Cybersecurity Major Incident Manager

ComcastPhiladelphia, PA
Hybrid

About The Position

The Cybersecurity Major Incident Manager leads incident management across a distributed, follow-the-sun operating model, with accountability for incident response support and coordination, post-incident governance, and continuous improvement to ensure consistent execution, disciplined closure, and measurable risk reduction.

Requirements

  • 7+ years of experience in cybersecurity operations, incident response support, or CSOC leadership
  • Proven experience leading global or distributed teams across multiple regions or time zones
  • Strong understanding of incident response lifecycle, coordination, and post-incident analysis (AAR/RCA)
  • Experience managing cross-functional teams during high-severity incidents
  • Strong communication and stakeholder management skills
  • Bachelor's Degree
  • Relevant Work Experience 5-7 Years

Nice To Haves

  • Experience with incident management or workflow platforms
  • Familiarity with AAR frameworks and operational governance
  • Knowledge of U.S. and international regulatory environments
  • Experience operating in a 24x7 or follow-the-sun model

Responsibilities

  • Lead incident response support and coordination across regions, ensuring consistent execution, rapid response, and 24x7 operational coverage.
  • Build and maintain the CSOC IM operating model, including staffing, escalation paths, runbooks, and surge support for major incidents
  • Manage and develop a distributed team of Incident Coordinators and Incident Managers across regions
  • Establish follow-the-sun operating rhythms and seamless regional handoff processes.
  • Provide leadership and oversight for the integration of vulnerability management, threat monitoring, detection engineering, and critical security telemetry to ensure visibility, coverage, and operational readiness for newly acquired environments.
  • Drive cybersecurity operational maturity across newly integrated businesses, ensuring incident response processes, playbooks, governance, and continuous improvement activities align with enterprise standards and regulatory requirements.
  • Serve as a senior incident coordinator for high-severity incidents, ensuring alignment across technical teams, business stakeholders, Legal, Privacy, and Communications
  • Coordinate incident response activities, ensuring actions are tracked, prioritized, and executed in alignment with the Incident Response Plan
  • Own incident closure quality, ensuring root cause, remediation, evidence, and documentation are complete and audit-ready
  • Lead After-Action Reviews (AARs) and ensure structured, outcome-driven execution
  • Translate AAR outputs into prioritized Cybersecurity Action Plans (CAPs) with clear ownership and timelines
  • Provide clear, executive-ready updates and structured communication cadence to the teams
  • Partner with Legal to support appropriate post-incident oversight and review requirements
  • Assess operational gaps and drive improvements in processes, controls, and coordination
  • Define and track key metrics including MTTR, closure quality, CAP completion, and incident recurrence
  • Establish reporting on incident trends, operational performance, and readiness gaps
  • Ensure alignment with regulatory requirements and regional considerations (U.S. and U.K.)
  • Manage relationships with external incident response providers and partners
  • Lead, coach, and develop a high-performing global team while driving a culture of accountability and operational rigor

Benefits

  • An array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service