Incident Response Lead, Cyber Security
Alignerr • Remote • Posted 0 days ago
Education
Any
Type
Pay Rate
$60/task
Posted
0d ago
✅ Applying through this link gives you a verified candidate referral.
Referrals from verified candidates give your profile a visibility boost and help support our platform at no cost to you.
This position is hosted on an external talent platform. Please only apply for this position if it fits your skills and interests.
About this Role
What You'll Do
- Evaluate detection alert pipelines, triage workflows, and escalation pathways for quality and consistency
- Assess the completeness and effectiveness of incident response actions across real or simulated timelines
- Identify critical gaps in logging coverage, detection logic, and containment procedures
- Review and validate incident response playbooks for clarity, accuracy, and operational feasibility
- Summarize recurring incident patterns and pinpoint operational bottlenecks
- Support ongoing assessments of SOC maturity and overall response readiness
- Deliver structured, analytical documentation that drives actionable improvements
About the Role
What if your hard-won experience in the SOC trenches could directly strengthen how organizations detect, respond to, and contain real threats? We're looking for a seasoned Incident Response Lead to independently evaluate SOC operations — reviewing detection workflows, stress-testing playbooks, and surfacing the gaps that keep security teams up at night. This is a fully remote, flexible contract engagement. If you've lived through real incidents, built response processes from scratch, or spent time hunting for what others missed — this is work that will feel both familiar and meaningful.
- Type: Hourly Contract
- Location: Remote
- Commitment: Flexible
Who You Are
Must-Have: Nice to Have:
- Hands-on experience in SOC operations, incident response leadership, or cybersecurity operations
- Strong working knowledge of detection engineering, response workflows, and incident lifecycle management
- Sharp analytical thinking with the ability to translate findings into clear, structured written assessments
- Comfortable working independently and delivering consistent, high-quality evaluations
- Familiarity with SIEM platforms (e.g., Splunk, Sentinel, Chronicle)
- Experience with EDR tools and cloud-native detection systems
- Background in threat intelligence, purple teaming, or adversary simulation
- Relevant certifications such as GCIH, GCFA, CISSP, or equivalent
Why Join Us
- Apply deep security expertise to work that has a real, measurable impact on organizational resilience
- Fully remote and flexible — complete assessments on a schedule that works for you
- Freelance autonomy with meaningful, structured task-based work
- Engage with a diverse range of SOC environments, toolsets, and operational challenges
- Potential for ongoing work and contract extension across new assessments and engagements
Requirements
- Fluent proficiency in English (Written & Verbal)
- Reliable high-speed internet connection
- Bachelor's degree or equivalent professional experience
- Demonstrated expertise in Software Engineering
Compensation Analysis
What if your hard-won experience in the SOC trenches could directly strengthen how organizations detect, respond to, and contain real threats? We're looking for a seasoned Incident Response Lead to independently evaluate SOC operations — reviewing detection workflows, stress-testing playbooks, and surfacing the gaps that keep security teams up at n
Skills & Categories
Explore other opportunities in related specializations:
Related Jobs
Browse All Jobs from Alignerr
Discover more opportunities on Alignerr that match your skills and interests.
View All Alignerr Jobs →Community Reviews
Leave your review
Frequently Asked Questions
What is the assessment actually like?
Notoriously strict. Alignerr uses TestGorilla for role-specific timed tests — a blank coding environment for engineers, rigorous grammar and fact-checking for writers. There is almost no hand-holding. The critical catch: this is essentially a one-shot process. Fail or abandon the assessment, and you are typically locked out of that role permanently with no option to retake.
How quickly can I start earning after I pass?
Not immediately. Even after passing the assessment and completing identity verification (via Persona) and billing setup (via Deel), you may sit in a waiting pool for weeks or months. You only start earning when a project matching your specific skills launches and you are officially assigned. Do not plan around Alignerr income until you are actively on a project.
Is there a community?
Yes — and it is one of Alignerr's genuine strengths. Once assigned to a project, you are added to Slack channels where you can ask questions, get rubric clarifications from admins, and talk to other AI trainers. This is rare in AI training and makes a real difference when guidelines are ambiguous or change mid-project.
What does the work actually look like?
It is practical, hands-on data work. You might be recording short videos, categorizing images, rating text responses, or analyzing data. The tasks are designed to be short and distinct—typically 5-60 minutes per task.
How flexible is the schedule?
Extremely. This is true "log in and work" flexibility. You can usually work for 20 minutes or 4 hours depending on your availability. There are rarely minimum hour requirements, making it ideal for side income.
Is there an interview?
Usually, no. Hiring for these roles is almost entirely based on passing an automated assessment or "qualification" task. If you pass the test, you get access to the work.
What is the barrier to entry?
Alignerr is known for difficult technical assessments. You must pass a timed test in your specific domain (e.g., Python, Physics, or Language) before you are eligible for any paid projects.