Senior Manager, Cybersecurity Incident Response & Security Operations

IDEX Corporation•Northbrook, IL

1d•$141,800 - $212,800

About The Position

The Senior Manager, Cybersecurity Incident Response & Security Operations serves as a operational leader within the IDEX Cybersecurity function, responsible for coordinating and advancing enterprise-wide incident detection and response capabilities. This role oversees the execution and continuous improvement of incident response processes and security operations (SOC) functions across multiple internal and external providers, ensuring consistent, high-quality monitoring, escalation, and response. This role is responsible for defining how cybersecurity incidents are assessed, escalated, and managed across the enterprise, and for ensuring IDEX Cybersecurity leads the response to significant security events. This role will partner with the IT and infrastructure teams that operate specific environments (e.g., data center SOC services). The role partners closely with IT, infrastructure, and external SOC providers to align on detection capabilities and operational processes, while supporting Cybersecurity leadership in coordinating high-impact incidents and driving continuous improvement in response effectiveness.

Requirements

Bachelor’s degree in Information Systems, Computer Science, Information Security, or equivalent experience
10+ years of experience in cybersecurity with a focus on security operations, incident response, or SOC leadership
Demonstrated experience leading enterprise incident response and security operations programs
Strong expertise in SIEM platforms, detection engineering concepts, and monitoring operations
Experience in complex enterprise or regulated environments
Proven ability to lead cross-functional initiatives in matrixed organizations
Strong communication skills with the ability to engage both technical and executive stakeholders
Experience supporting Microsoft 365 GCC High (GCCH) environments
Experience managing MSSPs or external SOC/forensic partners
Familiarity with NIST CSF, NIST 800-53, and NIST 800-171

Nice To Haves

Relevant certifications preferred (e.g., CISSP, GCIH, GCFA, CISM)
Experience implementing automation, orchestration, and AI-enabled security operations capabilities

Responsibilities

Support enterprise incident response activities across detection, triage, containment, eradication, and recovery
Coordinate the execution of high-impact cybersecurity incidents, in support of Cybersecurity leadership
Serve as an operational escalation point for incident response, ensuring issues are appropriately routed and addressed
Develop and maintain incident response playbooks, procedures, and standards
Support coordination with legal, compliance, IT, and external response partners under the direction of Cybersecurity leadership
Lead post-incident reviews with relevant stakeholders to identify improvements and strengthen organizational readiness
Lead security operations activities focused on SOC services, including security monitoring, alert management, and incident response execution
Oversee internal teams and external service providers (e.g., MSSPs) to ensure consistent, high-quality security operations coverage
Establish and enforce operational standards for alert triage, escalation, and incident handling
Drive scalability and efficiency through automation, orchestration, and process optimization
Ensure effective monitoring coverage across Microsoft 365 Commercial and Government Community Cloud High (GCCH) environments
Own and evolve security operations technologies, including security information & event monitoring (SIEM) and detection and response platforms
Define and govern how multiple SOCs (internal and external) operate together, ensuring clear roles, responsibilities, and coordination models
Establish IDEX Cybersecurity as the lead authority for major incident response, with external SOCs supporting detection and escalation
Manage relationships with external SOC providers, including performance oversight, metrics, and participation in QBRs
Improve detection fidelity through alert tuning, use case development, and false positive reduction
Drive enhancements in detection coverage, response speed (MTTR), and overall operational effectiveness
Partner with cybersecurity leadership to define operational roadmap, priorities, and maturity targets
Coordinate cybersecurity requests and activities across teams, ensuring work is properly triaged, prioritized, and completed
Manage ticketing and escalation processes, ensuring issues are routed, tracked, and resolved in a timely manner
Track and communicate the status of incidents, initiatives, and key activities across teams
Partner with IT and project management office (PMO) teams to ensure cybersecurity requirements are built into projects and services from the start
Promote consistent, security-first practices across IT operations and service delivery
Own security operations performance metrics and reporting, including MTTR, detection effectiveness, alert quality, and service level agreements (SLAs)
Develop and enhance operational metrics and dashboards to support enterprise reporting and risk visibility
Use data-driven insights to identify gaps, inefficiencies, and improvement opportunities
Drive continuous improvement initiatives to enhance operational maturity, scalability, and consistency
Support coordination of cybersecurity readiness efforts, including tabletop exercises and crisis simulations
Mentor and develop team members and stakeholders in incident response practices
Support knowledge transfer and training initiatives to improve enterprise-wide response capabilities
Contribute to development and maintenance of operational documentation and standards