Incident Response Lead

Get AI-powered advice on this job and more exclusive features.

Coalition is the world's first Active Insurance provider designed to help prevent digital risk before it strikes. Founded in 2017, Coalition combines comprehensive insurance coverage and innovative cybersecurity tools to help businesses manage and mitigate potential cyberattacks.

Opportunities to make an impact with bold thinking are real—and happening daily at Coalition.

About us

Coalition is the world's first Active Insurance provider designed to help prevent digital risk before it strikes. Founded in 2017, Coalition combines comprehensive insurance coverage and innovative cybersecurity tools to help businesses manage and mitigate potential cyberattacks.

Opportunities to make an impact with bold thinking are real—and happening daily at Coalition.

About the role

As an Incident Response Lead, your mandate is to protect our customers from loss by guiding teams of incident responders in digital forensics and incident response engagements with a wide variety of consumers. You will assist Coalition’s consumers through data breaches and claims events, guiding incident response efforts with our consumers and partners. You will own engagement planning, implementation, and communication, guiding and advising customers and their legal counsel. Incident Response Leads are also asked to provide advice on topics ranging from security architecture and cloud security to data protection and compliance.

Our team comprises experts across many cybersecurity domains, including Incident Response, Threat Intelligence, Security Architecture, Cyber Risk Management, Security Strategy, Controls, Compliance, and Governance. We need you to be a self-starter, confident with consumers, and passionate about customer service. You will drive investigations of ransomware and business email compromise cases from scoping to report delivery.

Responsibilities

• Drive incident response engagements to guide our customers through forensic investigations, contain security incidents, and recommend long-term remediation strategies.
• Coordinate and guide incident response assistance from team members and vendors.
• Investigate customer data breaches and malicious activities using forensics tools; analyze systems and logs to identify Indicators of Compromise (IOCs).
• Lead proactive cybersecurity advisory and consulting engagements such as tabletop exercises, assessments, and documentation reviews.
• Provide strategic guidance on security architectures, cloud security, and compliance frameworks like NIST, HIPAA, and PCI.
• Develop and implement long-term remediation strategies and contribute to process improvements.
• Evaluate customer security programs and recommend enhancements.
• Stay updated on regulatory and industry trends.

Skills and Qualifications

• Bachelor’s Degree in Computer Science, Information Security, Engineering, or relevant field.
• At least 5+ years of incident response or digital forensics experience.
• Deep knowledge of network threats, attack methods, and intrusion tactics.
• Excellent communication skills for technical and non-technical audiences.
• Proficiency in analyzing security environments and identifying gaps.
• Familiarity with regulatory requirements (NIST, HIPAA, PCI).
• Project management experience managing multiple projects.
• Knowledge of TCP/IP, network assessment, and security tools like Velociraptor, Axiom, FTK, etc.
• Experience with EDR tools such as CrowdStrike Falcon, Carbon Black, etc.
• Self-motivated with strong interpersonal skills and ability to learn quickly.
• Experience deploying tools in AWS and using cloud platforms for assessments.

Bonus Points

• Experience with security policies, governance, privacy, or regulatory frameworks.
• Cloud security experience (Azure, AWS).
• System hardening for Windows, Linux, Unix; offensive tools knowledge.
• Scripting and automation skills; SCADA/Control systems experience is a plus.

Compensation

US salary ranges from $130,000 to $201,000/year, depending on location and experience. Compensation is based on education, skills, experience, and geographic factors.

Perks

• 100% medical, dental, and vision coverage.
• Flexible PTO, home office stipend, WeWork access.
• Wellness programs including One Medical, Headspace, Wellhub, and more.
• Opportunities for growth and advancement.

Why Coalition?

Our mission is to Protect the Unprotected. We foster a remote, inclusive culture built on responsibility, humility, and collaboration. Join us in addressing real-world digital risks for organizations of all sizes.