Sr. Incident Responder

Information Security Spartanburg,South Carolina

Are you the kind of cybersecurity expert who runs toward the fire? Do you thrive in high‑stakes environments, leading complex investigations and neutralizing threats before they impact the business? If so, we want you on our front line.

We’re looking for a Senior Incident Responder — the elite technical leader who stands at the center of our cyber defense mission. In this role, you will command major security incidents, drive advanced investigations across cloud and on‑prem environments, and elevate the organization’s detection and response capabilities.

Your leadership strengthens enterprise resilience, improves detection and response times, and safeguards critical systems against rapidly evolving threats.

• Serve as the Incident Commander for high‑severity cyber events, orchestrating containment, eradication, and recovery.
• Analyze alerts across EDR, NDR, SIEM, identity, and cloud telemetry to rapidly identify and scope threats.
• Lead deep‑dive forensics, threat hunting, and advanced investigations spanning endpoints, networks, cloud (Azure/AWS), SaaS, email, and identity systems.
• Conduct malware analysis, develop IOCs, and integrate actionable intelligence into detection workflows.
• Tune and enhance detection tooling; build automation through SOAR runbooks
• Produce executive‑ready incident reports, drive post‑incident reviews, and ensure corrective actions are completed.
• Mentor SOC analysts across tiers, uplift operational SLAs, and strengthen response procedures.
• Partner with other departments and functions to reduce enterprise risk.

• 5+ years in Security Operations & Incident Response, including leadership of major incidents.
• Hands‑on expertise with EDR/XDR, SIEM, NDR, CASB, and cloud security tooling (Azure/AWS).
• Strong command of forensic techniques, malware analysis, packet analysis, and log investigation.
• Deep familiarity with MITRE ATT&CK, threat actor TTPs, and modern ransomware/BEC vectors.
• Proven ability to perform under pressure and communicate clearly with technical and executive stakeholders.
• Experience in the financial services industry is a plus.
• Preferred certifications: GCIH, GCFA, GCFE, GNFA, GREM, GCIA, CISSP, or similar.

Are you the kind of cybersecurity expert who runs toward the fire? Do you thrive in high‑stakes environments, leading complex investigations and neutralizing threats before they impact the business? If so, we want you on our front line. We’re looking for a Senior Incident Responder — the elite technical leader who stands at the center of our cyber defense mission. In this role, you will command major security incidents, drive advanced investigations across cloud and on‑prem environments, and elevate the organization’s detection and response capabilities.

Your leadership strengthens enterprise resilience, improves detection and response times, and safeguards critical systems against rapidly evolving threats.

• Serve as the Incident Commander for high‑severity cyber events, orchestrating containment, eradication, and recovery.
• Analyze alerts across EDR, NDR, SIEM, identity, and cloud telemetry to rapidly identify and scope threats.
• Lead deep‑dive forensics, threat hunting, and advanced investigations spanning endpoints, networks, cloud (Azure/AWS), SaaS, email, and identity systems.
• Conduct malware analysis, develop IOCs, and integrate actionable intelligence into detection workflows.
• Tune and enhance detection tooling; build automation through SOAR runbooks
• Produce executive‑ready incident reports, drive post‑incident reviews, and ensure corrective actions are completed.
• Mentor SOC analysts across tiers, uplift operational SLAs, and strengthen response procedures.
• Partner with other departments and functions to reduce enterprise risk.

• 5+ years in Security Operations & Incident Response, including leadership of major incidents.
• Hands‑on expertise with EDR/XDR, SIEM, NDR, CASB, and cloud security tooling (Azure/AWS).
• Strong command of forensic techniques, malware analysis, packet analysis, and log investigation.
• Deep familiarity with MITRE ATT&CK, threat actor TTPs,…