Cybersecurity Incident Response Recovery Lead

Job Type:
Job reference:
11 months ago

Job Title: Cybersecurity Incident Response Recovery Lead
Job Type: Contract/Remote

Role Overview:
Responsible for supporting cross-functional teams during the restoration and remediation of customer-impacting cybersecurity incidents, as well as incident communications and the development of customer-facing executive summaries. The IR Recovery Lead will assist with threat analysis, containment, and the recovery of mission-critical systems and applications to restore the customer to normal business operations as soon as possible.


  • Provide overall engagement leadership and be the primary point of contact in customer cybersecurity incidents, ensuring timely and accurate communications with stakeholders.
  • Gather business requirements to facilitate an effective recovery of business operations.
  • Provide support and guidance for customers experiencing security breaches.
  • Serve as the primary interface with customer crisis management teams, offering guidance on appropriate incident response strategies and maintaining situational awareness while communicating details as needed.
  • Coordinate and communicate with the customer's PMO on tasks, status, issues, and escalations.
  • Leverage the power and scale to assist customers with full recovery by aligning products and services with customer requirements.
  • Provide key insights during post-incident reviews to identify improvement opportunities.


  • 12+ years of experience in cybersecurity.
  • Strong technical and consulting skills, as well as project management capabilities.
  • A deep understanding of incident response best practices.
  • Ability to demonstrate an understanding of data protection strategies and technologies.
  • Experience with security and risk frameworks, standards, and best practices.
  • Ability to develop more complex security incident recovery standards and procedures applicable to complex, global technical requirements.
  • Experience in creating disaster recovery and incident recovery plans.
  • An advanced understanding of cybersecurity incident recovery key concepts, with deep expertise in at least two areas.
  • Experience with assessing the current state of the environment and the customer's needs in similar roles.
  • Technical certification such as GCIH, CCFP, GCFE, GCFA, or equivalent is a plus.
  • Prior experience in an incident response role.
  • Understanding of IDS/IPS, SIEM, email security, EDR, and endpoint protection technologies.
  • Strong understanding of network, application layer, and OS fundamentals.
  • Strong attention to detail, time management, and analytical skills.
  • Strong written and communication skills.
  • Ability to function effectively in high-intensity situations while interacting with C-Suite executives from the customer.
  • A degree in Computer Science, Engineering, or a related discipline is preferred.
  • Up to 50% travel across EMEA.

    If you are interested in this role or would like to discuss it further, please call Nidhi at +353 1 645 5244 or email [email protected].

    Candidates must possess a valid visa to work in Ireland (Stamp 1G/Stamp 4/EU Passport).
Back job search
Back to Search Results