Incident Response Lead - Remote

Our story
Strada is a technology-enabled, people powered company committed to delivering world-class payroll, human capital management, and financial management solutions to organizations globally.
With a team of more than 8,000 experts and over 30 years of expertise, Strada blends leading-edge technology with human ingenuity to help businesses across the globe design and deliver at scale. Supporting over 1,400 customers in 33 countries, Strada partners with customers at every stage of their journey, to help drive their vision forward.
It’s why we’re so driven to connect passion with purpose. Our team’s experience in human insights and cloud technology gives companies and employees around the world the ability to power confident decisions, for life.
With a comprehensive total rewards package, continuing education and training, and tremendous potential with a growing global organization, Strada is the perfect place to put your passion to work.
To learn more about us, visit stradaglobal.com

We are looking for a highly skilled and motivated Incident Response Lead to join our cybersecurity team. This individual will serve as the operational backbone of how Strada handles incidents and ensures Strada is prepared to respond effectively to cybersecurity incidents. This is an individual contributor leadership role with significant cross-functional influence. When things go wrong, you are the person who makes sure the right people are in the room, the right information is flowing, and nothing falls through the cracks. The right person for this role brings structure and rigor to complex situations, drives timely decisions, and helps restore services safely and quickly without waiting for a playbook to be handed to them. This role will strengthen Strada’s incident response readiness by maturing processes, playbooks, escalation paths, exercises, and cross-functional operating mechanisms. You will be a self-starter who turns ambiguity into practical, repeatable operating mechanisms and moves work forward without waiting for detailed direction. The role will partner closely with the SOC Leads, who own monitoring operations, detection engineering, alert triage processes, SIEM management, and SOC team performance.

Lead Cybersecurity Incident Response

• Act as incident lead for major cybersecurity incidents, establishing severity, objectives, workstreams, decision rights, communication cadence, and escalation paths.
• Direct the end-to-end response through validation and scoping, containment, eradication, recovery, and closure, maintaining a clear record of timelines, decisions, actions, and owners.
• Coordinate security, infrastructure, cloud, identity, network, application, vendor, and business teams to restore affected services safely and validate operational stability and residual risk.
• Provide concise, timely situation reports and decision recommendations to executives and stakeholders, translating technical findings into business impact and required actions.
• Partner with Legal, Privacy, Risk, Communications, Human Resources, Business Continuity, and customer-facing teams to meet regulatory, contractual, insurance, notification, and crisis communication obligations.

Build readiness for incidents

• Own and mature incident response by establishing processes, enhancing tooling, and defining operational standards for handling incidents at scale
• Continually improve the incident response framework, major-incident plans, escalation criteria, call trees, and response and recovery playbooks, including clear handoffs with other teams.
• Design and facilitate tabletop exercises and simulations to test technical readiness, decision-making, communications, and recovery arrangements.
• Perform incident readiness activities, and support additional cybersecurity initiatives as needed in a dynamic global corporate environment

Coach and enable the organization

• Provide expert guidance on complex incidents and mentor responders, analysts, and technical stakeholders in effective incident management practices.
• Lead post-incident reviews, assign and track corrective actions, and ensure lessons learned improve controls, architecture, detections, response capability, and operational resilience.

• Have 5+ years of experience in incident management, with direct experience leading high-severity cybersecurity incidents in complex, global, or distributed environments.

• Have built or significantly shaped an incident response program, ideally in an environment where you had to create structure rather than inherit it
• Demonstrate a strong sense of ownership and urgency, with the ability to operate independently and make sound decisions under pressure without waiting for direction
• Are comfortable working in unprecedented situations where processes are still being defined and guidance may be incomplete or conflicting, leaving things better than you found them
• Have a track record of effective cross-functional collaboration, particularly with technology, product, security, legal, communications, and executive leadership
• Have experience with cloud infrastructure incidents and enough technical depth across the stack to engage meaningfully with technology teams during response, including comfort navigating distributed systems, monitoring tools, and logs
• Are analytically minded, with experience using data (incident metrics, queries, trend analysis) to inform decisions during response and to drive operational improvements over time
• Excellent communication skills with the ability to communicate clearly and calmly under pressure, both in real-time coordination and in post-incident written communications
• A strong record as a self-starter: you anticipate needs, identify gaps, set priorities, and drive work to completion with limited direction.
• Strong process-design and documentation skills, including process mapping, runbook development, workflow design, and translating lessons into repeatable operating practices.
• Proven coaching, facilitation, and change-enablement skills, with the ability to raise the capability and confidence of technical and non-technical stakeholders.
• Strong knowledge of incident response methodologies and frameworks, including NIST SP 800-61, the SANS incident response lifecycle, and MITRE ATT&CK.
• Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience
• Relevant certifications such as CISSP, GCIA, or equivalent are a plus.

• An opportunity to play a critical role in building a new cybersecurity organization.
• A dynamic and collaborative work environment.
• Professional development and career growth opportunities.
• Competitive salary and benefits package.
• Flexible working arrangements.

If you are passionate about cybersecurity, thrive in a dynamic environment, and want to contribute to building a robust security program from the ground up, we encourage you to apply and be part of our journey at Strada Global.

At Strada, our values guide everything we do:

• Anticipate Customer Needs – We stay ahead of trends so our customers can grow and succeed.

• Own the Outcome – We take responsibility for delivering excellence and ensuring things get done right.

• Challenge Ourselves to Work Smarter – We move faster than the world around us to drive change and accomplish more.

• Empower Each Other to Solve Problems – We tackle challenges head on, ask tough questions, and collaborate to find the best solutions.

• Care About Our Work – We understand that what we do impacts millions, and we have a responsibility to get it right.

Benefits

At Strada, we support your whole self—offering a range of benefits for your health, wellbeing, finances, and future. These include health coverage, wellbeing programs, paid leave (vacation, sick, parental), retirement plans, learning opportunities, and more.

All offers are contingent on successful completion of background checks, where permitted by law and as appropriate for the role. These may include identity, education, employment, and in some cases, criminal history verification, checks against global watchlists, credit reports, and/or drug testing. You’ll be informed of the specific checks applicable to your role and location during the recruitment process.

Our commitment to Diversity and Inclusion

Strada is dedicated to fostering a diverse, equitable, and inclusive workplace where everyone feels valued and supported. We believe that embracing differences strengthens our teams and drives innovation and success.

Equal Employment Opportunity Statement

Strada is an Equal Opportunity Employer and prohibits discrimination based on legally protected characteristics. We provide reasonable accommodation for disabilities and religious practices. Applicants may request reasonable accommodation by contacting their recruiter.

Authorization to work in the Employing Country

To be considered, you must have current and future work authorization in the country where you're applying, without the need for visa sponsorship by Strada.

We offer you a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.

Salary Pay Range

Minimum - Maximum:

Pay Transparency Statement: Strada considers a variety of factors in determining whether to extend an offer of employment and in setting the appropriate compensation level, including, but not limited to, a candidate’s experience, education, certification/credentials, market data, internal equity, and geography. Strada makes these decisions on an individualized, non-discriminatory basis. Bonus and/or incentive eligibility are determined by role and level.

DISCLAIMER:

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Strada business units.