting annual Cyber Essentials Plus including readiness reviews, remediation tracking and evidence pack quality
  • Support incident response governance: ensure playbooks, communications templates and post‑incident learning are maintained
  • Contribute to the cyber security communications channel: support awareness campaigns, targeted briefings and lessons‑learned messaging
  • Support the maintenance of ITSM, and address security governance and design related tickets
  • Play an active role in maintaining & contributing to Security related Dev Ops
What we offer
What we offer
  • Excellent Pension Scheme
  • Flexible Working
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer (SOC)

We are looking for a Senior SOC Engineer to strengthen our Security Operations c...
Location
Location
Qatar , Doha
Salary
Salary:
Not provided
qic.digital Logo
QIC digital hub
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security as an L2/L3 SOC Analyst/Engineer with strong focus on Incident Response
  • Strong understanding of the incident lifecycle, detection engineering, and response escalation
  • Hands-on experience with SIEM/SOAR platforms (e.g., Splunk, Sentinel, Chronicle, QRadar, Wazuh)
  • Experience conducting security investigations and root cause analysis, as well as documenting those
  • Understanding of common log sources (network, endpoint, identity, application)
  • Experience developing detection rules and playbooks (Sigma, KQL, YAML, etc.)
  • Knowledge of ISO 27001 standards, MITRE ATT&CK and threat intelligence practices
  • Basic scripting or automation skills (Python or Bash)
  • Strong documentation, communication, and cross-team collaboration skills
Job Responsibility
Job Responsibility
  • Define and continuously improve security processes, procedures, and incident response playbooks
  • Optimize security event and log collection based on risk and detection relevance
  • Oversee and improve incident response workflows through post-incident analysis and lessons learned
  • Collaborate with L1-L2 security team members to expand detection coverage and develop new use cases
  • Participate in major security incident investigations, providing technical analysis and remediation guidance
  • Standardize automation and orchestration across SIEM, SOAR, EDR and related tools
  • Ensure alignment of security operations with security policies and frameworks (ISO 27001, NIST, MITRE ATT&CK)
  • Review security architecture for cloud and on-prem environments and recommend improvements
  • Lead investigation and response for high and critical severity incidents
  • Track remediation actions and ensure closure of identified security gaps
What we offer
What we offer
  • Extra paid leave
  • Language classes
  • Meeting with experts
  • Professional development
  • QIC running club
  • Relocation support
  • Remote health insurance
  • Tax consultations
  • Travel discounts
  • USD, EUR, or AED salary payouts
  • Fulltime
Read More
Arrow Right

Incident Response Senior Analyst

We are seeking a highly skilled and detail-oriented Cybersecurity Incident Respo...
Location
Location
United States , Salt Lake City
Salary
Salary:
Not provided
alterdomus.com Logo
Alter Domus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, information security, or related professional experience
  • Minimum of 1 to 3 years of experience in incident response, Security operation, threat management
  • Strong knowledge of SIEM, and SOAR environment
  • Hands-on experience with IDS/IPS, and endpoint protection platforms
  • Working knowledge of Azure Defender and AWS security suite (GuardDuty, Security Hub)
  • Knowledge of network device configurations and standards (Firewalls, Switches, NSGs)
  • Knowledge of common operating systems MacOS, Linux and Windows OS
  • Familiarity with malware analysis, reverse engineering, and forensic tools
  • Strong cross functional communication skills and the ability to work closely with internal teams & lead cyber incident remediation efforts
  • Familiarity with common security frameworks and standards, such as NIST
Job Responsibility
Job Responsibility
  • Respond to security incidents
  • Lead and manage alerts, investigate, contain, and eradicate the cyber threats
  • Conduct forensic investigations to identify the root cause of security breaches and recommend preventive measures
  • Participate in post-incident reviews to identify lessons learned
  • Coordinate with internal teams and external partners during incident containment, eradication, and recovery efforts
  • Monitor security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and other tools for suspicious activity
  • Investigate and assess potential threats, vulnerabilities, and attack vectors
  • Create detailed incident reports, document findings, remediation steps, and lessons learned
  • Maintain and update incident response playbooks and processes
  • Participate in Tabletop exercise and incident response trainings for other stakeholders
What we offer
What we offer
  • Support for professional accreditations
  • Flexible arrangements, generous holidays, plus an additional day off for your birthday
  • Continuous mentoring along your career progression
  • Active sports, events and social committees across our offices
  • 24/7 support available from our Employee Assistance Program
  • The opportunity to invest in our growth and success through our Employee Share Plan
  • Plus additional local benefits depending on your location
Read More
Arrow Right