Senior Cybersecurity Incident Responder
Description:
Job Description
Senior Cybersecurity Incident Responder
Must be based in San Antonio, Texas 1-2 days per week in office (no C2C)
Technical Integrity is proud to once again be partnering with a nationally recognized Data Center Industry leader.We are actively interviewing for a Senior Cybersecurity Incident Responder to lead incident response and investigation efforts for the cybersecurity engineering team. This is a senior-level role ideal for someone with deep expertise in digital forensics, cloud security, and crisis management, especially across enterprise and hybrid cloud environments.
The company has a long-standing track record of delivering complex, large-scale infrastructure projects for the worlds most demanding clients, including top global enterprises. Its leadership in data center strategy, development, and operations is matched by a strong commitment to innovation, sustainability, and security.
Position Overview
Reporting to the VP of Cybersecurity, the Senior Incident Responder will be the lead force behind the organization's incident response program. The role includes guiding experienced engineers during critical incidents, directly investigating threats across Microsoft Azure, M365, Intune, Sentinel, and Linux/Windows systems, and driving strategic cybersecurity initiatives to improve detection and resilience through the consistent advancement of the overall security maturity program.
Key Responsibilities
Incident Leadership: Direct high-severity response efforts from containment through recovery, ensuring rapid, coordinated actions across teams
Technical Investigations: Conduct in-depth analysis of security incidents across Windows, Linux, and Azure-based platforms (M365, Intune, Sentinel, Purview)
Mentorship: Lead and coach a small team of cybersecurity engineers, cultivating collaboration and high performance
Hands-On Triage: Actively engage in queue management and response efforts, setting the pace for incident resolution
Strategic Initiatives: Drive maturity of the companys cybersecurity posture through advanced threat detection, tooling, and procedural improvements
Executive Reporting: Deliver concise, business-aligned updates to leadership with clear recommendations
Cross-Team Collaboration: Work with IT, operations, and engineering to embed preventative security practices across systems
Documentation: Develop and maintain incident response plans, playbooks, and post-incident reports aligned with compliance and best practices
Minimum Qualifications
1015 years in cybersecurity with a strong emphasis on incident response and forensics
Proven leadership experience in managing complex incident response efforts
Deep technical fluency in:
Windows systems (memory and log analysis, malware investigation)
Linux systems (command-line forensics, hardening techniques)
Azure Cloud & Microsoft security stack (M365, Intune, Sentinel, Purview)
Strong scripting knowledge (PowerShell, Python)
Experience guiding and mentoring engineering teams
Effective executive communication and reporting skills
History of managing cybersecurity projects with measurable results
Preferred Qualifications
Experience securing critical infrastructure or data centers
Familiarity with multi-cloud or hybrid environments (AWS, GCP, etc.)
Background in offensive security or threat hunting
Mastery of tools like CrowdStrike, Splunk, Wireshark, Volatility, etc.
Experience aligning practices with compliance standards (e.g., NIST, SOC 2, GDPR)
Optional but valuable certifications: GCIH, GCFA, CISSP, Azure Security Engineer Associate
Additional Information
Compensation is competitive and based on experience, skills, and other job-relevant factors. The target cash compensation (base plus bonus) is $165k - $180k. Work permit sponsorship is not available for this position.
Full-time
Hybrid remote