Principal Incident Commander

The Principal Incident Commander is a senior role within Mimecast Global Supports Technical Customer Solutions team. They are responsible for leading and coordinating the response to critical and high-impact technical incidents. This role requires strong communication skills the ability to manage cross-functional initiatives and processes and a strategic mindset to ensure rapid incident resolution while minimizing business impact and minimizing customer risk .

What Youll Do :

Lead and coordinate end-to-end incident response efforts for critical and high-severity incidents ensuring timely detection containment eradication and recovery

Serve as the primary Incident Commander during major incidents making real-time decisions and managing incident workflows

Coordinate cross-functional teams including Security Operations Engineering Product Customer Support Sales and Customer Success to ensure unified and efficient incident resolution

Partner with Legal / GCO teams to ensure incident management processes align with regulatory compliance and contractual obligations including timely notification documentation and coordination on sensitive or escalated incidents

Communicate clearly and effectively with all stakeholders including customers executives and internal teams providing regular updates and managing expectations

Drive root cause analysis and forensic investigations to identify incident origins and prevent recurrence

Develop maintain and improve incident response processes playbooks and workflows to enhance organizational readiness and response capabilities

Lead post-incident reviews and lessons learned sessions to drive continuous improvement and knowledge sharing

Mentor and train incident response team members and other stakeholders on best practices and incident management methodologies

Collaborate with threat intelligence and security teams to stay informed on emerging threats and incorporate intelligence into response strategies

Oversee escalation management for critical customer issues ensuring VIP and high-priority cases receive appropriate attention and resolution

Drive initiatives to automate and streamline incident response processes and reporting

What Youll Bring :

Proven experience (8 years) in incident response management technical support leadership or a related role in a complex IT or cybersecurity environment

Exceptional verbal and written communication skills with the ability to convey complex technical information clearly to both technical and non-technical audiences

Demonstrated ability to lead and manage cross-functional teams and coordinate multiple stakeholders during high-pressure incidents

Strong problem-solving and analytical skills including experience with root cause analysis and forensic investigation techniques

Ability to work effectively in a fast-paced dynamic environment with competing priorities

Ownership mentality with a focus on accountability continuous improvement and customer satisfaction

Experience mentoring and training technical teams and driving process improvements

Deep understanding of IT infrastructure networking security principles and incident response frameworks (e.g. SANS NIST)

Experience with incident management tools and IT service management platforms (e.g. Zendesk Jira)

Familiarity with industry best practices and standards such as ITIL CISSP CISM GIAC certifications (e.g. GCIH GEIR) is highly desirable

Experience working in a global 24 / 7 support environment with follow-the-sun operational models

The base salary range for this position is $144000$216000 plus benefits. This range represents the minimum and maximum new hire compensation for this role. The position may also be eligible for incentive plans and additional benefits in accordance with company policy and local regulations. Our salary ranges are determined by role level and location with individual compensation also dependent on factors such as qualifications experience and skills. Final offers will reflect these considerations and may vary accordingly.

#LI-ND1

Belonging at Mimecast

Cybersecurity is a community effort. Thats why were committed to building an inclusive diverse community that celebrates and welcomes everyone unless theyre a cybercriminal of course.

Were proud to be an Equal Opportunity and Affirmative Action Employer and wed encourage you to join us whatever your background. We particularly welcome applicants from traditionally underrepresented groups.

We consider everyone equally : your race age religion sexual orientation gender identity ability marital status nationality or any other protected characteristic wont affect your application.

If you require any adjustments or accommodations due to a disability or any other reason that may help you in your interview process please let us know by emailing

Due to certain obligations to our customers an offer of employment will be subject to your successful completion of applicable background checks conducted in accordance with local law.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment.

Required Experience :

Staff IC

Key Skills

Analysis,ABB,Information Technology Sales,Import & Export,Interventional Cardiology,Manual Testing

Employment Type : Full-Time

Experience : years

Vacancy : 1