IT Security Specialist; Pre-Incident Consulting & Incident Response Lead
Listed on 2026-07-10
-
IT/Tech
Cybersecurity, Information Security
Mirazon is a scaling, people-centered IT company that believes strong security starts long before an incident occurs, and that calm, capable leadership matters most when it does. We’re looking for a Security Specialist who thrives at the intersection of strategy and execution: someone who enjoys strengthening security postures proactively and who can step confidently into high-pressure situations to guide clients through complex cybersecurity events.
Missionof the Position
This role is designed for an experienced individual contributor with deep technical expertise, sound judgment, and executive presence. You value preparation, documentation, and disciplined processes, and you’re equally comfortable designing preventative controls as you are leading incident response efforts in real time. You bring clarity to chaos, translate technical risk into business impact, and act as a trusted advisor to clients when the stakes are highest.
KeyCriteria/Requirements
- 5+ years in cybersecurity or infrastructure security roles
- 3+ years leading security incidents
- Strong experience with:
- Firewalls (Forti Gate, Cisco, Sonic Wall, Palo Alto, etc.)
- Endpoint detection and response (EDR/XDR)
- Microsoft 365 security stack
- Identity and access management
- Backup and disaster recovery systems
- Experience with ransomware containment and recovery
- Deep understanding of networking and Active Directory environments
- Strong written and verbal communication skills
- Ability to lead under pressure
- CISSP
- CISM
- CEH
- GIAC (GCIA, GCIH, etc.)
- Security+
- Microsoft Security certifications
- Vendor firewall certifications
- Conduct comprehensive security risk assessments and gap analyses
- Lead cybersecurity maturity assessments aligned to NIST, CIS, or industry frameworks
- Perform vulnerability assessments and coordinate remediation planning
- Design and review:
- Network security architecture
- Firewall and segmentation strategies
- Endpoint security strategies
- MFA and identity security implementation
- Develop incident response plans and business continuity playbooks
- Conduct tabletop exercises with client executive teams
- Provide executive-level reporting with risk prioritization and budget guidance
- Assist sales/engineering with scoping security engagements and SOW development
- Serve as Incident Response Lead during cybersecurity events
- Direct containment, eradication, and recovery efforts
- Coordinate with:
- Internal engineering teams
- Client leadership
- Insurance carriers
- Legal counsel
- Forensics vendors
- Perform initial triage and determine scope of compromise
- Oversee forensic evidence preservation
- Guide ransomware response and recovery strategy
- Lead root-cause analysis and post-incident reporting
- Develop corrective action plans
- Act as trusted advisor to C-suite and ownership groups
- Translate technical findings into business risk language
- Present findings and remediation plans in board-level settings
- Provide calm, decisive leadership during crisis situations
- Maintain strict confidentiality and professionalism
- Maintain standardized security assessment templates
- Develop and refine internal IR procedures
- Create security standards and best practices
- Ensure all engagements are properly documented in PSA systems
- Contribute to continuous improvement of security offerings
Eligibility begins the first day of full-time employment (date of hire).
- Life Insurance
- Short-term Disability
- Long-term Disability
- Cafeteria Plan – Premium, Medical, & Child Care Reimbursement
- Health Insurance
- Dental Plan
- Vision Plan
Time Off– benefitsaccrueon a pro-rated basis each pay period over a 12-month period with the following maximums:
- Vacation Time –10 daysper calendar year
- Sick Leave– 5 days per calendar year
- Paid Company Holidays (7)
- Paid Floating Holidays (2)
- Volunteer 1
- Cell Phone & Internet Reimbursement
- 401K Matching
- Referral Bonuses
- Tuition Reimbursement
- Performance Incentives
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).