Lead Incident Response Analyst

Transocean

Houston, Texas

JOB DETAILS
SKILLS
Analysis Skills, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, CompTIA Security+, Computer Security, Continuous Improvement, Corrective Action, Cyber Investigation, GCFA - GIAC Certified Forensic Analyst, GCIH - GIAC Certified Incident Handler, Hunting, Incident Management, Incident Response, Information Technology & Information Systems, Internet Security, Leadership, Mentoring, Metrics, Operational Audit, Operations Management, Operations Processes, Organizational Development/Management, Performance Metrics, Procedure Development, Reporting Dashboards, Root Cause Analysis, Security Analysis, Security Attacks, Security Infrastructure, Security Monitoring, Technical Leadership
LOCATION
Houston, Texas
POSTED
4 days ago
Information Technology Group

Transocean is focused on being the employer of choice for the drilling industry.

We are challenging ourselves every day to push the performance of the company through technological advances and passion for our work.

Job Summary

Serves as the dedicated lead responder for Transocean's Cyber Security Incident Response Team (CSIRT), responsible for leading major investigation, coordination, containment, eradication, recovery, and post-incident analysis of cybersecurity incidents across enterprise and operational technology environments. Acts as the primary point of contact for cybersecurity incident response activities, coordinating with internal stakeholders, managed security providers, technology teams, and third-party vendors. Provides expert guidance on cyber threats, incident response processes, threat intelligence, and continuous improvement of the organization's security operations and incident management capabilities.

Job Description

Key Roles & Responsibilities

  • Lead and coordinate cybersecurity incident investigations, including triage, analysis, validation, containment, eradication, recovery, and closure of security incidents.
  • Serve as the primary incident commander working closely with management during major security events, coordinating activities between Security Operations, Infrastructure, Identity & Application teams.
  • Develop, maintain, and improve incident response procedures, playbooks, runbooks, escalation processes, and detection methodologies.
  • Lead post-incident reviews, root cause analysis activities, lessons learned sessions and recommend corrective actions to prevent recurrence.
  • Communicate incident status, risks, and remediation activities to technical teams, management, executives, and external stakeholders.
  • Provide mentoring and guidance to junior analysts, MSSP personnel, and incident response stakeholders regarding incident handling procedures and cyber threats.
  • Produce incident metrics, reports, KPI dashboards, and executive summaries that measure CSIRT effectiveness and operational maturity.
  • Lead continuous improvement initiatives across security monitoring and incident response functions by collaborating with Security Engineering teams to enhance detection coverage, automate response activities, improve security analytics, and drive operational metrics such as mean time to detect (MTTD), mean time to respond (MTTR), and overall incident response effectiveness.

Education

  • Minimum Required - Bachelor's degree in Information Technology or Cybersecurity Related Experience, one or more security certifications such as Security+
  • Preferred - Bachelor's degree in Information Technology or Cybersecurity Related Experience, one or more security certifications such as Security +, GCIH, GCFA, CISSP, CISM or equivalent

Experience

  • Minimum Required - 3 years focused on incident response, threat hunting, security operations or cyber investigations
  • Preferred - 7+ years of cybersecurity experience leading Security Operations Center (SOC)

If you want to push yourself to great achievement, let Transocean develop your career.

About the Company

T

Transocean