Back to remote jobs

Incident Response Lead, Cyber Security

Alignerr

Code Annotation Contractor
Remote (Global) $40 – $80/hr July 14, 2026

Job description

Incident Response Lead, Cyber Security

About the Role

What if your hard-won experience in the SOC trenches could directly strengthen how organizations detect, respond to, and contain real threats? We're looking for a seasoned Incident Response Lead to independently evaluate SOC operations — reviewing detection workflows, stress-testing playbooks, and surfacing the gaps that keep security teams up at night.

This is a fully remote, flexible contract engagement. If you've lived through real incidents, built response processes from scratch, or spent time hunting for what others missed — this is work that will feel both familiar and meaningful.

  • Type: Hourly Contract
  • Location: Remote
  • Commitment: Flexible

What You'll Do

  • Evaluate detection alert pipelines, triage workflows, and escalation pathways for quality and consistency
  • Assess the completeness and effectiveness of incident response actions across real or simulated timelines
  • Identify critical gaps in logging coverage, detection logic, and containment procedures
  • Review and validate incident response playbooks for clarity, accuracy, and operational feasibility
  • Summarize recurring incident patterns and pinpoint operational bottlenecks
  • Support ongoing assessments of SOC maturity and overall response readiness
  • Deliver structured, analytical documentation that drives actionable improvements

Who You Are

Must-Have:

  • Hands-on experience in SOC operations, incident response leadership, or cybersecurity operations
  • Strong working knowledge of detection engineering, response workflows, and incident lifecycle management
  • Sharp analytical thinking with the ability to translate findings into clear, structured written assessments
  • Comfortable working independently and delivering consistent, high-quality evaluations

Nice to Have:

  • Familiarity with SIEM platforms (e.g., Splunk, Sentinel, Chronicle)
  • Experience with EDR tools and cloud-native detection systems
  • Background in threat intelligence, purple teaming, or adversary simulation
  • Relevant certifications such as GCIH, GCFA, CISSP, or equivalent

Why Join Us

  • Apply deep security expertise to work that has a real, measurable impact on organizational resilience
  • Fully remote and flexible — complete assessments on a schedule that works for you
  • Freelance autonomy with meaningful, structured task-based work
  • Engage with a diverse range of SOC environments, toolsets, and operational challenges
  • Potential for ongoing work and contract extension across new assessments and engagements
Apply now

You will be redirected to the company's website to complete your application.

Apply now

Stay in the loop.

One email per week, 5 hand-picked roles.