← All Positions
Posted May 16, 2026

Incident Response Lead, Cyber Security

Apply Now
About The Role What if your hard-won experience in the SOC trenches could directly strengthen how organizations detect, respond to, and contain real threats? We're looking for a seasoned Incident Response Lead to independently evaluate SOC operations — reviewing detection workflows, stress-testing playbooks, and surfacing the gaps that keep security teams up at night. This is a fully remote, flexible contract engagement. If you've lived through real incidents, built response processes from scratch, or spent time hunting for what others missed — this is work that will feel both familiar and meaningful. • Type: Hourly Contract • Location: Remote • Commitment: Flexible What You'll Do • Evaluate detection alert pipelines, triage workflows, and escalation pathways for quality and consistency • Assess the completeness and effectiveness of incident response actions across real or simulated timelines • Identify critical gaps in logging coverage, detection logic, and containment procedures • Review and validate incident response playbooks for clarity, accuracy, and operational feasibility • Summarize recurring incident patterns and pinpoint operational bottlenecks • Support ongoing assessments of SOC maturity and overall response readiness • Deliver structured, analytical documentation that drives actionable improvements Must-Have Who You Are • Hands-on experience in SOC operations, incident response leadership, or cybersecurity operations • Strong working knowledge of detection engineering, response workflows, and incident lifecycle management • Sharp analytical thinking with the ability to translate findings into clear, structured written assessments • Comfortable working independently and delivering consistent, high-quality evaluations Nice To Have • Familiarity with SIEM platforms (e.g., Splunk, Sentinel, Chronicle) • Experience with EDR tools and cloud-native detection systems • Background in threat intelligence, purple teaming, or adversary simulation • Relevant certifications such as GCIH, GCFA, CISSP, or equivalent Why Join Us • Apply deep security expertise to work that has a real, measurable impact on organizational resilience • Fully remote and flexible — complete assessments on a schedule that works for you • Freelance autonomy with meaningful, structured task-based work • Engage with a diverse range of SOC environments, toolsets, and operational challenges • Potential for ongoing work and contract extension across new assessments and engagements Apply tot his job Apply To this Job
Apply Now

More Remote Jobs

Strategic Account Manager, Industrial Machinery SalesMay 10, 2026Senior Cyber Security Ops Analyst and RemoteMay 10, 2026Remote Customer Service & Emergency Dispatch Representative – Security Monitoring Services (Full-Time)May 12, 2026**Experienced Data Entry Specialist – Remote Opportunity with arenaflex**May 26, 2026Territory Manager, Cardiac Imaging & Structural Heart (Dallas, Houston, San Antonio or Austin, TX) - Johnson & Johnson MedTech, ElectrophysiologyMay 27, 2026Web Application Penetration TesterMay 16, 2026Red Team Penetration Tester - Technical LeadMay 13, 2026Executive Assistant (UK only, fully remote)May 15, 2026Remote - Security Manager (Risk and Governance) | Cyber Security | CybersecurityMay 20, 2026Senior Web Penetration Tester, Part Time Hourly – Remote (Pacific Time Zone highly Preferred)May 25, 2026[Remote] Aerospace System Security EngineerMay 12, 2026Penetration Tester - US RemoteMay 20, 2026(Part-Time): Cybersecurity Policy & Cyber Emergency Response Team (CERT) Subject Matter Expert (SME)May 13, 2026Software Engineer, iOS Core Product - College Station, TX, USAMay 15, 2026Remote Data Entry Specialist – Accurate Data Management & Quality Assurance ProfessionalMay 16, 2026