Manager of Incident Response
Aveanna Healthcare · Atlanta, GA · 3 mo ago
Information Technology$135k/yrFull-time
Responsibilities
- Lead, coach, and develop a team of analysts and security engineers, building a culture of accountability, ownership, and continuous growth.
- Collaborate with IT, Data Governance, Compliance, and Business Unit Owners to ensure detection and response capabilities are implemented effectively.
- Serve as a liaison, translating subject matter expert knowledge from incident response and security engineering teams for business stakeholders.
- Delegate with intention and trust; creating space for the team to solve problems independently while maintaining visibility on outcomes.
- Champion a security-first culture through ongoing training, awareness programs, and cross-functional advocacy.
- Lead the development, maintenance, and continuous improvement of enterprise IR playbooks, workflows, and reporting cadences.
- Oversee investigation and response operations across SIEM, EDR, email security, and network monitoring platforms.
- Manage IR queues; ensure timely triage, containment, and resolution.
- Serve as the organizational liaison between technical responders and business stakeholders during security incidents.
- Drive the deployment, configuration, and ongoing optimization of the security tooling stack (EDR, Identity, Email, WAF).
- Drive SIEM engineering and detection engineering initiatives to improve threat visibility and reduce noise.
- Own SSO/MFA engineering and policy governance, including SSO administration and application approval processes.
- Manage day-to-day security operations via delegation and cross-team collaboration.
- Produce and maintain security dashboards, analytics, and executive-level reporting using SIEM and visualization tools.
- Lead security awareness programs providing oversight and input for training and phishing simulation campaigns.
- Oversee the Security projects and project intake process to ensure operational work is visible, prioritized, and resourced.
Qualifications
- Bachelor’s degree in information systems, Computer Science, Cybersecurity, or related field – or equivalent experience.
- 5+ years of progressive experience in information security, with at least 2 years in a people management role.
- Hands-on experience with SIEM platforms, detection engineering, and security operations workflows.
- Experience with email security, identity and access management, and endpoint protection platforms.
- Proven ability to lead incident response operations, including playbook development and cross-functional coordination.
- Excellent communication skills with demonstrated ability to translate technical risk for non-technical stakeholders.
- Strong organizational skills with experience managing operational queues, projects, knowledge management, and competing priorities.
- We prefer candidates who demonstrate genuine commitment to continuous learning and actively foster that same mindset in their teams.