American Credit Acceptance

Description

Are you the kind of cybersecurity expert who runs toward the fire? Do you thrive in high‑stakes environments, leading complex investigations and neutralizing threats before they impact the business? If so, we want you on our front line. We’re looking for a Senior Incident Responder — the elite technical leader who stands at the center of our cyber defense mission. In this role, you will command major security incidents, drive advanced investigations across cloud and on‑prem environments, and elevate the organization’s detection and response capabilities. Your leadership strengthens enterprise resilience, improves detection and response times, and safeguards critical systems against rapidly evolving threats. What You'll Do

• Serve as the Incident Commander for high‑severity cyber events, orchestrating containment, eradication, and recovery.
• Analyze alerts across EDR, NDR, SIEM, identity, and cloud telemetry to rapidly identify and scope threats.
• Lead deep‑dive forensics, threat hunting, and advanced investigations spanning endpoints, networks, cloud (Azure/AWS), SaaS, email, and identity systems.
• Conduct malware analysis, develop IOCs, and integrate actionable intelligence into detection workflows.
• Tune and enhance detection tooling; build automation through SOAR runbooks
• Produce executive‑ready incident reports, drive post‑incident reviews, and ensure corrective actions are completed.
• Mentor SOC analysts across tiers, uplift operational SLAs, and strengthen response procedures.
• Partner with other departments and functions to reduce enterprise risk.

What Makes You a Great Fit

• 5+ years in Security Operations & Incident Response, including leadership of major incidents.
• Hands‑on expertise with EDR/XDR, SIEM, NDR, CASB, and cloud security tooling (Azure/AWS).
• Strong command of forensic techniques, malware analysis, packet analysis, and log investigation.
• Deep familiarity with MITRE ATT&CK, threat actor TTPs, and modern ransomware/BEC vectors.
• Proven ability to perform under pressure and communicate clearly with technical and executive stakeholders.
• Experience in the financial services industry is a plus.
• Preferred certifications: GCIH, GCFA, GCFE, GNFA, GREM, GCIA, CISSP, or similar.

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. EEO Statement

ACA provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ACA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. California Privacy Notice As an employer of California residents, we are dedicated to protecting your privacy rights. Any personal information you provide during the application process will be used solely for permitted internal purposes and will be handled in accordance with applicable privacy laws. By applying to this position, you consent to the collection, use, and disclosure of your personal information as described in our Employee Privacy Notice.