Cyber Incident Response Commander

Sopra Steria

$90K — $120K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, Computer Science, or related STEM field
  • Minimum 5 years of experience in roles such as CERT, SOC, or GRC
  • Required certifications like GCFA, CIH, CISSP, CEH, ECSA, ITIL Foundation
  • Strong knowledge of incident response methodologies such as NIST and ISO 27035
  • Experience with SOC operations and forensic investigations
  • Ability to communicate complex cybersecurity topics to senior leadership
  • Experience in transport, shipping, or logistics is an asset

Responsibilities

  • Maintain and improve the Incident Response Plan and its appendices
  • Ensure alignment between the IRP and other security policies
  • Develop and refine incident response playbooks
  • Collaborate with Legal and Communications teams
  • Capture lessons learned and provide recommendations for improvement
  • Act as Incident Commander during security incidents
  • Coordinate cross-functional teams to respond to incidents
  • Monitor the lifecycle of incidents, ensuring effective communication

Benefits

  • Comprehensive benefits package that includes life insurance, long-term disability, and health coverage
  • Generous paid time off including sick leave and 3 weeks of vacation
  • Monthly transportation allowance
  • Excellent learning, development, and career advancement opportunities
  • Hybrid work environment promoting flexibility and connection
  • Complete equipment provided from day one
Full Job Description
Job Description

The Cyber Incident Response Commander plays a critical leadership role in managing and coordinating the organization's response to cybersecurity incidents. This role is responsible for ensuring that security events are effectively identified, assessed, contained, and remediated, while minimizing business impact.

As part of the CERT (Computer Emergency Response Team), the Incident Response Commander works at the intersection of technical teams and business stakeholders, leading incident response activities and ensuring alignment with internal policies and regulatory requirements.

The role reports to the Incident Response Manager.

Key Responsibilities

1. Incident Response Governance & Continuous Improvement
  • Maintain and continuously improve the Incident Response Plan (IRP) and its appendices
  • Ensure alignment between the IRP and other relevant security policies and frameworks
  • Develop and refine incident response playbooks to ensure clarity of roles and operational efficiency
  • Collaborate with Legal and Communications teams to strengthen response processes
  • Tailor IRPs to specific scopes (e.g., regions, subsidiaries, maritime operations)
  • Capture lessons learned from incidents and provide actionable improvement recommendations
  • Identify links and patterns between incidents to improve detection and response strategies
  • Support internal and external audits by providing required documentation and evidence

2. Incident Management & Command
  • Act as Incident Commander during security incidents, coordinating cross-functional teams
  • Assess incident severity and determine appropriate escalation levels
  • Formally declare major incidents in line with risk and regulatory criteria
  • Lead incident response activities in accordance with defined plans and playbooks
  • Ensure effective collaboration between technical and business stakeholders
  • Prioritize and oversee forensic investigations and evidence collection
  • Monitor incident lifecycle: analysis, containment, mitigation, and recovery
  • Ensure timely and clear communication, reporting, and stakeholder notifications

3. Collaboration & Contribution
  • Contribute to Cyber Defense Center initiatives and transversal activities
  • Support cybersecurity projects, compliance efforts, and continuous improvement programs
  • Participate in strengthening CERT capabilities and overall cyber resilience


Qualifications

Profile & Experience
  • Bachelor's degree (or equivalent) in Cybersecurity, Computer Science, or related STEM field
  • Minimum 5 years of experience in cybersecurity roles such as:
    • CERT / CSIRT
    • SOC / SecOps
    • GRC (Governance, Risk & Compliance)

Required Certifications (or equivalent experience):
  • GCFA, CIH, CISSP, CEH, ECSA, ITIL Foundation

Technical & Functional Skills
  • Strong knowledge of incident response methodologies (e.g., NIST, ISO 27035, SANS)
  • Experience with SOC operations and forensic investigations
  • Good understanding of security tools, detection, and response techniques
  • Ability to communicate complex cybersecurity topics to senior leadership and executives
  • Experience in transport, shipping, or logistics environments is an asset

Languages
  • Professional proficiency in English (written and spoken)


Additional Information

What you can look forward to:
  • Competitive compensation including a strong base salary and annual performance bonus.
  • A comprehensive, fully covered benefits package designed with your well-being in mind:
    • life insurance,
    • long-term disability,
    • health, dental, and vision coverage,
    • plus a health spending account for additional flexibility.
    • Sopra Steria covers 100% of premiums, so you can focus on growing your career with total peace of mind.
  • Generous paid time off, including sick leave, personal days, and 3 weeks of vacation to recharge and take care of what matters most.
  • A monthly transportation allowance, making your commute smoother and more affordable.
  • Excellent learning, development, and career advancement opportunities, backed by active support to help you strengthen your skills. You'll grow within a company culture that is caring, collaborative, and genuinely inclusive.
  • A hybrid work environment that offers the best of both flexibility and connection.
  • All the equipment you need to stay productive and perform at your best from day one.

Similar Jobs

More Jobs at Sopra Steria

More Information Technology Jobs

Find similar Cyber Incident Response Commander jobs: