Lead Cyber Defense Center Analyst

Lead the Cyber Defense Center to triage, analyze, and respond to cyber-attacks in a 24/7 Fusion Center environment. Responsibilities include leading the incident response process end-to-end (triage, containment, eradication, return to service), authoring incident status updates and closure reports, developing and maintaining incident response plans and playbooks, coordinating cyber-related exercises, measuring process performance with KPI/KRI metrics, and mentoring SOC personnel. Collaborate with the SOC to drive development, knowledge sharing, and a 24/7 follow-the-sun mindset. Required experience with investigating major/complex cyber incidents, strong OS administration skills (Windows, Linux, Mac), malware analysis, memory forensics, knowledge of adversarial TTPs and frameworks (NIST, MITRE ATT&CK), IT architecture and operations, and proficiency with security tech (SIEM, EDR/EPP, AV, ID/PS, HIPS, proxies/content filtering, AD, PKI, DNS); degree in related field or equivalent experience; professional certifications (CISSP, CEH, OSCP/OSCE, GCIH). 4+ years in a cyber security SOC/IR role; financial services experience a plus; scripting languages such as Python, PowerShell, and SQL are a plus.