Cyber Defense and Incident Response Analyst
Guardian Life · Holmdel, NJ · 1 wk ago
HybridInformation Technology$95k–$156k/yrFull-time
About the role
This role sits at the intersection of hands-on incident response, cyber defense and threat mitigation. You will be part of a highly collaborative cyber defense and incident response organization, responding to and investigating high-impact security incidents. The ideal candidate is an analytical, curious, and resilient technical leader with a strong investigative mindset and a desire to reduce risk through decisive action.
Responsibilities
- Investigate complex, high-impact cyber incidents advanced from the SOC.
- Act as a technical lead, working as part of a collaborative team responding to actions across cybersecurity security teams while collaborating with legal, enterprise technology, engineering, and other internal teams.
- Contribute to and refine test incident response plans, playbooks, quick-reference guides, and crisis communication procedures.
- Partner with first-line SOC teams to build muscle memory, clarify containment authorities, and standardize response actions.
- Coordinate with business continuity/disaster recovery teams to ensure an integrated response to large-scale cyber events.
- Drive continuous improvement of logging, monitoring, detection coverage, and UBA capabilities, proactively identifying gaps.
- Ensure incidents are tracked, reported, and reviewed, with high-quality after-action reports and meaningful metrics.
- Collaborate across teams through cross-functional incident response training events, and debriefs to align on threats, trends, and lessons learned.
- Lead risk mitigation initiatives and improvements to security control effectiveness.
- Collaborate with cybersecurity leadership on strategy, roadmap development, vendor management, and talent planning.
- Contribute to enterprise programs such as DLP and insider risk management.
- Support internal and external audits, regulatory requests, and due diligence activities.
- Continuously identify opportunities to enhance incident response maturity, automation, and cyber defense capabilities.
- Develop standard operating procedures for our 1st line SOC based on threats/observed incidents.
Requirements
- Broad and deep technical expertise across enterprise environments, including public cloud and SaaS platforms.
- Experience with AI models, LLM's and implementing AI for Cyber detection response.
- Eagerness to grow within the security leadership and obtain experience, ideally in incident response or cyber defense, with a player/coach mindset.
- Strong command of incident response methodologies, digital forensics principles, and evidence handling.
- Knowledge and experience in threat hunting, malware analysis, attacker techniques, and common vulnerabilities.
- Practical experience working with NIST CSF, MITRE ATT&CK, and related security frameworks.
- Hands-on experience with SIEM and log analytics platforms including logging, monitoring, insider threat, and UBA concepts.
- Ability to translate cyber threat intelligence into actionable detections, mitigations, and response strategies.
- Experience operating in regulated environments, preferably financial services or insurance, with understanding of U.S. privacy regulations.
- Proven ability to lead, mentor, and develop high-performing technical teams.
- Strong written and verbal communication skills, with experience engaging technical teams, executives, and cross-functional partners.
- Analytical, curious, and resilient under pressure; able to think structurally and creatively during incidents.
Qualifications
- BS or MS in cyber security, digital forensics, or equivalent experience and/or industry certifications preferred.
- A continuous, lifelong learner with a desire to grow into broader cyber leadership.
Skills
- Deep knowledge of modern attack techniques and frameworks.
- Clear communication under pressure.
- Natural inclination to step in and lead during critical situations.
- Strong command of incident response methodologies, digital forensics principles, and evidence handling.
- Knowledge and experience in threat hunting, malware analysis, attacker techniques, and common vulnerabilities.
- Practical experience working with NIST CSF, MITRE ATT&CK, and related security frameworks.
- Hands-on experience with SIEM and log analytics platforms including logging, monitoring, insider threat, and UBA concepts.
- Ability to translate cyber threat intelligence into actionable detections, mitigations, and response strategies.
- Experience operating in regulated environments, preferably financial services or insurance, with understanding of U.S. privacy regulations.
- Proven ability to lead, mentor, and develop high-performing technical teams.
- Strong written and verbal communication skills, with experience engaging technical teams, executives, and cross-functional partners.
- Analytical, curious, and resilient under pressure; able to think structurally and creatively during incidents.
Benefits
Not specified.
Pay
$95,170.00 - $156,355.00
Schedule
Three days a week at a Guardian office in New York, NY or Holmdel, NJ. 20% travel to other Guardian Offices as needed.