Incident Response Lead
About The Position
Teladoc Health is seeking an experienced Cyber Incident Response Lead to spearhead our organization's efforts in responding to cybersecurity incidents. This role will lead complex incident investigations, coordinate cross-functional response efforts during security events, drive containment/eradication/recovery activities, and continuously improve the incident response program. This position combines hands-on technical response leadership with strategic oversight, stakeholder communication (including executive-level), and mentorship of analysts/engineers. You will serve as a key escalation point for high-severity incidents and help shape the organization's resilience against evolving threats (ransomware, supply-chain attacks, nation-state actors, etc.).
Requirements
- 7+ years of experience in cybersecurity, with at least 5 years in an incident response or SOC lead capacity
- Deep hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel), EDR tools, and network forensics
- Strong understanding of attacker tactics, techniques, and procedures (TTPs) as mapped to the MITRE ATT&CK framework
- Proficiency in digital forensics, malware triage, and log analysis across Windows, Linux, and cloud environments
- Experience leading response efforts for major incident types including ransomware, data exfiltration, BEC, and insider threats
- Excellent communication skills — able to translate technical findings into clear, executive-level briefings
- Relevant certifications such as GCIH, GCFE, GCFA, CISSP, or equivalent
Nice To Haves
- Experience with cloud security incidents across AWS and Azure.
- Familiarity with regulatory and legal considerations (e.g., HIPAA, PCI-DSS breach notification requirements)
- Prior experience in regulated industries (finance, healthcare, critical infrastructure) or supporting executive-level communications during breaches.
- Experience leading small-to-medium IR teams or acting as primary incident commander.
Responsibilities
- Lead end-to-end incident response activities, from initial triage and containment through eradication, recovery, and post-incident review.
- Develop and continuously improve incident response playbooks, runbooks, and standard operating procedures, ensuring the team is prepared for a wide range of threat scenarios.
- Serve as the primary point of coordination between technical teams, senior leadership, legal, and communications stakeholders during active incidents.
- Conduct threat hunting exercises and proactive analysis to identify indicators of compromise before they escalate.
- Mentor and develop junior analysts, conduct tabletop exercises and simulations, and track lessons learned to drive meaningful improvements to our security posture.
- Manage relationships with external forensics firms, law enforcement, and industry threat-sharing groups as needed.
Benefits
- performance bonus
- benefits (subject to eligibility requirements) listed here: Teladoc Health Benefits 2026
- Flexible Vacation Policy, intended for rest, relaxation, and personal time.
- 80 hours of Paid Sick, Safe, and Caregiver Leave annually.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
