Manager, IR / SOC (Incident Response & Security Operations Center)

Match Group•Vancouver, BC

60d•$170,000 - $190,000

About The Position

As the Manager, IR / SOC, you will lead the integrated team responsible for Detection Engineering, Security Operations Center (SOC), and Incident Response (IR) across Match Group. Reporting to the Sr. Director of Security Engineering, you will drive the strategic vision of maximizing rapid and accurate threat response capabilities by integrating these three core functions and leveraging AI-driven innovation. You will own the detection lifecycle end-to-end — from signal engineering and alert tuning through triage, investigation, and incident resolution — while building toward an AI-augmented SOC model that reduces noise, accelerates response, and scales across a global portfolio.

Responsibilities

Lead and develop a high-performing team of SOC analysts, detection engineers, and incident responders operating across multiple time zones with 24/7 coverage
Play a key role in developing the detection engineering framework, contributing to detections-as-code (DaC) via GitOps/CI/CD pipelines for consistency and automated deployment
Drive AI Agentic SOC adoption — evaluate, select, and implement AI-driven triage and investigation tooling to maximize SOC efficiency, reduce false positives, and accelerate initial response speed
Manage the full incident lifecycle — from detection through containment, eradication, recovery, and lessons learned — partnering with Legal, Communications, Privacy, and Engineering teams
Build and refine detection content across the SIEM platform, integrating log sources across all MG brands (Tinder, Hinge, Match, E&E, HPCNT, Eureka, and New Bets)
Establish and track SOC metrics and SLAs, creating dashboards to visualize performance, alert fidelity, and response effectiveness
Coordinate and execute IR tabletop exercises (technical and management-level) across brands to validate readiness and improve playbooks
Partner with the Red Team to validate detection capabilities through adversary simulation and assumed-compromise testing
Collaborate with Platform Security, InfraSec, and AppSec teams to identify and close detection gaps across cloud-native and hybrid environments (AWS, GCP), datacenter infrastructure, endpoints (CrowdStrike), identity (Okta), SaaS, and application layers
Integrate threat intelligence into detection and response workflows to anticipate and proactively defend against emerging threats
Use automation to improve detection and response times and mitigate incident impact

Benefits

Medical, mental health, and wellness benefits to support your overall health and well-being
Competitive compensation, 100% employer match on 401k contributions up to 10% (cap at $10,000), as well as an employee stock purchase program to help you feel supported in your financial security
Generous PTO and 14 paid holidays so you can unplug
Annual training allowance for professional development and ERG membership opportunities and events so you feel connected and empowered in your work
20 weeks of 100% paid parental leave, fertility, adoption, and child care resources, as well as pet insurance and discounts
Company events where our employees get to know each other and build a sense of connection and belonging!

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume