Incident Response Manager (Cybersecurity)

We are a fusion power company based in Everett, WA, with the mission to build the world's first fusion power plant, enabling a future with unlimited clean electricity. Our vision is a world with clean, reliable, and affordable energy for everyone.

Since Helion's founding in 2013, we have raised over $600 million from investors such as Sam Altman, Mithril, and Capricorn Investment Group to propel us forward. Our last prototype, Trenta, completed 10,000 high-power pulses and reached plasma temperatures of 100 million degrees Celsius (9 keV).

Now we are working toward Polaris, which will be the first machine to demonstrate electricity from fusion, making this a great time to join Helion! Bring your skills, experiences, and determination to make a difference in the world. Together, we can make a future with unlimited clean electricity from fusion a reality.

What You Will Be Doing

As our Incident Response Manager, you will develop and maintain incident response capability. You will manage the end-to-end incident management process, ensuring resolution, minimizing impact, and implementing preventive, detective, response, and recovery measures. You will report directly to the Director of Information Security & Technology at our Everett, WA, office.

You Will:

• Lead the incident response process, from identification to resolution
• Create a collaborative incident response plan and procedures (IRP&P)
• Periodically conduct tabletop exercises with team members to test the IRP&P
• Help select, configure, and tune the security toolbox
• Help deliver security awareness training to meet compliance objectives and enhance our security posture
• Conduct routine internal phishing simulations, manage reported suspicious emails, and distribute communications for emerging cybersecurity threats and trends
• Assess new software and technology requests to determine potential security risks and provide recommendations and guidance to ensure those risks can be sufficiently mitigated
• Be a primary contact for incidents
• Monitor security alerts and incidents, escalating as necessary
• Collaborate with teams to ensure incident resolution
• Contribute to the development and implementation of preventative, detective, response, and recovery measures
• Document incident details, including actions taken
• Maintain accurate and up-to-date incident records for analysis
• Conduct root cause analysis for incidents to identify trends and recurring issues
• Generate reports on incident trends and performance metrics
• Coordinate the remediation of identified vulnerabilities
• Help with information security and information technology projects

Required Skills

• Minimum 8 years working in an Information Security focused role
• Minimum 3 years of experience working in a SOC, or Security Incident Response team, with core responsibilities focused on security event monitoring and incident response
• Strong leadership and communication skills
• Direct experience in creating, documenting, testing, and evolving incident response plans and procedures
• Understanding of incident management best practices
• Relevant Security Certifications such as CISSP, CompTIA Security +, CEH, OSCP
• Experience securing hybrid (Cloud & on-premises) environments with mixed Operating Systems
• Experience conducting security awareness training

The pay range for this position is $120K-$170K. This pay range may be inclusive of several career levels and will be narrowed based on several factors, including the candidate's experience and qualifications.

Benefits and Compensation

Our total compensation package includes generous equity and benefits, including but not limited to:

• Medical, Dental, and Vision plans for employees and their families
• 31 Days of PTO (21 vacation days and 10 sick days)
• 13 Paid holidays, plus company-wide winter break
• Up to 5% employer 401(k) match
• Short term disability, long term disability, and life insurance
• Paid parental leave and support (up to 16 weeks)
• Annual wellness stipend

NOTE: Underrepresented people are less likely to apply unless they meet 100% of the job's requirements. We believe in hiring people, not checklists, and encourage you to apply even if you do not check all of the boxes. If this job isn't the one, we have many other openings that may be a fit.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. If we reach out to you to begin an interview process, we will also ask if you require any reasonable accommodation at that time.