This role is responsible for leading the firm's incident response, digital forensics, threat intelligence, and security operations activities. Working closely with technical teams and business stakeholders, you will strengthen the organization's ability to detect, respond to, and recover from cybersecurity threats while enhancing overall security resilience. The role translates threat intelligence into actionable defensive measures, drives continuous improvement of incident response and crisis management capabilities, and helps ensure alignment with industry best practices. The successful candidate will bring a collaborative, analytical, and process-driven approach to protecting the firm from evolving cyber threats.
Location: Milwaukee, WI | Chicago, IL | San Francisco, CA
ResponsibilitiesThe candidate is expected to:
- Lead investigations into security breaches, malware infections, insider threats, brand impersonations, and other security incidents
- Coordinate containment, eradication, and recovery activities to reduce business impact and restore operations quickly
- Manage crisis communications, executive updates, and post-incident reporting with clear, concise documentation
- Develop, maintain, and regularly test incident response playbooks, runbooks, and supporting response procedures
- Gather, analyze, and operationalize threat data from internal and external sources to improve detection and response
- Apply threat intelligence frameworks and methodologies, including MITRE ATT&CK, to identify adversary tactics, techniques, and procedures
- Support threat hunting efforts by identifying suspicious activity, investigating anomalies, and recommending detection improvements
- Identify opportunities to improve incident monitoring, detection, and response processes, and support the implementation of enhancements
- Help design and enhance Crisis & Incident Response capabilities aligned with industry standards and frameworks, including ISO 27001, NIST, and CIS, to improve organizational readiness, response, and recovery
- Partner with security governance, technical teams, and business units to maintain an effective security posture and align with corporate security policies
- Automate recurring operational security tasks and integrate threat intelligence into detection pipelines and workflows
- Serve as a bridge between technical teams and business stakeholders, ensuring security priorities are understood and addressed across the organization
QualificationsThe successful candidate will possess strong analytical skills and attention to detail. Additionally, the ideal candidate will possess:
- 3-5 years of experience in incident response, security operations, threat intelligence, or a related cybersecurity discipline
- Bachelor's degree in cybersecurity, information security, computer science, information technology, or a related field preferred
- Forensics certifications preferred (e.g., GCFE, GCFA, GCFR, GCIH, etc.)
- Hands-on experience with forensic tools, SIEM platforms, and EDR solutions
- Demonstrated knowledge of incident response lifecycle activities, including triage, containment, remediation, and lessons learned
- Experience using threat intelligence sources and frameworks to support detection engineering and threat hunting
- Strong written and verbal communication skills, with the ability to present technical information to non-technical audiences
- Proven ability to manage multiple priorities in a fast-paced environment and respond effectively to high-severity events
Salary Range: $100,000-$150,000
Specific placement within the provided range will be determined by an individual's geographic location as well as relevant experience and skills for the role. Base salary is only one component of our total compensation package. Associates may be eligible for a discretionary bonus, which is determined upon Firm and individual performance.
#LI-Hybrid/span>
