Jobs · Information Technology · New York

Head of Cyber Incident Response

Guardian Life · New York, NY · 2 wk ago
HybridInformation Technology$152k–$250k/yrFull-time

About the role

This role sits at the intersection of hands-on incident response, threat mitigation, and team leadership. You will be part of a highly collaborative cyber defense organization, leading the response to high-impact security incidents while mentoring and developing the next generation of incident responders.

Responsibilities

  • Lead and mentor a team of incident response and forensics professionals in a hands-on leadership role.
  • Serve as the senior escalation point within the team responsible for investigating complex, high-impact cyber incidents advanced from the SOC.
  • Act as incident commander or technical lead, coordinate response actions with leadership across cybersecurity security teams while collaborating with legal, enterprise technology, engineering, and other internal teams.
  • Manage the organization’s Corporate Cyber Incident Response capability, including coordination and execution.
  • Develop, maintain, and test incident response plans, playbooks, quick-reference guides, and crisis communication procedures.
  • Partner with first-line SOC teams to build muscle memory, clarify containment authorities, and standardize response actions.
  • Collaborate with business continuity/disaster recovery teams to ensure an integrated response to large-scale cyber events.
  • Drive continuous improvement of logging, monitoring, detection coverage, and UBA capabilities, proactively identifying gaps.
  • Ensure incidents are tracked, reported, and reviewed, with high-quality after-action reports and meaningful metrics.
  • Manage third-party incident response retainers, readiness exercises, and periodic simulations.
  • Collaborate across teams through the hosting of cross-functional incident response training events, and debriefs to align on threats, trends, and lessons learned.
  • Champion risk mitigation initiatives and improvements to security control effectiveness.
  • Collaborate with cybersecurity leadership on strategy, roadmap development, vendor management, and talent planning.
  • Contribute to enterprise programs such as DLP and insider risk management.
  • Support internal and external audits, regulatory requests, and due diligence activities.
  • Continuously identify opportunities to enhance incident response maturity, automation, and cyber defense capabilities.
  • Develop standard operating procedures for our 1st line SOC based on threats/observed incidents.

Requirements

  • 7-10 years of overall cybersecurity experience, with a focus in digital forensics, incident response, SOC, or threat mitigation.
  • Broad and deep technical expertise across enterprise environments, including public cloud and SaaS platforms.
  • 3+ years of security leadership experience, ideally in incident response or cyber defense, with a player/coach mindset.
  • Strong command of incident response methodologies, digital forensics principles, and evidence handling.
  • Knowledge and experience in threat hunting, malware analysis, attacker techniques, and common vulnerabilities.
  • Practical experience working with NIST CSF, MITRE ATT&CK, and related security frameworks.
  • Hands-on experience with SIEM and log analytics platforms including logging, monitoring, insider threat, and UBA concepts.
  • Ability to translate cyber threat intelligence into actionable detections, mitigations, and response strategies.
  • Experience operating in regulated environments, preferably financial services or insurance, with understanding of U.S. privacy regulations.
  • Proven ability to lead, mentor, and develop high-performing technical teams.
  • Strong written and verbal communication skills, with experience engaging technical teams, executives, and cross-functional partners.
  • Analytical, curious, and resilient under pressure; able to think structurally and creatively during incidents.

Qualifications

  • BS or MS in cyber security, digital forensics, or equivalent experience and/or industry certifications preferred.
  • A continuous, lifelong learner with a desire to grow into broader cyber leadership.

Skills

  • Leadership and mentoring skills.
  • Technical expertise in digital forensics, incident response, and threat mitigation.
  • Communication and collaboration skills.
  • Ability to handle complex, high-impact incidents.
  • Experience with SIEM and log analytics platforms.
  • Knowledge of security frameworks and regulations.
  • Ability to lead and mentor teams.

Benefits

N/A

Pay

$152,290.00 - $250,195.00

Schedule

Three days a week at a Guardian office in New York, NY or Holmdel, NJ; 20% travel to other Guardian Offices as needed.

Similar jobs