Manager-Security Incident Response & Operations
About The Position
This role is responsible for leading and enhancing the organizationâs cyber incident response capabilities while overseeing operational security functions. You will manage a team of cyber analysts, mentor junior staff, and drive process improvements across detection, monitoring, and response initiatives. The position requires collaboration with internal engineering, architecture, and project management teams to ensure cyber-defense requirements are integrated early in project lifecycles. You will continuously assess threats, identify gaps, and implement improvements to incident response playbooks, SIEM operations, and security monitoring. This position combines technical leadership, operational oversight, and strategic guidance to strengthen enterprise-wide cybersecurity posture.
Requirements
- Bachelorâs degree in Computer Science, Information Security, or related field; equivalent experience accepted.
- 10+ years of relevant experience in cybersecurity, incident response, or SOC operations.
- 5+ years managing SIEM operations, including content and case management, SOAR tools, and threat intel integration.
- 2+ years of people management experience.
- Proven expertise in cyber incident response, intrusion analysis, malware analysis, and security engineering.
- Experience with enterprise-level security operations and handling advanced cyber threats.
- Strong knowledge of operating systems (Windows, Linux/Unix), network services, web applications, APIs, and security tools (IDS/IPS, WAF, proxies, AV, forensics tools).
- Familiarity with Microsoft Azure, third-party SOC management, and enterprise threat intelligence distribution.
- Relevant certifications preferred: GCIA, GSEC, GCIH, GCFA, GREM, ECIH, CSIH, CIHE.
- Strong leadership, interpersonal, and communication skills with ability to influence matrixed teams.
- Ability to operate effectively under pressure, prioritize tasks, and maintain confidentiality.
Responsibilities
- Lead cyber incident response operations, providing subject matter expertise and guidance to analysts.
- Manage SIEM operations, including tuning rules, case management, and integrating threat intelligence feeds.
- Support the containment, mitigation, and documentation of security incidents, ensuring timely and effective response.
- Conduct threat hunting to identify anomalous and malicious activity, enhancing detection capabilities.
- Oversee third-party SOC/MSSP relationships to ensure proper coverage, response times, and alert quality.
- Drive continuous improvement of incident response processes, playbooks, and detection strategies.
- Facilitate collaboration across security operations, engineering, architecture, and business teams for proactive risk mitigation.
- Provide training and mentorship to team members on investigative tools, forensics, and response procedures.
Benefits
- Full-time annual salary range: $112,500â$175,000 (based on experience, qualifications, and internal equity).
- Remote work with company-provided equipment and technology support.
- Access to cybersecurity tools, training, and professional development opportunities.
- Collaborative and high-impact environment working with cross-functional technical teams.
- Opportunities for mentorship, leadership growth, and team development.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
