Head of Cyber Incident Response & Cyber Threat Mitigation Services

Software Guidance & Assistance, Inc., (SGA), is searching for a hands-on Head of Cyber Incident Response & Cyber Threat Mitigation Services for a FULL-TIME assignment with one of our premier Insurance clients in Holmdel, NJ; Bethlehem, PA; New York, NY; or Stamford, CT. Hybrid schedule 3 days weekly in office. 20% travel to other offices as needed,

A qualified candidate should be a collaborative self-starter who has a combination of strong technical aptitude, knowledge of security attack methods/stages (e.g., MITRE), a strong mindset, strong written and oral communication and can also inspire and develop talent. They must partner across the firm to drive identification, containment, investigations, response and recovery.

Responsibilities:

• Lead a team of incident response and threat mitigation engineers.
• Design, operate, and continuously improve the cyber incident response and threat mitigation program.
• Oversee the Corporate Incident Response Team, coordinating cross-functional actions during incidents.
• Own and maintain playbooks, quick-reference guides, out-of-band communication protocols.
• Collaborate with 1st line teams to ensure containment readiness and clear shutdown authority.
• Integrate incident response with business continuity and disaster recovery efforts.
• Triage and lead escalated incidents from the Security Operations Center (SOC).
• Manage third-party IR retainers and coordinate periodic response exercises.
• Ensure high-quality incident handling, tracking, reporting, and post-incident analysis.
• Develop and document incident reports and response metrics.
• Lead the User Behavior Analytics (UBA) program and enhance SOC procedures based on threat trends.
• Identify and close gaps in logging and monitoring capabilities.
• Facilitate cross-functional incident response collaboration (HR, Legal, Compliance, etc.).
• Deliver clear, concise communication to stakeholders across all levels.
• Provide deep technical insight into security control monitoring at all layers.
• Champion cyber risk mitigation initiatives and advocate for continuous improvement.
• Contribute to cybersecurity strategy, vendor management, and talent development.
• Support the enterprise Data Loss Prevention (DLP) program.
• Recruit, develop, and manage team performance, growth, and retention.
• Advise leadership on improving incident response and threat mitigation tools and practices.
• Respond to audit and due diligence requests.
• Continuously refine IR and threat mitigation processes.

Required Skills:

• 7+ years of broad, hands-on technology experience, including public cloud environments
• 3+ years of leadership experience in cybersecurity, with a focus on incident response
• Deep knowledge of incident response methodologies, evidence handling, and threat mitigation
• Strong familiarity with frameworks like MITRE ATT&CK, NIST CSF, and industry best practices
• Proficiency in SIEM tools (preferably Splunk), UBA, and logging/monitoring strategies
• Understanding of malware analysis, common vulnerabilities, and threat actor tactics
• Experience working in regulated environments (e.g., financial services, insurance), including US privacy laws
• Proven ability to lead, develop, and inspire high-performing, cross-functional teams
• Strong written and verbal communication skills; able to engage with stakeholders across IT, Legal, HR, Risk, and Compliance
• Demonstrated ability to translate threat intelligence into actionable response and risk mitigation strategies
• Strategic thinker with strong analytical skills and business alignment mindset
• Bachelor's or Master's degree in Cybersecurity or related field; relevant certifications a plus (e.g., CISSP, GIAC)
• Committed to continuous learning and staying current on evolving threats and tools

Preferred Skills:

• Insurance or equivalent
• Large consulting organization, big 4, or equivalent

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.