Job Title: Cybersecurity Incident Response Recovery Lead
Job Type: Contract/Remote
Responsible for supporting cross-functional teams during the restoration and remediation of customer-impacting cybersecurity incidents, as well as incident communications and the development of customer-facing executive summaries. The IR Recovery Lead will assist with threat analysis, containment, and the recovery of mission-critical systems and applications to restore the customer to normal business operations as soon as possible.
- Provide overall engagement leadership and be the primary point of contact in customer cybersecurity incidents, ensuring timely and accurate communications with stakeholders.
- Gather business requirements to facilitate an effective recovery of business operations.
- Provide support and guidance for customers experiencing security breaches.
- Serve as the primary interface with customer crisis management teams, offering guidance on appropriate incident response strategies and maintaining situational awareness while communicating details as needed.
- Coordinate and communicate with the customer's PMO on tasks, status, issues, and escalations.
- Leverage the power and scale to assist customers with full recovery by aligning products and services with customer requirements.
- Provide key insights during post-incident reviews to identify improvement opportunities.
- 12+ years of experience in cybersecurity.
- Strong technical and consulting skills, as well as project management capabilities.
- A deep understanding of incident response best practices.
- Ability to demonstrate an understanding of data protection strategies and technologies.
- Experience with security and risk frameworks, standards, and best practices.
- Ability to develop more complex security incident recovery standards and procedures applicable to complex, global technical requirements.
- Experience in creating disaster recovery and incident recovery plans.
- An advanced understanding of cybersecurity incident recovery key concepts, with deep expertise in at least two areas.
- Experience with assessing the current state of the environment and the customer's needs in similar roles.
- Technical certification such as GCIH, CCFP, GCFE, GCFA, or equivalent is a plus.
- Prior experience in an incident response role.
- Understanding of IDS/IPS, SIEM, email security, EDR, and endpoint protection technologies.
- Strong understanding of network, application layer, and OS fundamentals.
- Strong attention to detail, time management, and analytical skills.
- Strong written and communication skills.
- Ability to function effectively in high-intensity situations while interacting with C-Suite executives from the customer.
- A degree in Computer Science, Engineering, or a related discipline is preferred.
- Up to 50% travel across EMEA.
If you are interested in this role or would like to discuss it further, please call Nidhi at +353 1 645 5244 or email [email protected].
Candidates must possess a valid visa to work in Ireland (Stamp 1G/Stamp 4/EU Passport).