At One eSecurity, we are a market-leading specialist in Threat Detection and Digital Forensics & Incident Response (DFIR). Our commitment to excellence, innovation, and passion drives everything we do. We’re looking for a top-tier cybersecurity professional with 8+ years of experience coordinating security operations, incident response, and cyber defense activities in enterprise environments for an on-site position. The work would be done only three days a week (Friday to Sunday): in person on Fridays and remotely on the weekends. Keys responsibilities: Coordinate and oversee cybersecurity incident response activities across enterprise environments. Lead the prioritization, escalation, containment, eradication, and recovery processes for security incidents. Ensure continuous and effective monitoring and detection operations coverage. Design, maintain, and improve incident response procedures, operational playbooks, and escalation workflows. Define and standardize incident severity classifications, response SLAs, and escalation paths. Coordinate communication with technical teams, management, legal, corporate communications, external providers, CERTs, regulators, and customers. Lead post-incident reviews, lessons learned activities, and continuous improvement initiatives. Monitor operational metrics and provide regular reporting to management. Act as the primary coordination point during high-severity cybersecurity incidents. Support cyber defense exercises, audits, and operational readiness activities. Requiered experience & qualifications: Bachelor’s degree in Computer Science, Cybersecurity, Telecommunications, Engineering, or related field. 5+ years of experience in cybersecurity operations. 3+ years coordinating SOC, detection, or incident response operations. Experience designing and maintaining formal incident response procedures and operational processes. Experience working in regulated or high-demand enterprise environments. Strong communication and stakeholder management skills. Ability to coordinate multidisciplinary teams during high-pressure situations. Technical skills: Frameworks & Standards NIST CSF 2.0 MITRE ATT&CK NIST SP 800-61 ISO/IEC 27001 and ISO/IEC 27035 Security Platforms & Tooling SIEM platforms (Microsoft Sentinel, Splunk, QRadar, Elastic, ArcSight) EDR/XDR solutions (CrowdStrike, SentinelOne, Microsoft Defender) SOAR platforms Threat Intelligence platforms ITSM / Incident management tools Infrastructure & Cloud TCP/IP, DNS, VPNs, firewalls, proxies Cloud security fundamentals (Azure required; AWS/GCP desirable) Microsoft Defender for Cloud and Entra ID Log analysis and basic forensic concepts Container and Kubernetes security fundamentals Nice to have: Experience in regulated or critical infrastructure environments. Experience supporting global incident response operations. Offensive security or adversary emulation experience. Certifications At least one of the following certifications is highly valued: CISSP, CISM, GCIH, GCIA or CompTIA CySA+. Languages Spanish: Native or C1 English: B2 or higher What We Offer What makes us different from other companies? Exciting professional DFIR projects for the largest corporations across the globe. A top team of highly recognized professionals in the field. An attractive salary. #J-18808-Ljbffr