Principal Incident Commander

The Principal Incident Commander is a senior role within Mimecast Global Supports Technical Customer Solutions team. Theyare responsible forleading and coordinating theresponse to critical and high-impact technicalincidents. This role requiresstrong communicationskills the ability to manage cross-functional initiatives and processes and a strategic mindset to ensure rapid incident resolution while minimizing business impact and minimizing customer risk.

What Youll Do:

• Lead and coordinate end-to-end incident response efforts for critical and high-severity incidents ensuringtimelydetection containment eradication andrecovery

• Serve as the primary Incident Commander during major incidents making real-time decisions and managing incident workflows

• Coordinate cross-functional teams including Security Operations Engineering Product Customer Support Sales and Customer Success to ensure unified and efficient incident resolution

• Partner with Legal/GCO teams to ensure incident management processes align with regulatory compliance and contractual obligations includingtimelynotification documentation and coordination on sensitive or escalated incidents

• Communicate clearly and effectively with all stakeholders including customers executives and internal teams providing regular updates and managing expectations

• Drive root cause analysis and forensic investigations toidentifyincident origins and prevent recurrence

• Developmaintain and improve incident response processes playbooks and workflows to enhance organizational readiness and response capabilities

• Lead post-incident reviews and lessons learned sessions to drive continuous improvement and knowledge sharing

• Mentor and train incident response team members and other stakeholders on best practices and incident management methodologies

• Collaborate with threat intelligence and security teams to stay informed on emerging threats and incorporate intelligence into response strategies

• Oversee escalation management for critical customer issues ensuring VIP and high-priority cases receiveappropriate attentionand resolution

• Drive initiatives to automate and streamline incident response processes and reporting

What Youll Bring:

• Proven experience(8 years) in incident response management technical support leadership or a related role in a complex IT or cybersecurity environment

• Exceptional verbal and written communication skills with the ability to convey complex technical information clearly to both technical and non-technical audiences

• Demonstrated ability to lead and manage cross-functional teams and coordinate multiple stakeholders during high-pressure incidents

• Strong problem-solving and analytical skills including experience with root cause analysis and forensic investigation techniques

• Ability to work effectively in a fast-paced dynamic environment with competing priorities

• Ownership mentality with a focus on accountability continuous improvement and customer satisfaction

• Experience mentoring and training technical teams and driving process improvements

• Deep understanding of IT infrastructure networking security principles and incident response frameworks (e.g. SANS NIST)

• Experience with incident management tools and IT service management platforms (e.g. Zendesk Jira)

• Familiarity with industry best practices and standards such as ITIL CISSP CISM GIAC certifications (e.g. GCIH GEIR) is highly desirable

• Experience working in a global 24/7 support environment with follow-the-sun operational models

The base salary range for this position is $144000$216000 plus benefits. This range represents the minimum and maximum new hire compensation for this role. The position may also be eligible for incentive plans and additional benefits in accordance with company policy and local regulations. Our salary ranges are determined by role level and location with individual compensation also dependent on factors such as qualifications experience and skills. Final offers will reflect these considerations and may vary accordingly.

#LI-ND1