
Senior Incident Responder
Posted Jun 25

Posted Jun 25
This is a fully remote position, open to applicants in Philippines.
β’ Take charge of live incident response activities from start to finish β this includes scoping, containment, evidence collection, forensic analysis, and final reporting in cases involving BEC, ransomware/DFIR, data breaches, compromise assessments, insider threats, and digital forensics.
β’ Conduct in-depth technical investigations across Windows, Linux, macOS, and cloud platforms, making decisive calls on the investigative direction and ensuring the quality of findings.
β’ Manage multiple concurrent engagements of varying complexity, adeptly balancing competing priorities while maintaining high-quality outputs for each case.
β’ Uphold the integrity of all work on the engagements you oversee β ensuring proper chain of custody, evidence handling, quality of deliverables, and an exceptional client experience throughout the process.
β’ Collaborate directly with clients to define new incident response cases β transforming ambiguous, high-pressure situations into clear action plans, deliverables, and commercial agreements.
β’ Serve as the primary technical liaison for clients during the engagement, effectively communicating findings, risks, and recommended next steps with clarity and confidence.
β’ Offer advisory guidance on remediation, recovery, and system hardening, while recognizing when to involve additional resources β such as legal, insurance, or specialist services β to adequately support the client.
β’ Mentor junior responders during live engagements β distributing tasks, evaluating their work, and providing coaching on tradecraft, client engagement, and sound judgment.
β’ Share your knowledge through write-ups, internal training sessions, walkthroughs, and on-the-job guidance, ensuring the team's continuous improvement with each case.
β’ Lead project delivery through others when necessary: defining the scope of work, allocating tasks, ensuring quality standards are met, and stepping in technically when needed most.
β’ Contribute to the ongoing enhancement of Blackpanda's playbooks, tools, automation processes, and methodologies β identifying slow, fragile, or redundant elements and assisting in their resolution.
β’ A minimum of 3 years of professional experience in cybersecurity, including hands-on incident response in a client-facing capacity.
β’ Proven track record of leading investigations from start to finish across common incident types (e.g., BEC, ransomware/DFIR, data breaches, compromise assessments, insider threats, digital forensics).
β’ Strong technical expertise in Windows, Linux, and macOS environments, along with familiarity with at least one major cloud service provider.
β’ Proficient scripting skills in Python, Bash, or PowerShell β capable of developing collection, parsing, or automation tools independently.
β’ Excellent written and verbal communication skills in English; able to produce client deliverables, facilitate client meetings, and represent Blackpanda effectively in high-pressure situations.
β’ Sound judgment in ambiguous situations β comfortable making technical and commercial decisions amidst rapidly changing and incomplete information.
β’ Composed under pressure, exhibiting the professional demeanor expected of a senior client-facing professional.
β’ Health insurance
β’ Professional development opportunities
Digital Federal Credit Union
Lucet
NJM Insurance Group
Get handpicked remote jobs straight to your inbox weekly.