Director of Enterprise Incident Response & Remediation

About

The Director of Enterprise Incident Response & Remediation provides executive leadership for the company’s enterprise‑level cybersecurity incident response capability. The role sets strategic direction, establishes global standards, and exercises oversight across incident response, supplier cyber incident coordination, and enterprise remediation programs. This leader shapes how the organization anticipates, responds to, and learns from cybersecurity events and ensures the corporate environment remains resilient against evolving threats.

Key Responsibilities

• Strategic Leadership & Governance

  • Define the enterprise incident response vision, priorities, and long‑term strategic roadmap.
  • Establish governance structures, escalation pathways, and executive‑level decision frameworks for enterprise cyber events.
  • Provide authoritative guidance to senior leadership during cyber crises, ensuring coordinated, risk‑aligned outcomes.

• Oversight of Enterprise Cyber Incidents

  • Oversee end‑to‑end handling of significant cybersecurity incidents across internal systems, platforms, and networks, ensuring alignment with global processes and regulatory expectations.
  • Direct enterprise‑wide coordination across security, IT, legal, communications, risk, and operations during major cyber events.
  • Provide leadership and direction to Americas‑based Incident Coordinators to ensure consistent global practices.

• Supplier & Third‑Party Cyber Incident Oversight

  • Provide executive oversight for cyber events involving vendors, partners, and supply‑chain entities.
  • Shape expectations for supplier incident reporting, cross‑organizational coordination, and risk‑based response actions.

• Cyber Hygiene & Remediation Leadership

  • Set enterprise approaches for remediation of hygiene and secure configuration issues, and the effective closure of systemic cyber risks.
  • Champion strategic remediation initiatives across IT and operations, ensuring sustainable security improvements.
  • Ensure lessons learned translate into long‑term resilience and measurable risk reduction.

• Risk, Audit, and Compliance Integration

  • Oversee audit readiness for the cyber program.
  • Support readiness for regulatory or client‑facing inquiries related to major enterprise cyber incidents, ensuring consistent, fact‑based, and timely communication.
  • Champion governance improvements by identifying process gaps, proposing control enhancements, and ensuring IR‑driven improvements are incorporated into enterprise security standards.

• Cross‑functional Collaboration

  • Partner with the Director of Product Security Response to maintain alignment across enterprise and product IR domains.
  • Serve as strategic co‑leader for global IR direction and provide reciprocal leadership coverage.
  • Maintain relationships with key stakeholders in Enterprise Technology and Regional Technology to align and continuously improve remediation and response planning.

Leadership Attributes

• Executive presence during crises, balancing urgency with strategic clarity.
• Ability to drive cross‑functional alignment in complex, time‑sensitive situations.
• Strong mentorship orientation for advancing global IR leadership capabilities.

What We Offer

• Comprehensive compensation and benefits package:
  • Base salary range (US) $220,000 – $435,600; for NY, WA, and CA (excluding Sacramento) $264,000 – $495,000.
  • Medical and dental coverage, pension and 401(k) plans, and a wide range of paid time‑off options.
• Team‑led and leader‑enabled hybrid work model (40‑60% in‑person for client‑serving roles).
• Flexible vacation policy with additional time off for EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves to support well‑being.