- Location
- Dallas - MacArthur Blvd, United States of America
- Type
- Full-time
- Visa
- Not sponsored
- Source
- Workday
Description
Cyber Defense - Incident Responder
About NorthMark Strategies
NorthMark Strategies is a multi-strategy investment advisory firm that provides strategic advice, asset management, and value-added professional services to investors, investment managers, and privately owned operating companies around the world. Our company’s mission is to integrate world class investments, operational excellence, and exceptional talent. Our values are Integrity, Ability, and Energy, and the company aims to hire individuals who possess those qualities. Our company offers a dynamic environment where individuals have the freedom to lead companies toward bold achievements by embracing innovation, leveraging technology, and fostering differentiated business strategies. We provide individuals with the opportunity to extend beyond boundaries and be in an optimal position to unlock exceptional value and drive unprecedented growth.
About the Role
Cyber Defense is responsible for operating and continuously advancing a cloud-first, intelligence-driven cybersecurity program. As a Cyber Incident Responder, you will report to the Manager of Cyber Defense Operations and play a critical role in protecting the organization by leading and executing incident response across enterprise and cloud environments.
This role is responsible for the end-to-end execution of the Incident Response lifecycle, leveraging AI-assisted tools, automation, and threat intelligence to accelerate detection, triage, investigation, and containment.
You will operate as both a hands-on technical responder and incident leader, driving rapid mitigation actions while improving detection fidelity, response speed, and operational efficiency.
Responsibilities Include, but Are Not Limited to:
- Act as Incident Commander for high-impact security incidents, coordinating cross-functional response efforts and driving containment, eradication, and recovery actions
- Execute the full Incident Response lifecycle (detect, triage, investigate, contain, remediate, recover) with a focus on reducing time-to-detect and time-to-contain
- Leverage frameworks such as MITRE ATT&CK and the Cyber Kill Chain to guide investigations and response strategies
- Lead real-time decision-making during active incidents, ensuring business risk is clearly understood and mitigated
- Utilize AI-assisted platforms to pre-triage alerts, enrich incidents, and prioritize high-risk activity in the response queue
- Drive the adoption of AI-based correlation and context aggregation across SIEM/XDR, case management, and threat intelligence sources
- Conduct deep-dive investigations across endpoint, identity, email, network, and cloud environments
- Perform host forensics, log analysis, and malware triage to determine scope, impact, and persistence mechanisms
- Drive operational efficiency by reducing manual touchpoints and enabling automated containment and remediation actions
- Provide technical leadership and mentorship to junior and mid-level analysts, elevating team capability and consistency
- Collaborate with IT, Engineering, Legal, HR, and business stakeholders during investigations and incident response activities
- Serve as a key contributor across multiple concurrent initiatives, including tool enablement, process improvement, and security strategy
- Deliver clear, concise, and executive-ready incident reports, including impact assessments and recommended actions
- Conduct post-incident reviews and root cause analysis, driving improvements to detection, response, and prevention controls
Requirements and Qualifications
- 6+ years of hands-on experience in Cybersecurity Operations / Incident Response
- Strong experience within Microsoft Security Ecosystem
- Proven experience investigating incidents across cloud (Azure/AWS), identity, endpoint, and email platforms
- Demonstrated experience integrating or leveraging AI/automation in security operations (e.g., security copilots, ML-based detections, automated triage)
- Strong proficiency in KQL (Kusto Query Language) for threat hunting and investigation
- Strong analytical and critical thinking skills with the ability to operate under pressure
- Excellent written and verbal communication skills, including executive-level reporting
- Ability to lead incidents, influence stakeholders, and drive rapid decision-making
- Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
- Certified in one or more of the following: CISSP, CISM, CISA,SANS GIAC Security Certifications.
It is impossible to list every requirement for, or responsibility of, any position. Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company’s needs may change over time. Therefore, the above job description is not comprehensive or exhaustive. The Company reserves the right to adjust, add to or eliminate any aspect of the above description. The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs.
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
Benefits & Perks:
Company-Paid Lunch Stipend: Lunch is provided via GrubHub
Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid Parental Leave, Employee Assistance Program, Life insurance, Short-Term Disability and Long-Term Disability
401(k): Company will match 100% of your contributions up to 6%
Optional Employee-Paid Benefits: Medical insurance in our PPO plan and a variety of other benefits such as Health Savings Accounts (with Company Contribution!), Flexible Spending Accounts, Supplemental Life Insurance, Wellhub and more.
Time Off: 25 days of Paid Time Off plus 12 company holidays
EQUAL OPPORTUNITY EMPLOYER
NORTHMARK STRATEGIES LLC IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.