Cyber Incident Response Lead

Full Time
Work from home not available Travel not required

Job Description


Cyber Incident Response Lead




Do you enjoy IT Security, keeping a company safe? Then Robert Half could be the place for you! We are seeking a Cyber Security Response Lead to help detect, respond, contain and resolve Cyber Incidents. In this role, you will:

  • Facilitate, document and manage the associated processes, operating procedures, policies, testing and continued development related to Cyber Incident Response
  • Partner with key business and IT teams to ensure all needed parties are included, aware and have input into detecting, responding, containing and resolving Cyber Incidents
  • Lead and facilitate the continued practice of the Cyber Incident Response process by all appropriate teams, to include performing tabletop exercises routinely.
  • Facilitate geographically distributed resources to provide monitoring and response to security events, alerts and reports
  • Oversees resources and their efforts in performing investigations and digital forensics, as well as interfacing with internal and external partners as appropriate
  • Facilitate, document and manage the root cause analysis and postmortem process including tracking all action items and lessons learned through to implementation.
  • Identifies opportunities for iterative improvement in coverage of intelligence and monitoring through existing resources; recommends and works with the team(s) to implements solutions
  • Knowledge of and ensures the proper chain of custody process and securing of evidence is appropriately handled in a legally presentable manner
  • Sets expectations regarding process and customer-focused outcomes, navigating changes that arise and escalating issues appropriately and provides guidance and helps enforce escalation procedures to ensure that security incidents are appropriately assigned and that all necessary communication guidelines are followed
  • Strong attention to detail and demonstrated ability to handle sensitive and confidential information and matters
  • Works with a sense of urgency while remaining calm under pressure
  • Analyzes information and makes informed recommendations to influence decisions
  • Establishes a positive work environment conducive to collaboration and teamwork
  • Ensures team has the tools, resources, and information they need to be successful
  • Communicate with leadership to overcome potential stumbling blocks and resistance
  • Executes strategy/tactics to deliver desired results
  • Clear understanding of the security domain and how the security teams engage with other areas of the organization
  • Define, drive and continually update the Cyber Incident Response and Vulnerability Management capability road-map
  • Employ continuous improvement methodologies across own team (e.g. quantifies impacts, risks, increased productivity, iterates quickly, shorten feedback loop, experience creating relevant KPIs)
  • Understands, aligns, and communications organizational goals/strategy
  • Effectively listens, processes and takes appropriate action
  • Facilitates the discussion of conflicting issues between individuals and groups and helps to moderate or work toward resolution

Behavioral Competencies

  • Provides amazing experiences to both internal and external customers by seeing the big picture, understanding needs and tying them to results, and driving value
  • Demonstrates a positive mindset, high levels of character and integrity, and a keen awareness of continuous improvement
  • Understands how team efforts are aligned with organizational objectives and priorities
  • Effectively responds to emotions in others
  • Understands the impact of their actions have on others and adjusts approach where necessary
  • Advises and collaborates with others to develop strong, positive working relationships across all levels of the organization to drive success of projects and efforts
  • Offers creative, innovative, data-based solutions by focusing on forward progress and creativity, even when working through complex, often competing needs
  • Adjusts positively to quickly-changing priorities and shifting goals
  • Listens to and embraces ideas and insights from others to find better solutions

Key Qualifications

  • Bachelor's degree in related field or equivalent experience
  • 6+ years IT security engineering experience in a large corporate setting, including 2+ years experience mentoring and leading junior IT Security Engineers. Experience with full cycle software development methodologies, tools, and practices
  • 5+ years of relevant work experience in Incident Response
  • 3+ years leading cyber incidents or effectively coordinating resources across multiple teams preferable
  • CISSP, CISM, CFCE, GCIH or equivalent security certification strongly preferred
  • BA/BS in Computer Science or closely related degree or equivalent practical experience
  • Understanding of enterprise, network, system/endpoint, and application-level security issues and risks
  • Excellent written and verbal communications, including presentation skills, are important to be successful in this role.
  • Proven ability to effectively communicate with all levels of the organization, as well as with external parties
  • Self-starter with the ability to make independent decisions and the judgment to know when to seek guidance
  • Familiarity and understanding of security control frameworks: NIST, ISO, SOC, etc.
  • Familiarity and understanding of regulatory compliance in: PCI, SOX, HIPAA, GDPR, etc. desirable

Follow us on Twitter @RH_Corp_Jobs for Robert Half Corporate job openings and career and workplace news!

Robert Half International Inc. is an Equal Opportunity Employer. M/F/Disability/Veteran

As part of Robert Half s corporate facility employment process, any offer of employment is contingent upon successful completion of a background check.

You may apply for this position online, or by mail. Robert Half is committed to being an equal employment employer offering opportunities to all job seekers including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to apply for a position, please contact us by sending an email to for assistance.

In your email please include the following:

  • The specific accommodation requested to complete the employment application
  • The location(s) (city, state) to which you would like to apply.

By mail: Please mail your cover letter and resume to: Corporate Staffing Robert Half 2613 Camino Ramon San Ramon, CA 94583-9128




Dice Id : 10211279a
Position Id : JR-219714
Have a Job? Post it

Similar Positions

Threat and Vulnerability Management Engineer
  • First Republic Bank
  • San Francisco, CA
Cyber Intelligence Analyst
  • Federal Reserve Bank, San Francisco
  • San Francisco, CA
Incident Response Expert
  • Amiseq Inc.
  • Concord, CA
Reverse Engineering/Malware Analyst
  • Net2Source Inc.
  • Mountain View, CA
Info Security Engineer 5 - Application Incident Response & R
  • Capital Markets Placement
  • San Francisco, CA
Security Engineer III (Cyber Defense)
  • Bayside Solutions
  • San Ramon, CA
Incident Management Coordinator
  • Indotronix International Corp
  • San Francisco, CA
Senior Application Security Analyst
  • Tiro Security
  • San Francisco, CA
Staff Cyber Systems Engineer
  • Northrop Grumman
  • Azusa, CA
Cyber Threat Intel Analyst
  • Leidos
  • Los Angeles, CA
  • Reliable Software Resources
  • Los Angeles, California
SOC Lead
  • serv staffing
  • Los Angeles, CA