Incident Response Lead

Company Background

With 30 years of experience in cyber defense, DeepSeas is trusted by nearly 1,000 clients around the world, including Fortune 100 enterprises and mid-market organizations, higher education institutions, municipality and local governments, and federal agencies. Known for its programmatic approach to continuously transforming cyber defense programs, DeepSeas is recognized by Gartner as a top 40 provider of MDR and ranked as a top 5 MDR leader in the 2024 Frost Radar™: Global Managed Detection and Response (MDR) Market. In addition to its industry-leading MDR service, DeepSeas offers a full suite of advisory, compliance, and testing services to support clients on their cybersecurity transformation journeys, with an approach to cyber defense that prioritizes technical expertise, tradecraft, and continuous innovation to deliver unparalleled results.

Position Overview

The Incident Response Lead supports and enhances Security Operation Center (SOC) and Incident Response (IR) efforts. The Associate Director will assist in developing and implementing SOC IR strategies that align with the organization's and clients’ business goals and objectives. This role involves leading and mentoring SOC teams, ensuring efficient incident handling, and maintaining a proactive security stance.

In addition to client engagements, candidate will contribute to the development and refinement of the detection and response workstream at the DeepSeas level. They will collaborate closely with the Director to drive continuous improvement initiatives, refine incident response processes, and conduct advanced threat-hunting activities.

Will also be involved in hiring, onboarding, and mentoring activities within DeepSeas, contributing to the overall growth and development of the SOC team. They will provide insights and recommendations for workstream initiatives to the leadership team, ensuring alignment with strategic objectives.

Key Responsibilities

• Assist in developing and implementing SOC IR strategies.
• Lead and mentor IR SOC teams.
• Support and oversee high-severity incident response efforts.
• Coordinate with internal and external stakeholders during incidents.
• Drive continuous improvement initiatives within the SOC.
• Refine and test incident response playbooks and procedures.
• Conduct advanced threat-hunting activities.
• Stay updated on emerging cybersecurity threats and trends.
• Generate and present insightful metrics and reports to leadership.
• Foster a culture of proactive security within the SOC.
• Contribute to the development and refinement of the detection and response workstream at the DeepSeas level.
• Participate in hiring, onboarding, and mentoring activities within DeepSeas.
• Provide insights and recommendations for workstream initiatives to the leadership team.

Skills, Knowledge and Expertise

• Education:
• Bachelor's degree in Cybersecurity, Computer Science, or a related field.
• Experience:
• 7+ years of experience in cybersecurity, with a focus on incident response and SOC operations.
• 3+ years in a leadership role within a SOC.
• Skills:
• Strong analytical and problem-solving skills.
• Proficiency in SIEM, EDR, and NDR tools.
• Ability to develop and refine incident response playbooks.
• Knowledge of advanced threat-hunting techniques.
• Excellent communication and leadership skills.
• Familiarity with frameworks such as MITRE ATT&CK and NIST SP 800-61.
• Understanding of malware analysis, digital forensics, and network forensics.
• Ability to work in a fast-paced, 24/7 environment.
• Willingness to be on-call for high-severity incidents.
• Certifications:
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent advanced security certifications.

Why DeepSeas?

At DeepSeas, we like to say that heart rates go down, careers take off, and security programs mature. Our values provide the ultimate guide for our daily behavior and decisions. Without these values, we aren’t DeepSeas. They preserve the essence of our organization, reflect the personalities of our Deeps (how we affectionately refer to our teammates), and enable us to exceed expectations. Our values are:

• We are client obsessed.
• We stand in solidarity with our teammates.
• We prioritize personal health and well-being.
• We believe in the power of diversity.
• We solve hard problems at the speed of cyber.

This is your chance to join a supportive crew of teammates and an industry-leading organization that values opportunities for growth. If DeepSeas sounds like a good fit for you, send us your resume and let’s talk!

Information security is everyone’s responsibility:

• Understanding and following DeepSeas' information security policies and procedures.
• Remaining vigilant and reporting any suspicious activity or possible weaknesses in DeepSeas’ information security.
• Actively participating in DeepSeas’ efforts to maintain and improve information
• security.
• DeepSeas considers this position is as Moderate Risk with a potential to
• view/access/download restricted/private client/internal data. This information must be treated with
• sensitivity and in the most secure manner. HR reserves the right to perform random background/drug
• screens to ensure the safety of client/DeepSeas data