Threat Response Manager, Cyber Defense Operations

About The Position

Requirements

• Bachelor's Degree or equivalent work experience.
• 5+ years experience in Information Security, preferably in one of the following areas: Computer Incident Response Team (CIRT) Computer Security Incident Response Center (CSIRC) Security Operations Center (SOC)
• Experience with various security technologies (SIEM, UEBA, EDR, IDS/IPS, etc.)
• Experience with leading cyber security investigations and incident response
• Experience in communicating complex technical information clearly and effectively to both technical and non-technical audiences

Nice To Haves

• GIAC Certified Incident Handler (GCIH) (or equivalent incident-focused certification) preferred
• (ISC)² Certified Information Systems Security Professional (CISSP) preferred
• Management experience with operations teams preferred
• Experience with digital forensic analysis preferred

Responsibilities

• Lead talent development; manage performance, conduct reviews, establish clear career progression paths, and actively mentor analysts to ensure the team maintains expert-level skills and readiness
• Cultivate high-performance culture; nurture a calm, collaborative, and decisive team environment, serving as the primary example of composed leadership during high-pressure incidents
• Own the team's operational capacity by monitoring staffing, tools, and training needs; lead hiring efforts; and coordinate external services to supplement capabilities as required
• Incident Commander (IC) accountability; serve as the primary Incident Commander during complex, high-severity incidents, coordinating technical containment and ensuring continuous, effective communication with all stakeholders and leadership
• Define and track operational metrics; establish Key Performance Indicators (KPIs) and drive continuous improvement in critical metrics such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)
• Define the tactical and operational steps for incident handling; ensure strict adherence to incident response plans and governance frameworks (NIST) to maintain an audit-ready posture
• Drive operational improvements in the threat detection pipeline, actively reducing alert noise and optimizing the performance of the core security ecosystem (SIEM, UEBA, EDR, IDS/IPS, etc.)
• Threat Modeling; apply in-depth knowledge of adversary and cyber defense models (MITRE ATT&CK and MITRE D3FEND) to tactically refine detection rules and inform proactive threat hunting strategies
• Review and analyze post-incident reports to identify patterns, trends, and systemic vulnerabilities; clearly and effectively translate complex technical findings into actionable recommendations for security leadership

Benefits

• We offer versatile health perks, including flexible spending accounts, HSA, a 401(k) Plan with company match, ESPP, career opportunities, and a flexible time away plan; all benefits can be viewed here: DISH Benefits.
• The base pay range shown is a guideline. Individual total compensation will vary based on factors such as qualifications, skill level, and competencies; compensation is based on the role's location and is subject to change based on work location.