The Cyber Incident Response Commander is responsible for leading the coordination, communication, and strategic management of cybersecurity incidents across the organization. This role will act as the central authority during cyber incidents, guiding the organization through detection, containment, eradication and recovery. The ideal candidate brings deep incident response expertise, leadership, organization, and the ability to operate in high-pressure, time sensitive environment.
Lead the end-to-end lifecycle of cyber incidents, including detection, containment, eradication, recovery and post-incident review.
Make containment and eradication decisions based on real-time risk assessment.
Organize and coordinate incident response activities across functional teams and relevant stakeholders.
Oversee forensic investigations, malware analysis, log review, and threat hunting activities.
Communicate incidents status and response strategy clearly to executives, legal, compliance, public relations and technology leadership. And prepare executive-level reports summarizing incident impact, response actions and future mitigations.
Implement lessons learned to harden defenses and reduce response times for future events.
Develop and continuously improve incident response processes such as IR playbooks/plans.
Develop and facilitate tabletop or simulation exercises (e.g., insider threat, ransomware, zero-day exploit) for various audiences within lululemon.
Provide after-hour support as needed and participate in on-call rotation.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
Bachelors degree in cybersecurity, computer science, information technology, or related field.
5+ years of experience in cybersecurity including at least 3 years in a security operations or incident response.
Experience handling major cyber incidents such as ransomware, APT intrusions, or data breaches.
Exceptional organizational skills with the ability to coordinate and drive results.
Exceptional written and verbal communication skills.
Excellent crisis management, decision-making, and leadership under pressure.
Strong knowledge of incident response methodologies, including NIST 800-61, and security frameworks and standards such as ISO 27001, PCI DSS, and NIST.
Strong analytical and troubleshooting abilities to investigate, identify, and resolve security incidents quickly and effectively.
Strong understanding of security concepts and threat categories (such as malware, phishing attacks, Defense-in-Depth, MITRE ATT&CK framework, Cyber Kill Chain, etc.).
Demonstrated experience in computer security-related disciplines such as incident response, host forensics, malware analysis, container security, network traffic analysis, Insider Threat, alert tuning, and trend analysis.
Experience working with security tools such as Azure Sentinel, Splunk, Microsoft Defender Security Suite, firewalls, IDS/IPS, antispam, content management, server and network device hardening, etc.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.