Incident Response Coordinator (IRC)

• Coordinate the investigation, containment, recovery, and remediation of cybersecurity incidents, collaborating with IT, legal, communications, and third parties as needed
• Serve as the primary contact during incidents, providing status updates and coordinating activities with leadership, internal teams, and external partners
• Monitor and analyze network traffic, security logs, and alerts to identify, triage, and respond to suspicious activity and potential incidents
• Document after action incident details, actions taken, timelines, and lessons learned in line with organizational standards
• Conduct periodic incident response exercises, deliver training, and raise awareness among staff on emerging threats and protocols
• Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise
• Continuously review and improve the incident response plan, procedures, and playbooks based on post-incident reviews and lessons learned
• Perform initial triage and analysis of security incidents to assess scope, urgency, and impact.
• Guide cross-functional teams to contain threats, eradicate vulnerabilities, and restore normal operations
• Coordinate with the Corporate Leadership, Security Operations Center (SOC), and external parties as required
• Lead after-action reviews, publish findings, and recommend mitigation measures to strengthen future defenses
• Stay current with evolving threats, vulnerabilities, and best practices through threat intelligence monitoring and external sources
  

Requirements

• Strong knowledge of incident response processes, attack vectors, threat tactics, and detection methods
• Experience with DNS Security, SIEM and SOAR systems, endpoint detection tools, forensic software, and security monitoring solutions
• Excellent analytical, problem-solving, and communication skills, with the ability to perform under pressure
• Familiarity with regulatory requirements, security frameworks, and incident response standards (e.g., NIST, ISO 27001)
• Proactive mindset focused on continuous improvement, training, and cross-departmental collaboration
• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field or equivalent work experience of 5 years or more
• Minimum of 2 years of experience in cybersecurity incident response or a related role
  

• Professional certifications such as CISSP, ECIH, GCFE, GCIH
• Experience with digital forensics and malware analysis
• Knowledge of network protocols and security architecture
• Familiarity with malware types and attack methods
• Experience with scripting and automation tools