Hiring.Camp

Cyber Defense - Incident Responder

Northmark

·

5 days ago

Location
Dallas - MacArthur Blvd, United States of America
Type
Full-time
Visa
Not sponsored
Source
Workday

Description

Cyber Defense - Incident Responder

About NorthMark Strategies

NorthMark Strategies is a multi-strategy investment advisory firm that provides strategic advice, asset management, and value-added professional services to investors, investment managers, and privately owned operating companies around the world. Our company’s mission is to integrate world class investments, operational excellence, and exceptional talent. Our values are Integrity, Ability, and Energy, and the company aims to hire individuals who possess those qualities. Our company offers a dynamic environment where individuals have the freedom to lead companies toward bold achievements by embracing innovation, leveraging technology, and fostering differentiated business strategies. We provide individuals with the opportunity to extend beyond boundaries and be in an optimal position to unlock exceptional value and drive unprecedented growth.

About the Role

Cyber Defense is responsible for operating and continuously advancing a cloud-first, intelligence-driven cybersecurity program. As a Cyber Incident Responder, you will report to the Manager of Cyber Defense Operations and play a critical role in protecting the organization by leading and executing incident response across enterprise and cloud environments.

This role is responsible for the end-to-end execution of the Incident Response lifecycle, leveraging AI-assisted tools, automation, and threat intelligence to accelerate detection, triage, investigation, and containment.

You will operate as both a hands-on technical responder and incident leader, driving rapid mitigation actions while improving detection fidelity, response speed, and operational efficiency.

Responsibilities Include, but Are Not Limited to:

  • Act as Incident Commander for high-impact security incidents, coordinating cross-functional response efforts and driving containment, eradication, and recovery actions
  • Execute the full Incident Response lifecycle (detect, triage, investigate, contain, remediate, recover) with a focus on reducing time-to-detect and time-to-contain
  • Leverage frameworks such as MITRE ATT&CK and the Cyber Kill Chain to guide investigations and response strategies
  • Lead real-time decision-making during active incidents, ensuring business risk is clearly understood and mitigated
  • Utilize AI-assisted platforms to pre-triage alerts, enrich incidents, and prioritize high-risk activity in the response queue
  • Drive the adoption of AI-based correlation and context aggregation across SIEM/XDR, case management, and threat intelligence sources
  • Conduct deep-dive investigations across endpoint, identity, email, network, and cloud environments
  • Perform host forensics, log analysis, and malware triage to determine scope, impact, and persistence mechanisms
  • Drive operational efficiency by reducing manual touchpoints and enabling automated containment and remediation actions
  • Provide technical leadership and mentorship to junior and mid-level analysts, elevating team capability and consistency
  • Collaborate with IT, Engineering, Legal, HR, and business stakeholders during investigations and incident response activities
  • Serve as a key contributor across multiple concurrent initiatives, including tool enablement, process improvement, and security strategy
  • Deliver clear, concise, and executive-ready incident reports, including impact assessments and recommended actions
  • Conduct post-incident reviews and root cause analysis, driving improvements to detection, response, and prevention controls

Requirements and Qualifications

  • 6+ years of hands-on experience in Cybersecurity Operations / Incident Response
  • Strong experience within Microsoft Security Ecosystem
  • Proven experience investigating incidents across cloud (Azure/AWS), identity, endpoint, and email platforms
  • Demonstrated experience integrating or leveraging AI/automation in security operations (e.g., security copilots, ML-based detections, automated triage)
  • Strong proficiency in KQL (Kusto Query Language) for threat hunting and investigation
  • Strong analytical and critical thinking skills with the ability to operate under pressure
  • Excellent written and verbal communication skills, including executive-level reporting
  • Ability to lead incidents, influence stakeholders, and drive rapid decision-making
  • Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
  • Certified in one or more of the following: CISSP, CISM, CISA,SANS GIAC Security Certifications.

It is impossible to list every requirement for, or responsibility of, any position.  Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company’s needs may change over time.  Therefore, the above job description is not comprehensive or exhaustive.  The Company reserves the right to adjust, add to or eliminate any aspect of the above description.  The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs.

Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Benefits & Perks:

  • Company-Paid Lunch Stipend: Lunch is provided via GrubHub

  • Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid Parental Leave, Employee Assistance Program, Life insurance, Short-Term Disability and Long-Term Disability

  • 401(k): Company will match 100% of your contributions up to 6%

  • Optional Employee-Paid Benefits: Medical insurance in our PPO plan and a variety of other benefits such as Health Savings Accounts (with Company Contribution!), Flexible Spending Accounts, Supplemental Life Insurance, Wellhub and more.

  • Time Off:  25 days of Paid Time Off plus 12 company holidays


EQUAL OPPORTUNITY EMPLOYER

NORTHMARK STRATEGIES LLC IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.

Skills

AWSAzureCybersecuritySIEMCISSP

Similar Jobs

30

Cyber Defense

Mizuho Mizuho is in growth · NYC (1285), United States of America

1 month ago

Cyber Defense

KPMG India · Mumbai, Maharashtra, India

5 months ago

Cyber Defense Incident Responder - Overnight Shift

ASRC Federal · Quantico, VA 22134, USA

2 days ago

Cyber Defense Incident Responder

ASRC Federal · Quantico, VA 22134, USA

2 days ago

Cyber Range Engineer - Cyber Defense Training Lead

Usbank · Cincinnati, OH, United States of America

2 days ago

Specialist I, Cyber Defense Operation Centre (TCF)

Cnx · MYS Kuala Lumpur Sentral - NU Tower 2 - Level 9 &10, Malaysia

2 days ago

Cyber Defense Operations Lead

3M · US, Texas, Austin, United States of America · Onsite

2 days ago

Cyber Defense Senior Analyst (Remote)

Experian · United States, UNITED STATES, United States · Remote

2 days ago

Cyber Defense Analyst

UltraViolet Cyber · Lehi, UT +1 · Hybrid

2 days ago

Cyber Defense Analysts – Senior

Koniag Government Services · Washington, DC, USA

4 days ago

Cyber Defense Analyst - Overnights

ASRC Federal · Quantico, VA 22134, USA

4 days ago

Cyber Defense Analyst - Swing Shift

ASRC Federal · Quantico, VA 22134, USA

4 days ago

Senior Security Engineer, Cyber Defense Platforms - Assistant Vice President

Statestreet · Hyderabad, India +1 · Hybrid

5 days ago

Specialist, Data Security - Cyber Defense & Response

Pru · Wash, 213 Washington St., Newark, NJ, United States of America

5 days ago

Lead, Insider Risk - Cyber Defense & Response

Pru · Wash, 213 Washington St., Newark, NJ, United States of America

5 days ago

Specialist, Data Security - Cyber Defense & Response

Pru · Wash, 213 Washington St., Newark, NJ, United States of America

5 days ago

Lead, Data Security - Cyber Defense & Response

Pru · Wash, 213 Washington St., Newark, NJ, United States of America

5 days ago

Executive - Cyber Defense

KPMG India · Mumbai, Maharashtra, India

5 days ago

Cyber Defense & Incident Response

Delivery Hero · Barcelona, Spain

5 days ago

Sr. Director, Cyber Defense

Pfizer · USA - NY - Headquarters, United States of America +1

6 days ago

Sr. Director, Cyber Defense

Pfizer · USA - NY - Headquarters, United States of America +1

6 days ago

Principal Technical Program Manager, Cyber Defense

TransUnion · Chicago - 555 West Adams St, United States of America +3 · Remote, Hybrid

6 days ago

Director, Cyber Defense

Professional Kyndryl · No City (KUS51441) Virginia Default MY0, United States of America +10 · Remote

6 days ago

Product Manager, Cyber Defense and Blue Team

Openai · San Francisco

6 days ago

Sr. Director, Cyber Defense

Pfizer · USA - NY - Headquarters, United States of America +1

6 days ago

Advanced Cyber Defense Practice Lead

Booz Allen Hamilton · NLD, The Hague (Wilhelmina Van Pruisenweg 104), Netherlands +1

6 days ago

Staff Cyber Security Engineer (Cyber Defense Center)

Qualcomm · México D.F., CDMX,MX, MX

6 days ago

Executive - Cyber Defense

KPMG India · Bangalore, Karnataka, India

1 week ago

Senior Cyber Defense Engineer – Data Protection

Cmegroup · Bangalore - Bagmane Tridib, India

1 week ago

Senior - Cyber Defense

KPMG India · Kochi, Kerala, India

1 week ago