Cyber Incident Response Planner
Insight Global
We are seeking an experienced and highly motivated Cyber Incident Response Planner to drive the development and implementation of robust incident response plans and processes. As an integral part of the Governance, Risk, and Compliance (GRC) Division within the Information and Cybersecurity Department, you will lead response efforts to mitigate cybersecurity breaches, minimize risk, and safeguard enterprise systems. This role requires a skilled communicator, critical thinker, and experienced responder who thrives in staying ahead of the evolving threat landscape.
This is a cross-functional role offering the opportunity to work across teams, contribute to enterprise risk management, and help build a strong incident response culture. The ideal candidate will bring technical expertise, communication acumen, and leadership skills to effectively influence and collaborate across multiple stakeholder groups. This role reports to the GRC Manager and is designated as on-site, with a current expectation of two days in the office due to space considerations. Work will be performed in the Eastern Time Zone (ET) in Atlanta, GA. Key ResponsibilitiesIncident Response Planning & Implementation
• Maintain governance over incident response (IR) documentation. Develop, document, and implement comprehensive IR plans, policies, standards and procedures to ensure swift and effective responses to cybersecurity incidents or breaches.
• Update and maintain IR documentation, workflows, automation initiatives, and response playbooks and similar, to remain aligned with evolving threats and operational requirements.
• Create and maintain secure methods for tracking and reporting IR activities.
Incident Handling & Coordination
• Assist with handling of security events/incidents, including triage, remediation, documentation of the incident, including Indicators of Compromise (IOCs), and escalation to management.
• Coordinate incident investigations, containment, and recovery efforts in collaboration with internal teams and external stakeholders.
• Serve as a liaison, ensuring clear and accurate communication of incident details while gathering information for stakeholders across multiple departments and governance bodies. Observe and document events during cybersecurity incidents and exercises to facilitate post-incident response reviews to identify and implement comprehensive improvements based on the lessons learned.
• Submit required IR reports to governing bodies to meet legal, regulatory, contractual, and policy obligations (e.g., federal agencies or institutional reporting directives).
Threat Awareness & Communication
• Maintain a deep and current understanding of the threat landscape, including malware identification, threat actor activity, and emerging attack vectors.
• Continuously analyze and consult various publications, websites, news sources, and cyber forums to monitor cyber threats relevant to our environment.
• Effectively communicate risks, threats, and potential impacts to stakeholders outside of the cybersecurity domain in a clear and actionable manner.
Testing & Validation
• Plan and execute incident response exercises, (e.g., tabletop exercises, simulations, and controlled disruptions) to validate and enhance organizational IR capabilities.
• Facilitate post-incident response exercise reviews to identify gaps, implement lessons learned, and refine IR processes.
Data Analysis & Enterprise Incident Management
• Manipulate, analyze, and interpret complex datasets to support cybersecurity investigations and enterprise risk initiatives.
• Leverage GRC tools to enhance enterprise cybersecurity risk management processes.
• Identify opportunities to automate and innovate IR workflows for improved efficiency.
Additional Responsibilities
General GRC Support
• Resolve service desk incidents and issues assigned by the GRC team.
• Review and contribute to cybersecurity documentation for completeness, currency, and accuracy, such as plans for system security, incident response, contingency, disaster recovery, and business/impact analysis. Update as necessary.
• Contribute to the preparation of regulatory and compliance reports, collaborate with other organizational units ensuring data accuracy and compliance We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to View email address on click.appcast.io learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
Required Skills & Experience
• Minimum of two (2) years of demonstrated incident response experience, including active participation as a member of an IR team, or supporting incident-handling activities.
• Strong knowledge of incident response protocols, malware operation, containment techniques, and overall threat remediation strategies.
• Proven experience in performing investigation, analysis, containment, and recovery activities as part of IR efforts.
• Ability to handle time-sensitive situations with a calm and professional attitude while maintaining an appropriate sense of urgency
• Effective project management and organizational skills, including managing multiple, concurrent tasks and meeting deadlines
• Solid technical understanding of cybersecurity concepts, standards, guidelines, and principles
• Experience with industry-recognized security and analysis frameworks (MITRE ATT&CK, Cyber Kill Chain, NIST CSF, etc.)
• Strong expertise in communication, especially when working with cross-functional stakeholders.
• Excellent interpersonal skills and ability to create collaborative relationships with colleagues across various groups and levels, and influence without authority
• Familiarity with one or more GRC tools and experience implementing related workflows.
• Data analysis experience, with the ability to interpret trends, IOCs, and response requirements from complex datasets.
• Attention to detail, critical thinking, and the ability to maintain composure under pressure.
• One or more mid-level cybersecurity certifications such as Certified Ethical Hacker (CEH), PenTest+, GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Enterprise Defender (GCED), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH) or equivalent certification
Nice to Have Skills & Experience
• Minimum of five (5) years in an incident response-related role, with experience as an incident manager, incident commander, or equivalent incident response leadership role
• Strong familiarity with enterprise risk management processes and tools.
• Demonstrated expertise in automation, scripting workflows, or other operational and process innovations.
• Knowledge of data manipulation tools and techniques to enhance rapid analysis and response during incidents.
• Customer service experience and the ability to liaise effectively between various internal and external teams.
• Previous experience with Controlled Unclassified Information (CUI), compliance reporting, or supporting federally driven initiatives is a plus.
• One or more senior-level cybersecurity certifications such as Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent certification
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
$135k - $165k
Digital Realty is seeking a Senior Manager for its Cyber Security Operations Center in Atlanta, Georgia. The role involves overseeing 24/7 global security monitoring, managing incident responses, and optimizing SOC tools to improve cyber defense capabilities. The ideal...Cyber- Willis Towers Watson is looking for a Cyber Security Incident Response Associate Manager in Atlanta. You will lead the response to security incidents while collaborating across technical and business teams. Responsibilities include establishing incident response workflows...Cyber
- The Information Technology Senior Management Forum in Atlanta is seeking an experienced Incident Manager to lead cyber incident response and vulnerability management. This role requires a strong background in cybersecurity and the ability to handle high-pressure situations...Cyber
- ...Senior Analyst for Cybersecurity Operations & Response in Atlanta, Georgia. The role involves... ...Firm’s cybersecurity efforts, managing incident response, and overseeing vulnerability assessments... ...help protect our systems and data from cyber threats. #J-18808-Ljbffr Fox Rothschild...Cyber
- ...should have programming experience, primarily in Python, and a strong background in cyber security, preferably with experience in Service Now for vulnerability management and incident response. The role requires the candidate to come into the office 4 days a week if...CyberRemote jobFull timeWork at office
- Fayette Chamber of Commerce is searching for an Incident Manager to lead and coordinate enterprise cyber incident responses. You will manage high-pressure situations, ensuring collaboration across diverse teams and maintaining executive communication throughout the incident...CyberFull timeWork at office
- Why Join Us? As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled... ...culture, we invite you to join us. We are seeking an experienced Incident Response Team Leader to lead a team of IR analysts supporting...CyberRemote job
- Accenture is seeking a hands-on technical leader in Cyber Investigation and Forensic Response. This role involves leading complex investigations and mentoring... ...least 4 years of experience in Digital Forensics and Incident Response. Essential skills include advanced memory...Cyber
$120k - $160k
Description The Role The Cyber Security Incident Response Associate Manager will play a key role in managing and responding to security incidents within WTW’s Global Cyber Security Incident Response Team. Responsibilities of this role will include: Serve as the primary...CyberTemporary workLocal areaVisa sponsorshipWork visaFlexible hours$142.9k - $266k
Phase2 Technology in Atlanta, Georgia is seeking a Cyber Incident Response Business Development Senior Manager to lead business development initiatives for its Incident Response business. This role requires expertise in sales strategies, maintaining strategic relationships...Cyber- Check Point Software in Atlanta is seeking an experienced Incident Response Team Leader to guide a team of analysts in managing security incidents... ...the US. This pivotal role emphasizes hands-on leadership in cyber incident management and operational excellence. The ideal...Cyber
- ...The Incident Response Coordinator supports the end‑to‑end response to IT incidents and service disruptions, helping restore normal operations... ...monitoring/ITSM data to route incidents; engage infra/app/cyber/vendor dependencies. Communications & Handoffs: Provide structured...CyberContract workWork experience placementWork at officeShift work
- ...Key Responsibilities War‑Room Facilitation: Structure/facilitate major incident bridges; maintain restoration focus; assign actions/owners; track progress to closure; enforce... ..., Change, Release, Service Continuity, and SOC/Cyber IR where service impact/security intersects;...CyberContract workWork experience placementWork at officeShift work
$135k
...Position Overview The Manager of Security Operations & Incident Response leads a team of security analysts and engineers responsible for protecting... ...experience strongly preferred. Position Details Department: Cyber Security Reports To: Director of Cyber Security Location:...Cyber- ...technology. The opportunity The opportunity: Senior Incident Responder Provide primary objectives and responsibilities for the role. Focus on the role and how this role... ...a structured orchestration following the cyber technical incident response plan Collaborate with...Cyber
$142.9k - $266k
Job Number: R0241993 Cyber Incident Response Business Development Senior Manager The Opportunity: Join a team to contribute to Booz Allen's growth efforts for its Incident Response business, applying business development, strategic sales expertise and knowledge of Incident...CyberFull timeContract workPart timeLocal area$70.35k - $205.8k
...fastest growing areas of our business, and our global Cyber Investigation and Forensic Response (CIFR) practice is at the heart of how we help clients... ...respond to, and recover from the most consequential cyber incidents. We deliver around-the-clock incident response...CyberWork experience placementLive inWork at officeLocal area- ...2 years of experience in SOC or cybersecurity operations and hold relevant security certifications. Responsibilities include investigating alerts, conducting incident response, and correlating data to identify threats. This role involves continuous improvement of security...Remote job
- ...security specifically with Microsoft Azure and Microsoft 365. Candidates must have substantial experience in endpoint security, incident response, and data protection. This role requires expertise in managing cybersecurity frameworks and regulations, providing leadership...
- Fortuna Cysec in Atlanta, GA, seeks a Cybersecurity Incident Response Manager to lead investigations and manage critical security events. The ideal candidate will have 5-10+ years in incident response, possess deep expertise with EDR and SIEM platforms, and be adept in...
- ...Analyst I to join their Information Security Team in Atlanta, Georgia. In this role, you will monitor security events, assist in incident response, and support vulnerability management initiatives. The ideal candidate should possess a degree in Cybersecurity or related...
- ...and safeguard our internal information systems. This role is responsible for analyzing security configurations and implementing security... ...related field, and 2+ years of experience in SOC analysis or incident response. Relevant security certifications such as Security+ or...
- Dormont Manufacturing Co is looking for an Incident Responder II in Atlanta, GA. This role involves monitoring security-related events... ...cybersecurity and proficiency in SIEM platforms. Additional responsibilities include creating incident reports and collaborating with...CyberFull time
- ...and a managed XDR service, to strengthen cyber resilience. Hundreds of thousands of IT... ...vulnerability management. This role is responsible for the design and execution of the human... ...Barracuda customers, directing critical incident response operations on their behalf, and...CyberContract workTemporary workWorldwideFlexible hours
- ...of tools. The role involves monitoring and escalating security events while evaluating data from cyber defense tools to mitigate threats effectively. Qualified applicants should have exposure to cyber operations and incident response. #J-18808-Ljbffr TechDigital GroupCyber
- ...operations through TheFense platform—our integrated MDR, SIEM, EDR, and response ecosystem designed for regulated industries, nonprofits,... ...customer environments. Description We are expanding our Incident Response leadership team with a hands‑on technical manager who...Work at officeNight shift
$75.75k - $110k
Georgia Tech in Atlanta is looking for a Cybersecurity Analyst to protect its information systems from cyber threats. The role involves monitoring security incidents and conducting risk assessments while developing and implementing security policies. To qualify, candidates...Cyber- ...loss, efficiency and customer experience outcomes. Manage a team responsible for agile design and execution of significant investment and... ..., product & channel technology teams, strategy & analytics and cyber security. Qualifications Required Qualifications: Bachelor's...CyberFull timePart timeWork experience placementShift workDay shift
- ...conferences and smaller forums ranging from 200-3000 attendees. Responsibilities include implementation of global events with a focus on event... ...Company paid dental, vision, life and disability insurance, Cyber and identity theft protection Complimentary gym membership...CyberTemporary workFor contractorsWork at officeImmediate startRemote workWorldwideFlexible hours
$239k - $278.5k
...will serve as a trusted executive advisor responsible for influencing our clients’... ...experience with security operations or incident response. Key Responsibilities Strategic... ...technologies (e.g., security technologies, cyber threat intelligence, risk and regulatory...CyberRemote workVisa sponsorshipWork visa
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cyber Incident Response Planner. Be the first to apply!

