Incident Response Team Lead

Plano, Texas | Yarmouth, Maine | Overland Park, Kansas | Orono, Maine

• Serve as a hands-on responder for security incidents, participating in investigation, containment, eradication, recovery, and post-incident activities.
• Provide day-to-day technical guidance and task coordination for Incident Response analysts during investigations, ensuring work is completed accurately and on time.
• Assist in triaging and prioritizing incidents based on severity, impact, and available resources, escalating issues to management as appropriate.
• Support the creation, development, and maintenance of incident response procedures, playbooks, and documentation to promote consistent investigative practices.
• Review investigative findings, evidence collection, and documentation produced by team members for accuracy and completeness.
• Communicate investigation status and findings to management and cross-functional partners in a clear and timely manner.
• Collaborate with internal teams such as IT, Legal, Privacy, and Compliance during incident response activities.
• Support post-incident reviews by helping identify lessons learned and opportunities for process or technical improvements.
• Mentor and support junior analysts by sharing knowledge, providing feedback, and assisting with skill development.

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field, or equivalent practical experience.
• 2-4 years of experience in security incident response, digital forensics, or a related cybersecurity role.
• Demonstrated experience participating in security incident investigations across multiple stages of the incident lifecycle.
• Prior experience acting as a peer lead, mentor, or primary investigator on incidents is preferred.
• One or more relevant security certifications preferred (e.g., GCIH, GCFA, Security+, or comparable).
• Working knowledge of core Incident Response domains, including:
• Incident Response and Evidence Handling
• Digital Forensics Fundamentals
• Endpoint and Network Investigation Techniques
• Common Attack Vectors and Threat Actor Behaviors
• Familiarity with enterprise environments, including cloud services, SaaS platforms, and modern endpoint technologies.
• Strong analytical, documentation, and problem-solving skills.
• Clear written and verbal communication skills, with the ability to contribute to investigation reports and team briefings.

Come join us as we transform the public sector! Our mission, vision, and values guide everything we do. We're also frequently recognized as a great workplace locally and nationally. See our many awards and accolades.

Your health and well-being are important to us. That's why we invest in our team members by offering competitive benefits to support their health and financial wellness. Learn more about how we care for our people.

Tyler is subject to regulations, guidelines, and/or client requirements relating to the qualifications of Tyler personnel performing certain client work. Because of the nature of this position, it is a requirement that the candidate can successfully pass a federal background check at the time an offer is extended and over the course of employment with Tyler.