Security Operations and Incident Response Manager

About The Position

Requirements

• Minimum 5-7 years progressive experience in cybersecurity with proven knowledge in Security Operations Center practices and incident response processes.
• 3+ years of experience in financial services with a strong understanding of financial threats and regulations.
• Hands-on experience with SIEM platforms, EDR solutions, and other Monitoring and Vulnerability management tools.
• Strong understanding of cyber threat landscapes, attack vectors, and adversary tactics.
• Bachelor’s degree in Computer Science, Information Security, or related field.
• Master’s degree preferred.
• Certification in CISSP, CCSP, CISM, TOGAF or equivalent.
• Demonstrated ability to manage major incident investigations and coordinate with legal, compliance, and law enforcement.
• Familiarity with regulatory and compliance frameworks such as HIPAA, PCI-DSS, NIST, ISO 27001, and GDPR.
• Proven ability to develop and maintain incident response playbooks and SOC standard operating procedures.
• Experience with cybersecurity metrics and KPIs.
• Demonstrated expertise in incident response lifecycle.
• Analytical mindset with attention to detail.
• Excellent communication and documentation skills.
• Ability to work under pressure and manage multiple incidents simultaneously.
• Passion for continuous learning and staying ahead of emerging threats.

Responsibilities

• Monitor and analyze security events in real-time using SIEM platforms to detect and respond to threats targeting financial systems.
• Tune and optimize SIEM correlation rules and ingestion pipelines to reduce false positives and improve detection fidelity.
• Leverage threat intelligence platforms to analyze emerging financial-specific threats and develop actionable insights.
• Investigate and triage security alerts, correlating data from endpoints, networks, and cloud environments.
• Lead and support incident response activities, including containment, eradication, and recovery.
• Perform forensic investigations to determine the root cause of incidents and document findings.
• Create and maintain incident response playbooks, ensuring rapid and consistent response processes.
• Conduct post-Incident reviews to identify lessons learned and recommend improvements.
• Manage and configure security tools, including SIEM, EDR, firewalls, and vulnerability scanners.
• Develop and tune detection rules, signatures, and alerts to improve detection accuracy.
• Implement automation responses to streamline tasks like alert enrichment and incident triage.
• Monitor and secure cloud environments using native security tools and third-party integrations.
• Partner with vulnerability management and IAM teams to ensure holistic security coverage.
• Document security incidents, investigations, and remediation actions in detail.
• Produce comprehensive reports on vulnerability scans and penetration tests.
• Develop and report on SOC metrics to demonstrate operational effectiveness.
• Maintain and update SOC runbooks, standard operating procedures (SOPs), and knowledge bases.

Benefits

• Medical, Dental and Vision plans that include no-cost and low-cost plan options.
• Immediate 401(k) matching and vesting.
• Vehicle purchase and lease discounts plus monthly vehicle allowances.
• Paid Volunteer Time Off with company donation to a charity of your choice.
• Tuition reimbursement.