Full-Time Director, Incident Response & Detection

The Director, Incident Response and Detection will be a critical team member responsible for all incident response operations, the 24/7 security operations center (SOC), and all detection engineering and threat hunting activities.

Responsibilities:

• Lead the overall strategy, execution, and continuous improvement of Security Operations, Incident Response, and Security Automation, Detection Engineering, and Threat Hunting programs.
• Manage and mentor SOC managers, incident responders, and threat hunters across global time zones.
• Build and evolve IR policies, procedures, and playbooks that align with industry best practices (NIST, MITRE ATT&CK, etc.).
• Ensure continuous readiness for cyber incidents and lead tabletop exercises and red/blue team collaboration.
• Serve as the senior escalation point for critical security incidents.
• Lead proactive threat hunting efforts, leveraging advanced analytics, threat intel, and behavioral analysis.
• Interface with executive leadership, Legal, Risk, and IT to provide visibility and alignment on key cyber risks.
• Deliver clear, actionable reporting on threat landscape trends, incident response outcomes, and SOC performance.
• Act as a spokesperson and subject matter expert during high-severity events.

Basic Requirements:

• 5+ years working in Cyber Defense with experience in Incident Response, Security Operations Center (SOC), detection engineering, or similar functions.
• Deep technical knowledge of cyber threats, detection technologies, forensic tools, EDR/SIEM platforms, and attack methodologies.
• Strong command of security frameworks such as MITRE ATT&CK, NIST CSF, CIS Controls.
• Experience with host-based and network-based logging and analysis.
• Strong communication skills with experience briefing corporate executives.

Desired Characteristics:

• Previous experience working in multiple large complex environments.
• Relevant certifications (GCIA, GCIH, GCFA, GNFA, etc.).

What is the last date for applying to the job?

Which countries are accepted for this remote job?