Sr. Engineering Manager - CSIRT Cybersecurity Defense

About The Position

Requirements

• 4-year degree or equivalent experience in a related field
• 5+ years’ of SOC/IR experience
• 1-3 years of building and leading high performing cyber security teams with direct reports
• Cyber security certification (e.g. GIAC, Offensive security, ISC2)
• Deep understanding of and experience with monitoring and detection, incident response, artifact collection and analysis, cloud environments and attacker mindset
• Ability to lead CSIRT effectively during a high-severity security incident
• Lifelong learner passionate about continuous improvement and developing both your and your team’s skills and capabilities
• Ability to convey technical information clearly and concisely

Nice To Haves

• An understanding of and experience with any combination of digital forensics, reverse engineering, threat intelligence, threat hunting and SOAR
• Experience with various operating systems and host-based security controls
• Experience with network-based security controls, network infrastructure and protocols
• Experience working in a Cyber Fusion Center with highly collaborative, cross-functional teams

Responsibilities

• Lead Incident Response Operations: Direct all phases of the incident response lifecycle, including analysis, containment, eradication, recovery, and post-incident analysis.
• Develop and Maintain Response Frameworks: Establish and regularly update incident response policies, procedures, playbooks, and escalation workflows in alignment with industry best practices.
• Coordinate Cross-Functional Response: Serve as a central point of contact during major security incidents, coordinating efforts in collaboration with our partner teams
• Report on Incident Trends: Develop and present incident metrics, threat trends, and risk insights to senior leadership to support strategic decision-making.
• Train and Mentor Response Team Members: Provide leadership, coaching, and technical guidance to incident responders and analysts to build a high-performing team.
• Test and Validate Response Readiness: Contribute to regular tabletop exercises, red team engagements, and technical simulations to assess and strengthen response capabilities.
• Integrate Threat Intelligence: Leverage internal and external threat intelligence to inform response strategies and anticipate emerging attack vectors.
• Automate and Streamline Response Processes: Identify opportunities for automation and process optimization using tools such as SOAR platforms.

Benefits

• comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more
• 401(k)
• employee discount
• short term disability
• long term disability
• paid sick leave
• paid national holidays
• paid vacation