Incident Response Engagement-Lead in Canada Creek, Nova Scotia at Jobgether
Explore Related Opportunities
Job Description
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Incident Response Engagement-Lead based in Canada.
This role offers the opportunity to guide organizations through complex cyber incidents by combining technical expertise, communication skills, and project leadership.
You will act as a key advisor throughout the incident response lifecycle, helping stakeholders navigate high-pressure situations with confidence and clarity.
The position sits at the intersection of cybersecurity, insurance, legal coordination, and customer success.
You will collaborate with forensic experts, legal teams, claims professionals, and business leaders to drive effective incident outcomes.
The ideal candidate brings strong DFIR experience, consulting capabilities, and the ability to translate technical findings into actionable insights.
This is a high-impact opportunity to contribute to the evolution of cyber resilience services while supporting organizations during critical security events.
The Incident Response Engagement-Lead will oversee cyber incident engagements from initial assessment through recovery, ensuring effective coordination between technical teams, legal partners, and affected organizations. This role requires strong ownership, structured project management, and the ability to communicate complex cybersecurity information clearly across diverse audiences.
- Lead and manage incident response activities, including scoping, containment, eradication, and recovery across complex multi-system environments.
- Serve as the primary liaison between claims teams, legal counsel, incident response providers, and policyholders throughout active engagements.
- Oversee digital forensics and incident response partners to ensure accurate investigations, timely delivery, and quality outcomes.
- Manage engagement scope, timelines, priorities, and stakeholder expectations across multiple concurrent incidents.
- Coordinate and facilitate briefings of forensic findings, adapting technical information for legal, executive, and operational audiences.
- Ensure proper handling of sensitive investigation materials while operating within legal frameworks such as Attorney-Client Privilege and Work Product Doctrine.
- Collaborate with claims, underwriting, and external partners to support incident documentation and informed coverage decisions.
- Contribute to improving incident response processes, methodologies, playbooks, and operational tools.
The ideal candidate is a cybersecurity professional with hands-on digital forensics and incident response experience, strong consulting capabilities, and the ability to operate effectively in legally sensitive and fast-moving environments. You should be comfortable managing complex investigations while communicating confidently with both technical and executive stakeholders.
- 4–6 years of hands-on experience in Digital Forensics and Incident Response (DFIR), with exposure to cyber insurance, breach response, or similar environments.
- Demonstrated experience managing cybersecurity incidents through investigation, containment, remediation, and recovery phases.
- Experience leading moderately complex investigations involving multiple systems and stakeholders.
- Strong project management skills, including the ability to identify risks, control scope changes, and maintain engagement timelines.
- Understanding of legal considerations related to incident response, including Attorney-Client Privilege and Work Product Doctrine.
- Excellent written and verbal communication skills with experience presenting technical findings to legal, business, and executive audiences.
- Bachelor’s degree in Cybersecurity, Information Security, Digital Forensics, Computer Science, or a related field preferred.
- Relevant certifications such as GIAC Certified Incident Handler (GCIH), GIAC Network Forensic Analyst (GNFA), CompTIA Cybersecurity Analyst (CySA+), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) are valued.
- Ability to work effectively with U.S.-based clients, legal teams, regulators, and security partners.
- Strong analytical mindset, attention to detail, adaptability, and ability to remain effective under pressure.
- Competitive compensation package aligned with experience and qualifications.
- Comprehensive benefits designed to support employee health, financial security, and overall well-being.
- Opportunities for professional growth and continuous learning within the cybersecurity industry.
- Collaborative and dynamic work environment focused on innovation and meaningful impact.
- Opportunity to work on critical cybersecurity challenges and help organizations strengthen their resilience.
- Inclusive workplace culture that values transparency, teamwork, empowerment, and diverse perspectives.
- Supportive environment where employees can contribute ideas and develop new skills.