Transocean Ltd

Lead Incident Response Analyst

Transocean Ltd$90K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Information Technology or Cybersecurity
  • 3+ years in incident response or cyber investigations
  • Security+ certification and additional preferred certifications (GCIH, GCFA, CISSP, CISM)
  • Experience in leading Security Operations Center (SOC) operations (7+ years preferred)
  • Strong communication skills for stakeholder engagement

Responsibilities

  • Lead and coordinate incident investigations across cybersecurity environments
  • Serve as the incident commander during major security events
  • Develop and refine incident response playbooks and processes
  • Conduct post-incident reviews and root cause analysis
  • Communicate incident status and risks to various stakeholders
  • Mentor junior analysts and improve incident handling procedures
  • Produce metrics and reports measuring the CSIRT's effectiveness

Benefits

  • Opportunity for continuous professional development and training
  • Collaborative work environment with exposure to cutting-edge cybersecurity technologies
  • Engagement in strategic initiatives enhancing organizational security posture
  • Mentorship opportunities for career progression
  • Participation in high-impact incident response operations
Full Job Description
Job Summary Serves as the dedicated lead responder for Transocean's Cyber Security Incident Response Team (CSIRT), responsible for leading major investigation, coordination, containment, eradication, recovery, and post-incident analysis of cybersecurity incidents across enterprise and operational technology environments. Acts as the primary point of contact for cybersecurity incident response activities, coordinating with internal stakeholders, managed security providers, technology teams, and third-party vendors. Provides expert guidance on cyber threats, incident response processes, threat intelligence, and continuous improvement of the organization's security operations and incident management capabilities. Job Description Key Roles & Responsibilities - Lead and coordinate cybersecurity incident investigations, including triage, analysis, validation, containment, eradication, recovery, and closure of security incidents. - Serve as the primary incident commander working closely with management during major security events, coordinating activities between Security Operations, Infrastructure, Identity & Application teams. - Develop, maintain, and improve incident response procedures, playbooks, runbooks, escalation processes, and detection methodologies. - Lead post-incident reviews, root cause analysis activities, lessons learned sessions and recommend corrective actions to prevent recurrence. - Communicate incident status, risks, and remediation activities to technical teams, management, executives, and external stakeholders. - Provide mentoring and guidance to junior analysts, MSSP personnel, and incident response stakeholders regarding incident handling procedures and cyber threats. - Produce incident metrics, reports, KPI dashboards, and executive summaries that measure CSIRT effectiveness and operational maturity. - Lead continuous improvement initiatives across security monitoring and incident response functions by collaborating with Security Engineering teams to enhance detection coverage, automate response activities, improve security analytics, and drive operational metrics such as mean time to detect (MTTD), mean time to respond (MTTR), and overall incident response effectiveness. Education - Minimum Required - Bachelor's degree in Information Technology or Cybersecurity Related Experience, one or more security certifications such as Security+ - Preferred - Bachelor's degree in Information Technology or Cybersecurity Related Experience, one or more security certifications such as Security +, GCIH, GCFA, CISSP, CISM or equivalent Experience - Minimum Required - 3 years focused on incident response, threat hunting, security operations or cyber investigations - Preferred - 7+ years of cybersecurity experience leading Security Operations Center (SOC)

About Transocean Ltd

Transocean Ltd is a Swiss offshore drilling contractor that provides drilling services to the oil and gas industry. The company operates a fleet of ultra-deepwater, harsh-environment, and midwater rigs. Transocean's rigs are capable of drilling in water depths of up to 12,000 feet and drilling to depths of up to 40,000 feet. The company's customers include national and international oil companies, independent exploration and production companies, and government-controlled oil companies. Transocean was formed in 1993 and is headquartered in Geneva, Switzerland.
Learn more about Transocean Ltd
Size
5,530 employees
Market Cap
$3.2 billion
Industry
Net Income
-$567 million
5 Year Trend
-9.3%
Revenue
$3.1 billion
NASDAQ

Similar Jobs

More Jobs at Transocean Ltd

More Information Technology Jobs

Find similar Lead Incident Response Analyst jobs: