Job Purpose:
This role is responsible for leading and coordinating the organization's response to high-severity cybersecurity incidents, ensuring effective collaboration across technical teams and business stakeholders. It drives the full incident response lifecycle while strengthening overall readiness through playbooks and exercises. In addition, the role oversees key cybersecurity initiatives, tracks progress across the security portfolio and ensures alignment with business priorities. It also develops and communicates metrics and insights to provide clear visibility into incident trends, response effectiveness, and program performance, translating complex technical outcomes into actionable information for leadership.
Essential Functions:
- Incident Response Leadership (Primary Focus)
- Serve as incident commander for high-severity cybersecurity incidents
- Lead coordination across IT, network, legal, communications, and business stakeholders
- Drive the end-to-end incident response lifecycle, including post-incident reviews and improvements
- Strengthen incident readiness through playbooks, exercises, and lessons learned
- Program & Initiative Execution
- Lead execution of key cybersecurity initiatives and cross-functional efforts
- Track progress, dependencies, and outcomes across the security portfolio
- Help ensure alignment between security priorities and broader business needs
- Metrics & Reporting
- Develop and track core cybersecurity metrics and operational indicators
- Provide regular updates on incident trends, response performance, and key initiatives
- Help translate technical outcomes into clear and actionable insights
Education:
- Four years of College resulting in a Bachelor's Degree or equivalent experience
Relevant Work Experience:
- 7-12+ years' experience in cybersecurity, with focus in incident response, security operations, or threat management
- Experience in a SOC, IR, or cyber defense environment
- Exposure to regulated or critical infrastructure environments
- Experience contributing to executive-level updates or reporting
Special Knowledge, Skills and Abilities:
- Experience leading or coordinating major incident response efforts
- Demonstrated ability to drive cross-functional work or initiatives
- Strong incident response leadership and ability to operate under pressure
- Ability to work across technical teams and business stakeholders
- Experience using data or metrics to track performance and outcomes
- Clear communication skills, including the ability to summarize complex issues
Supervisory Responsibility:
- No Supervisory Responsibilities