Associate Director, Cyber Defense - Staff Incident Responder
$174,300–$235,700 year
Hybrid · Cambridge, Massachusetts, United States
Job Summary
Associate Director, Cyber Defense – Staff Incident Responder leads complex cyber investigations and incident response across global environments, performing advanced forensic analysis and threat hunting, translating findings into scalable detection and response improvements, developing incident response playbooks and workflows, and shepherding tooling and automation to enable scalable operations. The role provides technical leadership and mentorship to junior responders, partners cross-functionally to drive remediation and risk reduction, and participates in an on-call rotation in a hybrid, Cambridge, MA-based setting. Qualifications include 8+ years in incident response/digital forensics/threat hunting, strong scripting/automation (Python/Go/PowerShell/Bash), expertise in MITRE ATT&CK and NIST/CISA frameworks, and demonstrated impact through tooling or program enhancements.
Required Qualifications
- 8+ years of hands-on experience in incident response, digital forensics, threat hunting, or security operations within enterprise environments (including cloud)
- Deep investigative expertise across endpoint, cloud, network, and identity domains, including correlation of multi-source telemetry and forensic artifacts
- Strong scripting and automation skills (e.g., Python, Go, PowerShell, Bash) to support scalable investigation and response workflows
- Proven ability to independently lead complex investigations and make high-confidence technical decisions in high-pressure environments
- Strong understanding of attacker tactics, techniques, and procedures, including experience with frameworks such as MITRE ATT&CK
- Experience applying industry incident response frameworks (e.g., NIST, CISA) in real-world scenarios
- Demonstrated impact improving detection and response through tooling, process, or program enhancements
- Experience leading cross-functional initiatives with enterprise-wide impact
- Strong communication skills, with the ability to translate technical findings, risks, and recommendations for technical and non-technical stakeholders
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.