Contract - No C2C or Sponsorship at this time.

Term - 6 months

Location - Irvine CA or Palo Alto, CA

Job Description:

This role is responsible for enhancing the cybersecurity incident response capabilities, focusing on proactive threat detection, swift response, and minimizing downtime and impact. This individual will act as an Incident Commander, ensuring that security incidents are managed efficiently, resources are optimized, and communication remains clear. The Incident Response Commander will develop and refine processes, automation, and integrations to strengthen the security posture and ensure robust incident response capabilities.

Responsibilities:

• Lead Incident Response Efforts: Act as the Incident Commander during cybersecurity incidents, assessing the scope, impact, and containment strategies. Coordinate resources across to maximize incident detection and response efforts.
• Develop and Implement Incident Response Processes: Design, integrate, and execute detailed incident response processes, including configuring and integrating threat detection tools, establishing automated response mechanisms, and defining clear escalation paths.
• Manage Communication and Escalation Channels: Serve as the primary point of contact for incident response activities, facilitating communication between stakeholders. Establish robust communication channels and ensure effective escalation paths are in place.
• Configure and Automate Security Tools: Set up, integrate, and maintain security monitoring and response tools. Focus on automating repetitive tasks and response actions to enhance efficiency and reduce response time.
• Continuous Improvement and Process Testing: Conduct regular incident response exercises and post-incident reviews to identify gaps, improve response capabilities, and refine processes.
• Availability for On-Call Duty: Be prepared for on-call availability, responding to incidents as they arise, including outside normal business hours, to ensure continuous protection.

Job Requirements

Qualifications:

• Strong incident command experience, with a proven ability to manage and prioritize incidents, optimize resources, and make rapid, high-impact decisions under pressure.
• Experience configuring and automating security tools (e.g., SIEM, SOAR, EDR), with a focus on enhancing detection and response capabilities through automation.
• Excellent communication and stakeholder management skills, capable of coordinating across technical teams, executive leadership, and external partners.
• Strong analytical and problem-solving abilities, with experience in threat analysis, forensic investigation, and incident response strategy development.
• Comprehensive knowledge of RESTful APIs and data integration techniques to enable efficient, secure, and scalable data flow and communication between security systems and user-facing platforms.
• Strong familiarity with infrastructure-as-code tools such as Terraform or Ansible to automate and standardize security configurations across diverse environments.
• Hands-on experience with CI/CD pipelines, version control systems (e.g., Git), and modern software development practices to ensure high standards of consistency, quality, and automation in deploying and updating security tools.