Incident Response Manager

Data Analysis Inc.

About The Position

Data Analysis Incorporated (DAI) is the controlling entity of the O’Neil family of businesses. DAI and its subsidiaries operate in diverse industries worldwide, including global equity markets, health care, financial services, digital news, and insurance. Our global footprint allows our teams to be responsive to customer needs in a timely and efficient manner. We are dedicated to using technology and innovation to bring change and growth to our businesses. We believe in a dynamic workplace, creating engaging, informative products and services that help our customers succeed. Integrity is an essential characteristic for our firms and our associates; if this describes you, please apply! SummaryThe Incident Response Manager leads and directly participates in the investigation and response to cybersecurity incidents across the organization. This role serves as the designated Incident Commander for security events, owning technical decision making from detection through containment, remediation, and recovery. In addition to providing functional leadership to the incident response team, the manager coordinates cross-functional stakeholders, drives clear and consistent response execution, and leads post-incident analysis to improve readiness and effectiveness. The role emphasizes hands-on technical leadership, real-time incident command, and continuous improvement to reduce risk and protect enterprise assets.

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field.
Minimum of 7 years of experience in cybersecurity, including 3+ years in hands-on incident response roles.
Demonstrated experience serving as a technical lead or incident commander during security incidents; formal people management experience is preferred but not required.
Proven experience leading and responding to security incidents across multiple domains including endpoint, identity, cloud, and SaaS environments.
Strong proficiency with enterprise security tooling such as Microsoft Defender XDR, Sentinel, and identity protection platforms.

Nice To Haves

Industry-recognized certifications (e.g., GCIH, GCFA, GCIA, CISSP).
Experience within a regulated enterprise or consulting environment.

Responsibilities

Acts as the designated Incident Commander during high severity cybersecurity incidents, with authority to direct response actions and coordinate cross-functional teams.
Lead incident response activities directly while providing functional leadership and guidance to incident responders. Oversee the execution of incident response playbooks, driving consistency in root cause analysis and post-incident reporting.
Coordinate with IT, IAM, Legal, Privacy, and Business stakeholders during active incident management and escalation.
Ensure incident response actions are effective, timely, and defensible, with appropriate alignment to policy and regulatory expectations.Continuously assess incident trends and integrate lessons learned into improved processes, detection logic, and tooling.
Provide subject matter expertise in the implementation and tuning of detection and response capabilities (e.g., Microsoft Defender XDR, Sentinel, Entra ID, Purview).
Collaborate with Security Operations and Detection Engineering to develop and optimize incident response readiness and metrics.
Maintain up-to-date knowledge of attacker techniques (e.g., MITRE ATT&CK) and advise on evolving threat response strategies.
Present incident summaries and remediation plans to executive and technical leadership as appropriate.
Contribute to the development of staff through coaching, mentoring, and performance feedback.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume