Coordinate and lead incident response efforts across teams, ensure proactive security measures, and enhance cyber defense strategies through continuous improvement and training.
Coordinate the investigation, containment, recovery, and remediation of cybersecurity incidents, collaborating with IT, legal, communications, and third parties as needed
Serve as the primary contact during incidents, providing status updates and coordinating activities with leadership, internal teams, and external partners
Monitor and analyze network traffic, security logs, and alerts to identify, triage, and respond to suspicious activity and potential incidents
Document after action incident details, actions taken, timelines, and lessons learned in line with organizational standards
Conduct periodic incident response exercises, deliver training, and raise awareness among staff on emerging threats and protocols
Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise
Continuously review and improve the incident response plan, procedures, and playbooks based on post-incident reviews and lessons learned
Perform initial triage and analysis of security incidents to assess scope, urgency, and impact.
Guide cross-functional teams to contain threats, eradicate vulnerabilities, and restore normal operations
Coordinate with the Corporate Leadership, Security Operations Center (SOC), and external parties as required
Lead after-action reviews, publish findings, and recommend mitigation measures to strengthen future defenses
Stay current with evolving threats, vulnerabilities, and best practices through threat intelligence monitoring and external sources
Requirements
Strong knowledge of incident response processes, attack vectors, threat tactics, and detection methods
Experience with DNS Security, SIEM and SOAR systems, endpoint detection tools, forensic software, and security monitoring solutions
Excellent analytical, problem-solving, and communication skills, with the ability to perform under pressure
Familiarity with regulatory requirements, security frameworks, and incident response standards (e.g., NIST, ISO 27001)
Proactive mindset focused on continuous improvement, training, and cross-departmental collaboration
Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field or equivalent work experience of 5 years or more
Minimum of 2 years of experience in cybersecurity incident response or a related role
Preferred Qualifications:
Professional certifications such as CISSP, ECIH, GCFE, GCIH
Experience with digital forensics and malware analysis
Knowledge of network protocols and security architecture
We are a value-driven consulting and engineering partner, helping companies to design and execute their most challenging digital transformations in the Cloud.Moving to the Cloud is merely the foundation of your digital transformation. Once migration is complete, we integrate cutting-edge technologies into all areas of your organization to redefine the way you do business. Our aim is to take you on a Cloud-centric journey to unlock the value hidden in your data and compete in an increasingly competitive and connected world. We take an evidence-based approach to setting up your transformation, leveraging ProArch’s solution set to accelerate your time to value.
