Head of Cyber Incident Response

Head of Cyber Incident Response

Position Overview

Guardian is seeking a Head of Cyber Incident Response to lead enterprise‑wide cyber incident response and threat mitigation efforts. This role requires a proven cybersecurity leader with strong technical depth, sound judgment, and the ability to lead teams through high‑impact events while partnering effectively across the organization.

The ideal candidate brings hands‑on incident response expertise, strong communication skills, and experience operating in regulated environments. This leader drives preparedness, response, and continuous improvement while living Guardian’s operating principles and leading through change with confidence.

You Have

• 7+ years of broad cybersecurity or technology experience, including public cloud environments
• 5+ years of leadership experience in cybersecurity or incident response roles
• Deep knowledge of incident response methodologies, evidence preservation and handling
• Knowledge of NIST CSF, MITRE, and other cybersecurity frameworks, with experience in vulnerability research and mitigation
• Hands‑on experience with malware analysis and responding to multiple cyber‑attack types, including ransomware incidents
• Strong written and verbal communication skills with experience engaging technical and non‑technical stakeholders
• Experience working cross‑functionally with Legal, HR, Compliance, Communications, IT, and business leaders
• Knowledge of threat hunting, cyber threat intelligence, and risk mitigation strategies
• Experience in financial services or other regulated environments, including U.S. privacy regulations
• Ability to lead, develop, and retain high‑performing, diverse teams
• Knowledge of SIEM, XDR, and SOAR platforms (Splunk preferred), including logging, monitoring, insider threat, and UBA concepts
• BA/BS or MS in a relevant field; cybersecurity certifications preferred
• A continuous learner with an analytical and improvement‑focused mindset

You Will

• Lead Guardian’s Cyber Incident Response and Threat Mitigation function
• Own incident response strategy, operations, plans, playbooks, and communication protocols
• Run the Corporate Cyber Incident Response Team, coordinating response across technology and business teams
• Lead triage and response for major incidents escalated from the SOC
• Build strong operational readiness through tabletop exercises, testing, and cross‑team collaboration
• Partner with business continuity and disaster recovery teams to ensure integrated response to large‑scale incidents
• Oversee third‑party incident response retainers and external engagements
• Ensure incidents are properly handled, documented, reported, and reviewed with clear metrics and lessons learned
• Drive continuous improvement in detection, logging, monitoring, and UBA capabilities
• Identify and champion risk mitigation opportunities across the enterprise
• Collaborate with cybersecurity leadership on strategy, vendor management, and talent development
• Support audits, due‑diligence requests, and regulatory inquiries
• Hire, mentor, and develop team members, including performance and career management

Location and Travel

• Hybrid: Three days per week onsite at a Guardian office in New York, NY or Holmdel, NJ
• Up to 20% travel as needed

Salary Range:

The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation.

Our Promise

At Guardian, you’ll have the support and flexibility to achieve your professional and personal goals.  Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

Inspire Well-Being

As part of Guardian’s Purpose – to inspire well-being – we are committed to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues. Explore our company benefits at www.guardianlife.com/careers/corporate/benefits. Benefits apply to full-time eligible employees. Interns are not eligible for most Company benefits.

Equal Employment Opportunity

Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.

Accommodations

Guardian is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Guardian also provides reasonable accommodations to qualified job applicants (and employees) to accommodate the individual's known limitations related to pregnancy, childbirth, or related medical conditions, unless doing so would create an undue hardship. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact MyHR@glic.com. Please note: this resource is for accommodation requests only. For all other inquires related to your application and careers at Guardian, refer to the Guardian Careers site.

Visa Sponsorship

Guardian is not currently or in the foreseeable future sponsoring employment visas. In order to be a successful applicant. you must be legally authorized to work in the United States, without the need for employer sponsorship.

Notice Regarding Guardian’s Use of Artificial Intelligence in Recruitment

As part of Guardian’s job application process, Guardian may use artificial intelligence tools (“AI Tools) to automate the sorting and filtering of information provided by applicants as part of its preliminary screening. This preliminary screening may be used to help identify applicant materials and resumes relative to their indication that the applicant meets the requirements for the specific job for which they are applying, as specified in the listing posted on Guardian’s jobs website (Careers at Guardian at https://www.guardianlife.com/careers). At Guardian, we do not use AI Tools to substantially assist or replace human judgment or discretionary decision making in our hiring process. All hiring decisions will be made by Guardian colleagues.

Please be aware that if you apply for a specific position with Guardian, you will have the choice of opting out of Guardian’s use of AI Tools during the job application process. If you would like to request an alternative process that does not utilize AI Tools or would like to request a reasonable accommodation, within ten business days of your position application, you must email your request to MyHR@glic.com, making sure to provide your name and job requisition identification number. Guardian will retain your applicant materials and resume and all information therefrom in accordance with Guardian’s document retention policy, a copy of which you may request via MyHR@glic.com.

Additionally, at applicable times, Guardian will make public the most recent bias audit results for such AI tools, which may be found here. 

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday.