SOC Incident Response Manager - Senior Vice President

About The Position

Requirements

• Bachelor's degree in a technically rigorous domain such as Computer Science, Information Security, Engineering, Digital Forensics, etc.
• 10+ years of professional experience in cybersecurity and/or information security, or demonstrated equivalent capability.
• 5+ years hands-on working in cyber incident response and investigations, with at least 3 years in a leadership or management capacity, overseeing medium to large global teams, with exposure to various computing environments including cloud and traditional infrastructure.
• Proven experience in leading, mentoring, and developing technical teams.
• Demonstrated expertise or oversight in Dev/Sec/Ops practices within various computing environments.
• Deep understanding and experience with common services and platforms from a security and incident response perspective.
• Proven experience leading or directing forensic investigations or large-scale incident response efforts across diverse environments.
• Strong understanding and strategic leadership in containerization methods and tools (e.g., Docker, Kubernetes), including incident response and digital forensics considerations.
• Advanced certifications (e.g., GIAC, CISSP) in security or equivalent expertise.
• Demonstrated ability to lead teams in analyzing and pivoting through large data sets during incident investigations.
• Windows Operating Systems / UNIX / Mac OS X, specifically in system administration, command line use, and file system knowledge.
• Proficient in basic scripting and automation of tasks (e.g., C/C++, PowerShell, JavaScript, Python, bash, etc.).
• Leadership & Mentorship: Ability to inspire, motivate, and develop a high-performing global team.
• Strategic Thinking: Capacity to define and execute incident response strategy aligned with business objectives.
• Communication: Excellent verbal and written communication skills for presenting complex technical information to both technical and non-technical audiences, including senior management.
• Stakeholder Management: Proven ability to build and maintain strong relationships with internal and external stakeholders.
• Decision-Making: Sound judgment and decision-making skills under pressure during critical security incidents.
• Problem-Solving: Advanced analytical and problem-solving skills to guide the team through complex technical challenges.
• Adaptability: Ability to adapt to rapidly changing threat landscapes and evolving technologies.
• Working knowledge of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection/prevention systems, encryption, load balancing, and other network protocols.
• Working knowledge of relational database systems and concepts (SQL Server, PostgreSQL, etc.).
• Working knowledge of virtualization products (e.g., VMware Workstation).

Responsibilities

• Lead, mentor, and manage a global team of 6-10 Security Operations Center Incident Responders
• Oversee and direct incident response functions
• Drive strategic initiatives to enhance incident detection, containment, and eradication capabilities
• Lead and support in-depth triage and investigations of urgent cyber incidents
• Manage team performance, conduct regular reviews, and facilitate career development for direct reports
• Ensure the team effectively performs host-based analytical functions
• Oversee the creation and tracking of metrics based on the MITRE ATT&CK Framework
• Lead collaboration with application and infrastructure stakeholders to identify key components and information sources
• Direct incident response efforts using forensic and other custom tools to identify sources of compromise and/or malicious activities
• Collaborate with global multidisciplinary groups for triaging and defining the scope of large-scale incidents
• Direct the documentation and presentation of investigative findings for high-profile events and other incidents of interest to senior leadership
• Lead and participate in readiness exercises such as purple team, table tops, etc
• Develop and implement training programs for junior and mid-level colleagues on relevant best practices and advanced incident response techniques
• Act as a key escalation point for critical incidents and provide expert guidance to the team