Business Analyst – Spanish (AI Training) About the Role What if your background in business analysis and team leadership could help shape how the world's most advanced AI understands finance, strategy, and commerce?
Incident Response Lead, Cyber Security
Job description
Incident Response Lead, Cyber Security
About the Role
What if your hard-won experience in the SOC trenches could directly strengthen how organizations detect, respond to, and contain real threats? We're looking for a seasoned Incident Response Lead to independently evaluate SOC operations — reviewing detection workflows, stress-testing playbooks, and surfacing the gaps that keep security teams up at night.
This is a fully remote, flexible contract engagement. If you've lived through real incidents, built response processes from scratch, or spent time hunting for what others missed — this is work that will feel both familiar and meaningful.
- Type: Hourly Contract
- Location: Remote
- Commitment: Flexible
What You'll Do
- Evaluate detection alert pipelines, triage workflows, and escalation pathways for quality and consistency
- Assess the completeness and effectiveness of incident response actions across real or simulated timelines
- Identify critical gaps in logging coverage, detection logic, and containment procedures
- Review and validate incident response playbooks for clarity, accuracy, and operational feasibility
- Summarize recurring incident patterns and pinpoint operational bottlenecks
- Support ongoing assessments of SOC maturity and overall response readiness
- Deliver structured, analytical documentation that drives actionable improvements
Who You Are
Must-Have:
- Hands-on experience in SOC operations, incident response leadership, or cybersecurity operations
- Strong working knowledge of detection engineering, response workflows, and incident lifecycle management
- Sharp analytical thinking with the ability to translate findings into clear, structured written assessments
- Comfortable working independently and delivering consistent, high-quality evaluations
Nice to Have:
- Familiarity with SIEM platforms (e.g., Splunk, Sentinel, Chronicle)
- Experience with EDR tools and cloud-native detection systems
- Background in threat intelligence, purple teaming, or adversary simulation
- Relevant certifications such as GCIH, GCFA, CISSP, or equivalent
Why Join Us
- Apply deep security expertise to work that has a real, measurable impact on organizational resilience
- Fully remote and flexible — complete assessments on a schedule that works for you
- Freelance autonomy with meaningful, structured task-based work
- Engage with a diverse range of SOC environments, toolsets, and operational challenges
- Potential for ongoing work and contract extension across new assessments and engagements
You will be redirected to the company's website to complete your application.