MENU
  • Remote Jobs
  • Companies
  • Go Premium
  • Job Alerts
  • Post a Job
  • Log in
  • Sign up
Working Nomads logo Working Nomads
  • Remote Jobs
  • Companies
  • Post Jobs
  • Go Premium
  • Get Free Job Alerts
  • Log in

Incident Response Lead

Coalition, Inc.

Full-time
Canada
devops
azure
project management
aws
risk management
The job listing has expired. Unfortunately, the hiring company is no longer accepting new applications.

To see similar active jobs please follow this link: Remote System Administration jobs

About the role

As an Incident Response Lead your mandate is to protect our customers from loss by guiding teams of incident responders in digital forensics and incident response engagements with a wide variety of consumers.    As a part of this mandate you will assist Coalition’s consumers through data breaches and claims events, guiding incident response efforts with our consumers and partners.  You will own engagement planning, implementation, and communication, guiding and advising customers and their legal counsel.  Incident Response Leads are also asked to provide advice on topics ranging from security architecture and cloud security to data protection and compliance.  

Our team is composed of bright minds across many cybersecurity domains, with expertise in Incident Response, Threat Intelligence, Security Architecture, Cyber Risk Management, Security Strategy, Controls, Compliance, and Governance.  We need you to be a self-starter, assured with consumers, and passionate about customer service.  You will need to be able to drive the investigation of  ransomware and business email compromise cases from scoping to report delivery.

Responsibilities

  • Drive incident response engagements to guide our customers through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations.

  • Coordinate and guide incident response assistance from team members and vendors

  • Investigate customer data breaches and malicious activity leveraging forensics tools; analyze Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs); examine firewall, web, database, and other log sources to identify evidence of malicious activity.

  • Lead proactive cybersecurity advisory and consulting engagements such as:

    • Tabletop Exercises: lead and facilitate tabletop exercises designed to simulate real-world cyber incidents, helping clients enhance their incident response preparedness and resilience.

    • Assessments: conduct comprehensive cybersecurity assessments to evaluate clients' security postures, identify vulnerabilities, and provide actionable recommendations for improvement.

    • Documentation Reviews: evaluate and refine clients' incident response plans, policies, and procedures to ensure they align with industry best practices and regulatory requirements.

  • Strategic Guidance and Client Engagement:

    • Advisory Role: Provide strategic guidance to clients on enhancing their security architectures, cloud security strategies, and compliance frameworks such as NIST, HIPAA, and PCI.

    • Long-Term Remediation: Beyond immediate incident containment, collaborate with clients to develop and implement longer-term remediation strategies to strengthen their security postures.

    • Process Enhancement: Contribute to the refinement and improvement of internal processes, methodologies, and service offerings based on your consulting insights and industry expertise.

  • Provide case reporting as required across internal and external audiences with the appropriate technical level of detail for threat researchers and/or business customers.

  • Evaluate customer security programs, technologies, controls, and business environments; recommend and develop enhancements.

  • Provide recommendations on solutions to help customers navigate information security risk.

  • Track emerging security practices and contribute to building internal processes, and our various products.

  • Stay abreast of the current regulatory environment, industry trends and related implications.

Skills and Qualifications

  • Bachelor’s Degree in Computer Science, Information Security, Engineering, or other relevant subjects.

  • Minimum of 5+ years of incident response or digital forensics experience.

  • Demonstrated practiced knowledge of the lifecycle of network threats, attacks, attack vectors, and methods of exploitation with a knowledge of intrusion set tactics, techniques, and procedures.

  • Consultative Approach: Ability to effectively communicate complex technical concepts to non-technical stakeholders and provide actionable recommendations.

  • Analytical Skills: Proficiency in analyzing security programs, technologies, and environments to identify gaps and recommend enhancements.

  • Regulatory Knowledge: Familiarity with regulatory requirements and frameworks (e.g., NIST, HIPAA, PCI) is essential for advising clients on compliance issues.

  • Project Management: Experience managing multiple projects simultaneously, from initial scoping through to final deliverables, ensuring high-quality results and client satisfaction.

  • Knowledge of TCP/IP Protocols, network assessment and network/security applications, including log and network traffic capture assessment.

  • Experience with Velociraptor, Axiom, FTK, SIFT, Volatility, ELK, WireShark, Plaso, Skadi or other open source forensic/log analysis/network assessment tools.

  • Experience with EDR tools like CrowdStrike Falcon, Carbon Black, Sentinel One, etc.

  • Knowledge of industry standard frameworks – NIST, HIPAA, PCI.

  • Self-motivated; entrepreneurial spirit; comfortable working in a , dynamic environment.

  • Strong interactive communication skills (verbal & written).

  • Aptitude to learn technical concepts/terms, and aptitude to guide multiple tasks/projects simultaneously.

  • Experience deploying tools to AWS and familiarity using Cloud based platform for assessment.

Bonus Points

  • Security policy, governance, privacy or regulatory experience (e.g., NIST, ISO, HIPAA, PCI).

  • Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.).

  • Experience with system hardening procedures for Windows, Linux, Unix is helpful.Knowledge and/or experience with Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, Meterpreter, or other offensive tools is helpful.

  • Knowledge of scripting for development of security tools and industry frameworks is helpful.

  • SCADA/Control systems network experience is a plus.

About the job

Full-time
Canada
Posted 9 months ago
devops
azure
project management
aws
risk management
Enhancv advertisement

30,000+
REMOTE JOBS

Unlock access to our database and
kickstart your remote career
Join Premium

Incident Response Lead

Coalition, Inc.
The job listing has expired. Unfortunately, the hiring company is no longer accepting new applications.

To see similar active jobs please follow this link: Remote System Administration jobs

About the role

As an Incident Response Lead your mandate is to protect our customers from loss by guiding teams of incident responders in digital forensics and incident response engagements with a wide variety of consumers.    As a part of this mandate you will assist Coalition’s consumers through data breaches and claims events, guiding incident response efforts with our consumers and partners.  You will own engagement planning, implementation, and communication, guiding and advising customers and their legal counsel.  Incident Response Leads are also asked to provide advice on topics ranging from security architecture and cloud security to data protection and compliance.  

Our team is composed of bright minds across many cybersecurity domains, with expertise in Incident Response, Threat Intelligence, Security Architecture, Cyber Risk Management, Security Strategy, Controls, Compliance, and Governance.  We need you to be a self-starter, assured with consumers, and passionate about customer service.  You will need to be able to drive the investigation of  ransomware and business email compromise cases from scoping to report delivery.

Responsibilities

  • Drive incident response engagements to guide our customers through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations.

  • Coordinate and guide incident response assistance from team members and vendors

  • Investigate customer data breaches and malicious activity leveraging forensics tools; analyze Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs); examine firewall, web, database, and other log sources to identify evidence of malicious activity.

  • Lead proactive cybersecurity advisory and consulting engagements such as:

    • Tabletop Exercises: lead and facilitate tabletop exercises designed to simulate real-world cyber incidents, helping clients enhance their incident response preparedness and resilience.

    • Assessments: conduct comprehensive cybersecurity assessments to evaluate clients' security postures, identify vulnerabilities, and provide actionable recommendations for improvement.

    • Documentation Reviews: evaluate and refine clients' incident response plans, policies, and procedures to ensure they align with industry best practices and regulatory requirements.

  • Strategic Guidance and Client Engagement:

    • Advisory Role: Provide strategic guidance to clients on enhancing their security architectures, cloud security strategies, and compliance frameworks such as NIST, HIPAA, and PCI.

    • Long-Term Remediation: Beyond immediate incident containment, collaborate with clients to develop and implement longer-term remediation strategies to strengthen their security postures.

    • Process Enhancement: Contribute to the refinement and improvement of internal processes, methodologies, and service offerings based on your consulting insights and industry expertise.

  • Provide case reporting as required across internal and external audiences with the appropriate technical level of detail for threat researchers and/or business customers.

  • Evaluate customer security programs, technologies, controls, and business environments; recommend and develop enhancements.

  • Provide recommendations on solutions to help customers navigate information security risk.

  • Track emerging security practices and contribute to building internal processes, and our various products.

  • Stay abreast of the current regulatory environment, industry trends and related implications.

Skills and Qualifications

  • Bachelor’s Degree in Computer Science, Information Security, Engineering, or other relevant subjects.

  • Minimum of 5+ years of incident response or digital forensics experience.

  • Demonstrated practiced knowledge of the lifecycle of network threats, attacks, attack vectors, and methods of exploitation with a knowledge of intrusion set tactics, techniques, and procedures.

  • Consultative Approach: Ability to effectively communicate complex technical concepts to non-technical stakeholders and provide actionable recommendations.

  • Analytical Skills: Proficiency in analyzing security programs, technologies, and environments to identify gaps and recommend enhancements.

  • Regulatory Knowledge: Familiarity with regulatory requirements and frameworks (e.g., NIST, HIPAA, PCI) is essential for advising clients on compliance issues.

  • Project Management: Experience managing multiple projects simultaneously, from initial scoping through to final deliverables, ensuring high-quality results and client satisfaction.

  • Knowledge of TCP/IP Protocols, network assessment and network/security applications, including log and network traffic capture assessment.

  • Experience with Velociraptor, Axiom, FTK, SIFT, Volatility, ELK, WireShark, Plaso, Skadi or other open source forensic/log analysis/network assessment tools.

  • Experience with EDR tools like CrowdStrike Falcon, Carbon Black, Sentinel One, etc.

  • Knowledge of industry standard frameworks – NIST, HIPAA, PCI.

  • Self-motivated; entrepreneurial spirit; comfortable working in a , dynamic environment.

  • Strong interactive communication skills (verbal & written).

  • Aptitude to learn technical concepts/terms, and aptitude to guide multiple tasks/projects simultaneously.

  • Experience deploying tools to AWS and familiarity using Cloud based platform for assessment.

Bonus Points

  • Security policy, governance, privacy or regulatory experience (e.g., NIST, ISO, HIPAA, PCI).

  • Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.).

  • Experience with system hardening procedures for Windows, Linux, Unix is helpful.Knowledge and/or experience with Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, Meterpreter, or other offensive tools is helpful.

  • Knowledge of scripting for development of security tools and industry frameworks is helpful.

  • SCADA/Control systems network experience is a plus.

Working Nomads

Post Jobs
Premium Subscription
Sponsorship
Free Job Alerts

Job Skills
API
FAQ
Privacy policy
Terms and conditions
Contact us
About us

Jobs by Category

Remote Administration jobs
Remote Consulting jobs
Remote Customer Success jobs
Remote Development jobs
Remote Design jobs
Remote Education jobs
Remote Finance jobs
Remote Legal jobs
Remote Healthcare jobs
Remote Human Resources jobs
Remote Management jobs
Remote Marketing jobs
Remote Sales jobs
Remote System Administration jobs
Remote Writing jobs

Jobs by Position Type

Remote Full-time jobs
Remote Part-time jobs
Remote Contract jobs

Jobs by Region

Remote jobs Anywhere
Remote jobs North America
Remote jobs Latin America
Remote jobs Europe
Remote jobs Middle East
Remote jobs Africa
Remote jobs APAC

Jobs by Skill

Remote Accounting jobs
Remote Assistant jobs
Remote Copywriting jobs
Remote Cyber Security jobs
Remote Data Analyst jobs
Remote Data Entry jobs
Remote English jobs
Remote Spanish jobs
Remote Project Management jobs
Remote QA jobs
Remote SEO jobs

Jobs by Country

Remote jobs Australia
Remote jobs Argentina
Remote jobs Brazil
Remote jobs Canada
Remote jobs Colombia
Remote jobs France
Remote jobs Germany
Remote jobs Ireland
Remote jobs India
Remote jobs Japan
Remote jobs Mexico
Remote jobs Netherlands
Remote jobs New Zealand
Remote jobs Philippines
Remote jobs Poland
Remote jobs Portugal
Remote jobs Singapore
Remote jobs Spain
Remote jobs UK
Remote jobs USA


Working Nomads curates remote digital jobs from around the web.

© 2025 Working Nomads.