Senior Cybersecurity Incident Responder

Senior Cyber Defense Incident Responder

Greensboro, NC- Onsite or USC Exp: 10+ years

As a Senior Cyber Defense Incident Responder within the Global Cybersecurity Operations Center ( CSOC ), you will serve as a key technical expert, responsible for responding to sophisticated cyber threats, leading incident investigations, & strengthening the organization s cybersecurity posture. This role requires a combination of hands - on technical expertise & mentoring skills to drive effective threat detection, rapid incident response, & continuous improvements in SOC operations.

Key Responsibilities

Analyze & respond to complex security incidents & alerts generated by SOC tools ( e.g., SIEM, EDR, IDS / IPS ).
Investigate & resolve escalated incidents from Level 1 & Level 2 analysts, ensuring timely containment & remediation.
Lead end-to-end investigations involving malware infections, data breaches, insider threats, & other advanced attacks.
Conduct digital forensics to collect, analyze, & preserve evidence in compliance with legal & regulatory standards.
Produce detailed incident reports including root cause analysis & actionable recommendations.
Leverage threat intelligence to identify indicators of compromise ( IOCs ) & anticipate emerging threats.
Mentor & guide junior SOC analysts to promote knowledge-sharing & professional development.
Collaborate with IT, security, & business stakeholders to implement & refine security controls.
Drive continuous improvement of SOC workflows, tools, & technologies for enhanced operational effectiveness.
Identify gaps in detection & response capabilities & provide strategic recommendations for improvement.

Required Qualifications

Bachelor s degree in Computer Science, Information Security, or a related technical discipline.
Minimum of 5 years of experience in cybersecurity with at least 3 years supporting cyber defense operations in large enterprise environments ( SOC, SIRT, or CSIRT ).
Strong understanding of Advanced Persistent Threats ( APT ), cybercrime, & hacktivist tactics, techniques, & procedures ( TTPs ).
Proficient in incident handling, threat lifecycle management, & root cause analysis.
Deep knowledge of operating systems (Windows, Linux, macOS), network & application layer protocols.
Hands - on experience with SIEM tools, EDR platforms, IDS / IPS, sandboxing solutions, & email security technologies.
Experience in scripting ( e.g., PowerShell, Python, Perl ) for automation & investigation tasks.
Familiarity with MITRE ATT&CK, NIST Framework, Cyber Kill Chain, & SANS CSC frameworks.
Understanding of modern cryptographic systems & network security architectures.
Ability to analyze & triage alerts, develop detection content, & implement countermeasures.
Strong analytical, technical writing, & communication skills for both technical & executive audiences.

Preferred Qualifications

Experience managing cybersecurity processes & initiatives within a CSOC environment.
Hands - on experience in cyber threat hunting, digital forensics, & vulnerability management.
Relevant certifications such as CISSP, GCIH, GCIA, Linux+, CCNA, or CCNP.
Knowledge of authentication & authorization mechanisms across diverse platforms.
Proven ability to work collaboratively with cross - functional teams & communicate technical risks to stakeholders.
Understanding of operational technology ( OT ) security principles is a plus.