Cyber Security Incident Response Manager

Since its founding more than 100 years ago, ITW has become one of the world’s leading diversified manufacturers of specialized industrial equipment, consumables, and related service businesses. We place a high premium on developing innovative solutions–most of which are developed in tandem with our customers. And we continue to ensure that our customers receive timely, cost-effective service for our innovative products. ITW’s differentiated business model comprises unique core capabilities: our proprietary 80/20 business process, customer-back innovation, and our well-known decentralized entrepreneurial culture. These capabilities are unmistakably ITW—and key to our longevity and strong performance. ITW’s products and solutions are at work all over the world, in deep-sea oil rigs, aerospace technology, bridges and wind turbines, healthcare, the spaces in which we live and work, the cars we drive, and the mobile devices we rely on. We are never, whether we know it or not, more than a few steps from an innovative ITW solution. ITW (NYSE: ITW) is a Fortune 300 global multi-industry manufacturing leader with revenue of $15.9 billion in 2024. and employs ~44,000 people operating in 51 countries. Our headquarters in Glenview, IL, features a fitness center at no cost to the employees, a cafe, outdoor volleyball courts, walking trails around the facility, employee resource groups, corporate discounts, dry cleaning services, covered/outdoor parking, and much more. We are just a block away from the nearest Metra station, and it is a quick 20-minute train ride to downtown Chicago, museums, lakefront, and other activities. More details on our benefits can be found on our website at https://www.itw.com/careers/benefits-compensation/ The Incident Response Manager is part of the Corporate IT Cyber Security team and is responsible for developing, implementing, and maintaining a comprehensive incident response security program. The Incident Response Manager will serve as a senior member of the cyber team and will be responsible for leading the incident response and threat monitoring services for ITW. In this role, this individual will oversee incident tracking and resolution. They will lead incident response services and engage in forensic services when needed. They will conduct lessons learned for cyber events and provide incident reports to management. In this role, this individual will lead the incident response services that monitor cyber incidents at ITW Corporate and ITW divisions. This role will oversee all aspects of the incident response program including incident tracking, resolution and reporting. This person will lead the cyber security analysts who are responsible for the day-to-day execution of the incident response services. The Incident Response Manager will review incident response program alerting and monitoring to ensure cyber protections are maintained, improved and properly implemented through performance metrics. This person will be the security subject matter expert for ITW Incident Response and SOC Monitoring services. The Incident Response Manager is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals. This person will be responsible for researching and recommending new cyber security solutions, participate in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures. In addition, the Incident Response Manager will develop and implement threat hunting procedures to protect the enterprise environment. This position requires strong organizational and communications skills to work with both a technical and non-technical audience at all levels. The applicant must also demonstrate an advanced ability to analyze, support, and resolve issues regarding cybersecurity, risk, and compliance. This position will be part of a high-performing team delivering best-in-class IT services to the business.