Incident Responder

Summary

Join Centric Software's security operations team as an experienced Incident Response expert. Lead and manage major security incidents, coordinating resources and communication for effective resolution. You will oversee incident detection and triage, develop and implement IR strategies, and conduct root cause analysis. This role requires strong communication skills to engage with stakeholders and provide expert advice during high-pressure situations. You will also be responsible for training, customer engagement, vendor management, and ensuring compliance. The ideal candidate possesses extensive experience in incident response and relevant certifications.

Requirements

• Minimum of 7+ years with main focus being Incident Response
• Has the ability to hit the ground running
• Deep understanding of security incident response methodologies, threat intelligence, and common cyber-attack vectors (e.g., ransomware, phishing, DDoS, malware, etc.)
• Strong verbal and written communication skills with the ability to articulate complex technical issues to non-technical stakeholders
• Proven ability to manage customer relationships, especially during critical incidents, with a focus on customer satisfaction and resolution
• Familiarity with security technologies and tools, including SIEM, IDS/IPS, firewalls, endpoint protection, and forensic analysis tools
• Ability to maintain composure and leadership under pressure, ensuring timely and effective incident resolution
• Certifications such as CISSP, CISM, CISA, or GIAC (GCIH, GCFA) are required

Responsibilities

• Lead and Manage Incident Response (IR): Take charge of major security incidents, coordinating resources, teams, and communication to resolve security breaches in an effective and timely manner
• Incident Detection & Triage: Oversee the identification and triage of security events, ensuring proper classification and prioritization of incidents based on severity and potential impact
• Develop and Implement IR Strategies: Continuously improve and refine the incident response process, incorporating lessons learned from previous incidents and industry best practices
• Root Cause Analysis: Conduct thorough post-incident analysis to determine the root cause of security incidents and implement measures to prevent recurrence
• Digital Forensic Expertise: Hands-on experience with forensic tools and methodologies for collecting, preserving, analyzing, and reporting on digital evidence
• Collaboration & Communication: Maintain clear communication with both technical and non-technical stakeholders, ensuring senior leadership, clients, and partners are informed throughout the incident response process
• Incident Reporting & Documentation: Ensure that all incidents are documented accurately, and reports are generated for stakeholders, including detailed timelines, impact assessments, and lessons learned
• Training & Awareness: Lead training efforts for internal teams and key stakeholders on incident response procedures, cybersecurity awareness, and proactive measures to reduce the likelihood of security incidents
• Customer Engagement: Work directly with customers, especially in high-stakes situations, providing guidance, support, and updates regarding incident response and resolution
• Vendor & Tool Management: Oversee and manage third-party vendors and tools utilized during the incident response process to ensure efficiency and cost-effectiveness
• Compliance & Regulatory Requirements: Ensure that all incident response efforts comply with applicable legal, regulatory, and contractual obligations