IR Recovery Lead - ITGP

Job Title: IR Recovery Lead 
Location: Remote 
Contract Duration: 6 Months 
Employment Type: Contract 

Position Overview: 

We are seeking a seasoned IR (Incident Response) Recovery Lead for a 6-month remote contract opportunity. This individual will serve as the primary cybersecurity point of contact during recovery operations, providing leadership and guidance to both internal teams and client stakeholders. The IR Recovery Lead will ensure that all recovery and restoration efforts follow security best practices, meet compliance requirements, and maintain overall operational stability. 

Key Responsibilities: 

• Serve as the lead security liaison for the client and all key stakeholders throughout the incident response and recovery process. 

• Coordinate and oversee the recovery and restoration of critical IT services, systems, and functions with a focus on security, manageability, and stability. 

• Develop and maintain incident recovery plans and ensure alignment with broader business continuity and disaster recovery strategies. 

• Plan and prioritize daily and weekly recovery tasks based on business needs and risk assessments. 

• Work closely with the Project Management Office (PMO) to provide updates on task status, issues, risks, and escalations. 

• Ensure industry-standard best practices in the areas of incident response, cybersecurity operations, and post-incident remediation. 

• Guide technical teams in applying security controls during restoration efforts to mitigate future risks. 

• Participate in post-incident reviews to document lessons learned and recommend long-term improvements. 

Required Qualifications: 

• 5+ years of experience in cybersecurity incident response and recovery leadership roles. 

• Proven ability to manage cross-functional teams and recovery activities under pressure. 

• Strong understanding of security frameworks (e.g., NIST, ISO 27035) and incident response lifecycle. 

• Experience working with security operations teams, forensics, and cybersecurity analysis. 

• Excellent communication, coordination, and documentation skills. 

• Ability to operate effectively in remote, high-stakes environments. 

Preferred Qualifications: 

• Industry certifications such as CISSP, CISM, GCIH, or CRISC. 

• Experience in disaster recovery, business continuity planning, or crisis management. 

• Knowledge of cloud-based environments (AWS, Azure, or GCP) and related recovery best practices.