Incident Response Lead, Cyber Security

The SOC Manager / Incident Response Lead evaluates detection workflows, response processes, playbooks, and operational readiness. This role focuses on assessing incident timelines, triage quality, escalation logic, and consistency across SOC operations.

- Review detection alerts, triage workflows, and escalation pathways

- Evaluate completeness and quality of incident response actions

- Identify gaps in logging, detection coverage, and containment logic

- Summarize incident patterns and operational bottlenecks

- Validate playbooks for clarity, accuracy, and practical feasibility

- Support recurring assessments of SOC maturity and response operations

- Experience in SOC operations, IR leadership, or cybersecurity operations

- Strong understanding of detection engineering, response workflows, and incident timelines

- Clear analytical writing and structured documentation ability

- Familiarity with SIEM platforms, EDR tools, and cloud-native detection systems