Enterprise Incident Leadership Leads response for complex, high‑impact cybersecurity incidents across global enterprise environments, including major outages, cloud security events, AI‑enabled threats, and automation‑driven detections. Owns incident command, drives root‑cause determination, orchestrates corrective actions, and ensures response activities align to enterprise risk posture, business continuity requirements, and regulatory expectations.
Cross‑Functional Incident Coordination Directs large‑scale incident coordination across Cyber Defense, Threat Intelligence, Cloud Security, Identity, Fraud, Infrastructure, SRE, and application engineering teams. Provides clear, time‑sensitive direction during rapidly evolving events and ensures leadership receives concise, accurate, and actionable situational updates.
Frontier AI Threat Response Drives readiness and response for emerging AI‑enabled threats, including AI‑assisted vulnerability discovery, exploit generation, model misuse, and unauthorized access to advanced AI systems. Integrates threat intelligence into detection strategy, escalation criteria, and executive‑level situational awareness.
Security Monitoring & AI‑Driven Detection Monitors enterprise systems, networks, cloud platforms, and AI SOC capabilities to identify and triage potential threats. Leverages automation, ML‑driven detections, and AI‑assisted triage to increase speed, consistency, and quality of incident response.
Executive‑Ready Reporting Produces high‑quality incident reports, executive summaries, and post‑incident reviews that clearly articulate business impact, technical findings, decision rationale, and opportunities for prevention and resilience.
Process Governance & Recertification Conducts periodic recertification of incident response procedures, major incident workflows, escalation paths, and operational documentation. Ensures processes remain current for traditional security events, cloud‑native incidents, AI‑enabled threats, and enterprise‑wide response scenarios.
Playbook & Automation Development Maintains and enhances documentation, playbooks, and workflows supporting triage, major incident management, cloud incident response, AI SOC operations, and automated investigation pipelines. Identifies opportunities to reduce manual effort and improve response consistency through automation and AI‑assisted workflows.
Audit & Compliance Support Supports security audits, control reviews, and evidence validation to ensure compliance with enterprise policies and regulatory requirements. Maintains audit‑ready documentation of response actions, approvals, and investigative findings.
Technical Leadership & Mentorship Serves as an escalation point for complex investigations and high‑risk events. Coaches junior responders and partner teams on incident response best practices, cloud security response, AI SOC concepts, automation‑enabled triage, and executive‑level communication.
Strategic Security & AI SOC Modernization Contributes to strategic initiatives focused on AI SOC modernization, incident response automation, ML‑enabled detection, cloud security response, threat intelligence integration, and enterprise operational resilience.
Minimum five years of relevant experience, including at least two years in cybersecurity, incident response, security operations, cloud security, threat intelligence, automation, or major incident management.
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field — or equivalent practical experience.
Demonstrated experience leading or supporting major enterprise‑wide cybersecurity incidents, including cross‑functional coordination, executive communications, containment planning, and post‑incident analysis.
Experience with AI SOC capabilities, incident response automation, ML‑driven detections, cloud incident response, and integrated threat intelligence workflows preferred.
Familiarity with emerging AI‑enabled cyber threats, including accelerated vulnerability discovery, AI‑assisted exploit development, model misuse, and the operational implications for enterprise security programs.
This role provides enterprise‑level leadership for complex cybersecurity incidents, including major incidents, cloud‑native events, AI‑enabled threats, and automation‑driven detections. The position drives cross‑functional coordination, root‑cause analysis, corrective action planning, and executive‑ready communication. It also plays a key role in advancing AI SOC modernization by maturing incident response automation, ML‑enabled triage, cloud incident response capabilities, and readiness for frontier AI threats such as AI‑assisted vulnerability discovery and exploit generation.
By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.
The Judge Group Inc., is a leading professional services firm specializing in talent, technology, and learning solutions. We consult, staff, train, and solve. Through our work we make people and organizations better. Our services are successfully delivered through a network of more than 30 offices across the United States, Canada, and India.
The Judge Group is proud to partner with the best and brightest companies in business today, including over 60 of the Fortune 100. We serve organizations in financial services, healthcare, life sciences, insurance, government (including aerospace and defense), manufacturing, and technology and telecommunications. If you would like to learn more about The Judge Group visit www.judge.com or call toll free (800) 360-4474.