Incident Response Manager

About The Position

Requirements

• US Citizenship required with the ability to obtain and maintain a Public Trust Clearance.
• Bachelor’s Degree or Higher in Cyber Security or related field or CertifiedInformation Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GCIH (GIAC Certified Incident Handler).
• Must have industry experience to include 7+ years of relevant experience in cybersecurity incident identification, response, remediation or mitigation.
• Experience analyzing incidents, preserving evidence, identifying root causes, and developing effective mitigation/remediation solutions.
• Familiarity with frameworks like NIST, ISO 27001, and CIS Controls.
• Experience collecting intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
• Experience coordinating and providing expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
• Experience, managing, leading or coordinating incident response functions.
• Experience monitoring external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise.

Responsibilities

• Perform cybersecurity incident detection, response, remediation, or mitigation
• Analyze security incidents, preserve digital evidence, identify root causes, and create mitigation or remediation plans
• Reference familiarity with NIST, ISO 27001, and CIS Critical Security Controls
• Collect and analyze intrusion artifacts (e.g., malware, source code, trojans) to support mitigation efforts
• Coordinate and provide technical support to enterprise-wide cyber defense teams during incidents
• Manage, lead, or coordinate incident response functions across the organization
• Monitor external threat intelligence feeds (CERTs, vendor advisories, security publications) to identify relevant threats
• Perform forensically sound image collection and review to support investigations and remediation
• Receive, evaluate, and analyze alerts from various systems to determine potential causes or impacts
• Ensure compliance with federal incident reporting requirements and produce after‑action reports
• Lead and oversee the full incident response lifecycle: detection, containment, eradication, recovery, and lessons learned
• Serve as the primary escalation point for major or high‑severity incidents
• Conduct tabletop exercises, drills, and readiness assessments
• Strengthen organizational resilience by identifying gaps and improving IR processes
• Oversee tools and technologies supporting detection, analysis, and response activities
• Document incidents, timelines, decisions, findings, and process improvements
• Track remediation efforts to completion and validate fix effectiveness
• Review threat intelligence to stay aware of new techniques, vulnerabilities, and attack trends
• Coordinate cross‑functional collaboration during incidents and post-incident recovery
• Prepare detailed post‑incident and after-action reports for leadership and compliance teams

Benefits

• Our employees value the flexibility at Pyramid Systems that allows them to balance quality work and their personal lives.
• We offer competitive compensation, benefits, to include our Employee Stock Ownership Program, FlexPTO, and learning and development opportunities.