×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Principal Lead Analyst, Detection & Response Team; DART

Job in Atlanta, Fulton County, Georgia, 30383, USA
Listing for: Dormont Manufacturing Co
Full Time position
Listed on 2026-07-04
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 168000 - 195000 USD Yearly USD 168000.00 195000.00 YEAR
Job Description & How to Apply Below
Position: Principal Lead Analyst, Detection & Response Team (DART)

About the Role

As the Principal Lead Analyst of DART, you are the ultimate technical authority for cyber defense and incident response. This high‑impact leadership role combines elite technical expertise with strategic vision. You will oversee the organization’s most complex security breaches, drive the evolution of our threat‑hunting program, and mentor a growing team of responders to ensure the organization is not just “ready” for a crisis, but resilient enough to withstand one.

This role partners closely with Cyber Intelligence, Defense and Response, Application Security, and Cyber Resilience teams, and supports incident response efforts as an expert resource on adversarial capabilities.

Responsibilities Strategic Incident Command (Major Incidents)
  • Incident Commander:
    Serve as the primary Incident Commander for all Tier 3/Critical‑level events, directing the technical response across work streams (Forensics, Network, Cloud, Legal, and PR).
  • Crisis Communication:
    Act as the technical voice for executive leadership. Translate complex exploit chains and technical risks into business‑impact narratives for the C‑Suite and Board of Directors.
  • Adversary Emulation:
    Lead “Purple Team” exercises to test DART’s readiness against specific APT groups and real‑world attack scenarios.
Advanced Detection & Hunting Strategy
  • Threat Hunting Architecture:
    Design and oversee the organization’s long‑term threat‑hunting roadmap, ensuring coverage across the MITRE ATT&CK framework for Cloud (Azure/AWS), Identity, and On‑Prem infrastructure.
  • Detection Engineering Oversight:
    Collaborate with engineering teams to ensure hunt findings are converted into high‑fidelity, automated detections and SOAR workflows.
  • Intelligence Integration:
    Direct the consumption of tactical and strategic Threat Intelligence to proactively “harden” the environment before a known threat actor targets the industry.
Technical Leadership & Mentorship
  • Force Multiplier:
    Elevate the entire SOC/DART capability by providing technical mentorship to L1 and L2 analysts. Responsible for the technical “QA” of the team’s investigative output.
  • Tooling & Innovation:
    Evaluate and select next‑generation forensic and response technologies, driving the business case for new security investments.
  • Post‑Incident Strategy:
    Lead the “Lessons Learned” process for major incidents, ensuring root causes result in fundamental shifts in the enterprise security posture.
Skills and Qualifications Technical Requirements
  • Experience: 8+ years in Cybersecurity, with at least 5 years in a dedicated Incident Response or DFIR role. Proven experience leading response efforts for a large‑scale enterprise or a top‑tier IR firm.
  • Forensics: Solid understanding of deep‑system forensics (Memory, Disk, Network) and specialized experience in Cloud IR (Azure/AWS/O365).
  • Nuix / Axiom Forensic Suite: Deep familiarity with enterprise forensic platforms (Nuix, Magnet AXIOM, EnCase) and the ability to guide L2 analysts.
  • Adversary Knowledge: Expert‑level understanding of TTPs used by state‑sponsored and financially motivated threat actors.
  • Coding for Defense: High proficiency in automation (Python, Power Shell) to build custom response scripts or API integrations between security tools.
Preferred Certifications
  • Advanced SANS: GCFA, GNFA, GREM, or GXPN.
  • Leadership: CISSP‑ISSMP or GCIH.
Soft Skills & Leadership Traits
  • Decisiveness: Ability to make high‑value decisions with limited information during a live attack.
  • Political Acumen: Skill in navigating the complexities of a large organization, working with Legal, Privacy, and Human Resources during sensitive investigations.
  • Resilience: Unwavering composure during high‑stress, 24/7 incident cycles.
Compensation

The anticipated salary range for this position is $168,000 to $195,000 at commencement of employment for the Jersey City, NJ and Woodland Hills, CA area. Candidates may be eligible for a discretionary bonus in accordance with the applicable incentive plan.

Work Location

Positions are based in Corebridge Financial’s Woodland Hills, CA;
Jersey City, NJ; or Houston, TX offices and are subject to a hybrid working policy.

Estimated Travel

May include up to 25% travel.

Benefit…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary