Job DescriptionThe
Cyber Incident Response Commander plays a critical leadership role in managing and coordinating the organization's response to cybersecurity incidents. This role is responsible for ensuring that security events are effectively identified, assessed, contained, and remediated, while minimizing business impact.
As part of the CERT (Computer Emergency Response Team), the Incident Response Commander works at the intersection of technical teams and business stakeholders, leading incident response activities and ensuring alignment with internal policies and regulatory requirements.
The role reports to the Incident Response Manager.
Key Responsibilities1. Incident Response Governance & Continuous Improvement- Maintain and continuously improve the Incident Response Plan (IRP) and its appendices
- Ensure alignment between the IRP and other relevant security policies and frameworks
- Develop and refine incident response playbooks to ensure clarity of roles and operational efficiency
- Collaborate with Legal and Communications teams to strengthen response processes
- Tailor IRPs to specific scopes (e.g., regions, subsidiaries, maritime operations)
- Capture lessons learned from incidents and provide actionable improvement recommendations
- Identify links and patterns between incidents to improve detection and response strategies
- Support internal and external audits by providing required documentation and evidence
2. Incident Management & Command- Act as Incident Commander during security incidents, coordinating cross-functional teams
- Assess incident severity and determine appropriate escalation levels
- Formally declare major incidents in line with risk and regulatory criteria
- Lead incident response activities in accordance with defined plans and playbooks
- Ensure effective collaboration between technical and business stakeholders
- Prioritize and oversee forensic investigations and evidence collection
- Monitor incident lifecycle: analysis, containment, mitigation, and recovery
- Ensure timely and clear communication, reporting, and stakeholder notifications
3. Collaboration & Contribution- Contribute to Cyber Defense Center initiatives and transversal activities
- Support cybersecurity projects, compliance efforts, and continuous improvement programs
- Participate in strengthening CERT capabilities and overall cyber resilience
QualificationsProfile & Experience- Bachelor's degree (or equivalent) in Cybersecurity, Computer Science, or related STEM field
- Minimum 5 years of experience in cybersecurity roles such as:
- CERT / CSIRT
- SOC / SecOps
- GRC (Governance, Risk & Compliance)
Required Certifications (or equivalent experience):- GCFA, CIH, CISSP, CEH, ECSA, ITIL Foundation
Technical & Functional Skills- Strong knowledge of incident response methodologies (e.g., NIST, ISO 27035, SANS)
- Experience with SOC operations and forensic investigations
- Good understanding of security tools, detection, and response techniques
- Ability to communicate complex cybersecurity topics to senior leadership and executives
- Experience in transport, shipping, or logistics environments is an asset
Languages- Professional proficiency in English (written and spoken)
Additional InformationWhat you can look forward to:- Competitive compensation including a strong base salary and annual performance bonus.
- A comprehensive, fully covered benefits package designed with your well-being in mind:
- life insurance,
- long-term disability,
- health, dental, and vision coverage,
- plus a health spending account for additional flexibility.
- Sopra Steria covers 100% of premiums, so you can focus on growing your career with total peace of mind.
- Generous paid time off, including sick leave, personal days, and 3 weeks of vacation to recharge and take care of what matters most.
- A monthly transportation allowance, making your commute smoother and more affordable.
- Excellent learning, development, and career advancement opportunities, backed by active support to help you strengthen your skills. You'll grow within a company culture that is caring, collaborative, and genuinely inclusive.
- A hybrid work environment that offers the best of both flexibility and connection.
- All the equipment you need to stay productive and perform at your best from day one.