Incident Response Coordinator

The Computing Services central IT department provides services that have a strategic impact on university goals. We make service decisions based on interaction and valuable input from colleagues engaged in the education, research, and administration efforts of the university. We are a learning organization and approach successes and mistakes as a learning experience to continually cultivate a culture of intelligent risk taking. We want to hire versatile team members who are inspired and passionate about their work. Join us and be part of a team committed to excellence, innovation, diversity, team and individual growth.

CMU’s Computing Services’ Information Security Office is searching for a Principal Information Security Engineer/Incident Response Coordinator.

This is an excellent opportunity for someone who thrives in an interesting and challenging work environment. The Principal Information Security Engineer/Incident Response Coordinator (PISE/IRC) is responsible for managing and coordinating the organization’s prevention and  response to cybersecurity incidents. This role ensures that incidents are prevented, detected, contained, investigated, and remediated efficiently and consistently, minimizing business impact and strengthening cyber resilience.

The PISE/IRC leads in the planning, coordination, and review of incident management and control functions and advises on preventive and detective measures in pursuit of adequate information, computer, and network security on campus. This includes responding to incidents, policy violations, and DMCA notices; analyzing and securing compromised computer systems; working with other groups in the division to assist in securing services as needed; providing documentation and announcements as regards incident handling, reporting on trends and apparent control gaps, and responding to requests from law enforcement, the Office of General Counsel, and other campus constituents related to information security concerns.

The ideal candidate combines strong technical understanding with exceptional oral and written communication, organization, and decision-making skills.

Your core responsibilities will include:

• Lead and coordinate the end-to-end incident response process from prevention, detection, and response through to post-incident review.

• Serve as the primary point of contact during active security incidents, ensuring timely escalation and clear communication across teams.

• Collaborate with SOC analysts, threat hunters, and system owners to analyze, contain, and remediate threats.

• Maintain and continuously improve incident response plans, playbooks, and communication protocols.

• Facilitate incident response exercises, simulations, and tabletop scenarios to build readiness.

• Coordinate with external stakeholders, including law enforcement, regulatory bodies, and third-party service providers, when required.

• Track incident metrics and produce executive-level reporting and after-action reviews.

• Contribute to threat intelligence sharing and ensure lessons learned are incorporated into security controls and training.

• Support policy and compliance efforts related to incident handling, data protection, and reporting obligations.

• Provide front-line support including SOC coverage and 24x7 on-call rotation, forensic analysis, tool evaluation, eDiscovery support, and training.

• Supervise incident response team staff.

• A combination of education and relevant experience from which comparable knowledge is demonstrated may be considered.

• Other related duties as assigned.

Flexibility, excellence, and passion are vital qualities within Computing Services. Inclusion, collaboration, and cultural sensitivity are valued competencies at CMU. Therefore, we are in search of a team member who is able to effectively interact with a varied population of internal and external partners at a high level of integrity. We are looking for someone who shares our values and who will support the mission of the university through their work.

Qualifications:

• Bachelor's Degree

• 8-10 years of years experience with information security and incident handling in a complex, distributed computing environment. Knowledge of contemporary computing technologies,

Requirements:

• Successful background check

• This position involves access to items or technical data controlled under the U.S. International Traffic in Arms Regulations (“ITAR”).  Under U.S. export control laws, restrictions apply to the release or disclosure within the United States of ITAR-controlled technical data to individuals who are NOT “U.S. Persons.”  U.S. Persons include U.S. citizens, U.S. nationals, persons lawfully admitted for U.S. permanent residence (“green card” holders), persons granted U.S. asylum status and persons granted U.S. refugee status.  

• Carnegie Mellon’s Computing Services can rely on ITAR authorizations to provide access to ITAR-controlled items for certain eligible applicants who are not U.S. Persons.  However, for Computing Services to ensure compliance with the ITAR, applicants who are NOT U.S. Persons are not eligible for this position if they are current or former permanent residents, nationals, or citizens of the following arms-embargoed or ITAR-restricted countries: Afghanistan, Belarus, Burma, Cambodia, Central African Republic, China, Cuba, Cyprus, Democratic Republic of Congo, Ethiopia, Eritrea, Haiti, Iran, Iraq, Lebanon, Libya, Nicaragua, North Korea, Russia, Somalia, South Sudan, Sudan, Syria, Venezuela, and Zimbabwe.

"Applicants for this position must be currently legally authorized to work for CMU in the United States. CMU will not sponsor or take over sponsorship of an employment visa for this opportunity."

Are you interested in this exciting opportunity?! Apply today!

Joining the CMU team opens the door to an array of exceptional benefits.

Benefits eligible employees enjoy a wide array of benefits including comprehensive medical, prescription, dental, and vision insurance as well as a generous retirement savings program with employer contributions. Unlock your potential with tuition benefits, take well-deserved breaks with ample paid time off and observed holidays, and rest easy with life and accidental death and disability insurance. 

Additional perks include a free Pittsburgh Regional Transit bus pass, access to our Family Concierge Team to help navigate childcare needs, fitness center access, and much more!

For a comprehensive overview of the benefits available, explore our Benefits page.

At Carnegie Mellon, we value the whole package when extending offers of employment. Beyond credentials, we evaluate the role and responsibilities, your valuable work experience, and the knowledge gained through education and training. We appreciate your unique skills and the perspective you bring. Your journey with us is about more than just a job; it’s about finding the perfect fit for your professional growth and personal aspirations.

Are you interested in an exciting opportunity with an exceptional organization?! Apply today!

Location

Pittsburgh, PA

Job Function

Security

Position Type

Staff – Regular

Full Time/Part time

Full time

Pay Basis

Salary

More Information: