Incident Response Lead, Cyber Security
Alignerr · Seattle, WA · Yesterday
RemoteRemoteEngineeringContract
About The Role
Type: Hourly Contract
Location: Remote
Commitment: Flexible
What You'll Do
- Evaluate detection alert pipelines, triage workflows, and escalation pathways for quality and consistency
- Assess the completeness and effectiveness of incident response actions across real or simulated timelines
- Identify critical gaps in logging coverage, detection logic, and containment procedures
- Review and validate incident response playbooks for clarity, accuracy, and operational feasibility
- Summarize recurring incident patterns and pinpoint operational bottlenecks
- Support ongoing assessments of SOC maturity and overall response readiness
- Deliver structured, analytical documentation that drives actionable improvements
Must-Have Who You Are
- Hands-on experience in SOC operations, incident response leadership, or cybersecurity operations
- Strong working knowledge of detection engineering, response workflows, and incident lifecycle management
- Sharp analytical thinking with the ability to translate findings into clear, structured written assessments
- Comfortable working independently and delivering consistent, high-quality evaluations
Nice To Have
- Familiarity with SIEM platforms (e.g., Splunk, Sentinel, Chronicle)
- Experience with EDR tools and cloud-native detection systems
- Background in threat intelligence, purple teaming, or adversary simulation
- Relevant certifications such as GCIH, GCFA, CISSP, or equivalent