• Act as Incident Commander for all security issues across the enterprise • Lead the incident response team in identifying, analyzing, and resolving cybersecurity incidents • Coordinate with stakeholders for timely and effective resolution • Develop and maintain incident response plans, playbooks, and SOPs • Manage on-call rotation • Communicate clearly with senior management and external stakeholders during and post-incident • Prepare detailed incident reports with post-incident analysis and recommendations • Collaborate with other cybersecurity teams to improve detection rules, refine security policies, and enhance overall security posture • Analyze security monitoring alerts and respond to cybersecurity incidents • Serve as a subject matter expert who defines visibility and response requirements • Perform forensic analysis on data and endpoints • Lead complex investigations into advanced cyber threats, including malware outbreaks, targeted attacks, and persistent threats • Conduct thorough investigations to determine root cause and impact of incidents • Use threat intelligence and advanced analytics to identify and address potential threats • Implement and oversee remediation measures to prevent recurrence • Hunt for hidden threats within enterprise networks proactively using threat intelligence and behavioral analytics • Partner with Detection Engineering to refine threat detection rules to improve SOC visibility • Create automation solutions for expedient response and effective detection • Automate incident and remediation reports, leveraging AI where possible • Drive a culture of continuous improvement • Perform root cause analysis on security incidents and recommend improvements to security controls • Stay updated on industry best practices and evolving attack techniques to ensure effective defenses