Job Summary
CareCloud is seeking an experienced IR / Tier 3 Lead to serve as the senior incident responder responsible for managing and leading major cybersecurity incidents across the organization. The ideal candidate will possess strong expertise in incident response, digital forensics, threat analysis, and cyber crisis management. This role will lead investigations, coordinate recovery efforts, and provide technical guidance to security operations teams while continuously improving the organization's incident response capabilities.
Key Responsibilities
- Lead and manage high-severity cybersecurity incident investigations from identification through recovery.
- Coordinate containment, eradication, and remediation activities with internal and external stakeholders.
- Conduct digital forensic investigations on systems, endpoints, servers, and cloud environments.
- Perform malware analysis and determine attack vectors, indicators of compromise, and root causes.
- Develop detailed incident reports, executive summaries, and lessons learned documentation.
- Collaborate with Security Operations Center (SOC), IT, Infrastructure, Compliance, and Engineering teams during incident response activities.
- Enhance incident response playbooks, processes, and procedures to improve organizational readiness.
- Support threat hunting activities and proactively identify potential security threats.
- Provide technical mentorship and guidance to SOC analysts and junior incident responders.
- Assist in security monitoring, detection engineering, and response automation initiatives.
- Participate in cyber crisis simulations, tabletop exercises, and readiness assessments.
- Ensure compliance with security policies, regulatory requirements, and industry best practices.
Required Qualifications
- Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field.
- Minimum 5 years of hands-on experience in cybersecurity incident response and digital forensics.
- Strong knowledge of incident response frameworks and methodologies.
- Experience with forensic investigation tools, endpoint analysis, and log analysis platforms.
- Hands-on experience conducting malware investigations and threat analysis.
- Knowledge of operating systems, networking, cloud technologies, and security controls.
- Experience working with SIEM, EDR, IDS/IPS, and threat intelligence platforms.
- Strong analytical, troubleshooting, and problem-solving skills.
- Excellent communication and documentation abilities.
Preferred Qualifications
- GCFA (GIAC Certified Forensic Analyst)
- GCIH (GIAC Certified Incident Handler)
- GCFE, GNFA, CISSP, or equivalent cybersecurity certifications
- Experience with cloud security incident response in AWS, Azure, or Google Cloud environments.
- Knowledge of MITRE ATT&CK framework and cyber threat intelligence practices.
Skills Required
- Incident Response
- Digital Forensics
- Malware Analysis
- Threat Hunting
- Security Monitoring
- SIEM Platforms
- Endpoint Detection and Response (EDR)
- Threat Intelligence
- Network Security
- Root Cause Analysis
- Security Operations
- Report Writing and Documentation
- Leadership and Team Mentoring
Experience
5+ years of experience in Cybersecurity Incident Response, Digital Forensics, Security Operations, or related security disciplines.
Application Question(s):
- Are you willing to move to Bagh?
- What is your current salary?
- What is your expected salary?
- How early you can join us?
Work Location: In person