Serve as the initial point of contact for inbound, time-sensitive cyber incidents, monitoring designated intake channels and responding within required timeframes
Coordinate and facilitate rapid scoping calls with clients and internal stakeholders to support swift case activation
Act as a primary client-facing communications contact during early-stage incidents, maintaining clear, calm, and professional engagement under pressure
Collect, organize, and document pre-scoping and intake information required to support operational readiness and Statement of Work (SOW) drafting
Create and manage secure internal communication channels (e.g., Slack or Telegram) for active incidents, ensuring accurate, real-time updates are maintained
Track incident status, action items, and dependencies, proactively following up to keep cases moving forward
Support post-scoping operational steps, including coordination of secure data exchange processes and internal handoffs once approvals are in place
Maintain detailed and organized case notes, timelines, and communication records throughout the lifecycle of an incident
Escalate risks, blockers, or urgent issues promptly to appropriate internal stakeholders
Operate effectively in high-pressure, fast-moving situations, adapting quickly as new information becomes available

Bachelor's degree in a related field or equivalent work experience
Technical proficiency in cyber threat research and analysis
Strong client relationship management skills
Strong written and verbal communication skills, particularly in client-facing and high-pressure environments
Demonstrated ability to stay organized and detail-oriented while managing multiple active incidents
Ability to think quickly, prioritize effectively, and remain composed under pressure
Professional judgment and discretion when handling sensitive information
Strong follow-through and accountability

Tactical Communication Specialist

Key skills