Senior Manager, Cybersecurity Incident Response & Security Operations
Position Responsibilities
- Support enterprise incident response activities across detection, triage, containment, eradication, and recovery
- Coordinate the execution of high-impact cybersecurity incidents, in support of Cybersecurity leadership
- Serve as an operational escalation point for incident response, ensuring issues are appropriately routed and addressed
- Develop and maintain incident response playbooks, procedures, and standards
- Lead post-incident reviews with relevant stakeholders to identify improvements and strengthen organizational readiness
- Lead security operations activities focused on SOC services, including security monitoring, alert management, and incident response execution
- Oversee internal teams and external service providers (e.g., MSSPs) to ensure consistent, high-quality security operations coverage
- Own and evolve security operations technologies, including security information & event monitoring (SIEM) and detection and response platforms
- Define and govern how multiple SOCs (internal and external) operate together, ensuring clear roles, responsibilities, and coordination models
- Own IDEX Cybersecurity as the lead authority for major incident response, with external SOCs supporting detection and escalation
- Manage relationships with external SOC providers, including performance oversight, metrics, and participation in QBRs
- Improve detection fidelity through alert tuning, use case development, and false positive reduction
- Drive enhancements in detection coverage, response speed (MTTR), and overall operational effectiveness
- Promote consistent, security-first practices across IT operations and service delivery
- Own security operations performance metrics and reporting, including MTTR, detection effectiveness, alert quality, and service level agreements (SLAs)
- Develop and enhance operational metrics and dashboards to support enterprise reporting and risk visibility
- Use data-driven insights to identify gaps, inefficiencies, and improvement opportunities
- Drive continuous improvement initiatives to enhance operational maturity, scalability, and consistency
- Coordinate cybersecurity readiness efforts, including tabletop exercises and crisis simulations
- Mentor and develop team members and stakeholders in incident response practices
- Support knowledge transfer and training initiatives to improve enterprise-wide response capabilities
- Contribute to development and maintenance of operational documentation and standards
Position Qualifications, Skills, And Experience
- Bachelor’s degree in Information Systems, Computer Science, Information Security, or equivalent experience
- 10+ years of experience in cybersecurity with a focus on security operations, incident response, or SOC leadership
- Demonstrated experience leading enterprise incident response and security operations programs
- Strong expertise in SIEM platforms, detection engineering concepts, and monitoring operations
- Experience in complex enterprise or regulated environments
- Proven ability to lead cross-functional initiatives in matrixed organizations
- Strong communication skills with the ability to engage both technical and executive stakeholders
- Experience supporting Microsoft 365 GCC High (GCCH) environments
- Experience managing MSSPs or external SOC/forensic partners
- Familiarity with NIST CSF, NIST 800-53, and NIST 800-171
- Relevant certifications preferred (e.g., CISSP, GCIH, GCFA, CISM)
- Experience implementing automation, orchestration, and AI-enabled security operations capabilities
Total Rewards
The compensation range for this position is $141,800.00 - $212,800.00, depending on experience. This position may be eligible for performance based bonus plan.
Benefits Package
Our comprehensive U.S. benefit offerings include: Health benefits, 401(k) retirement savings program with company match, PTO, and more. More information on our benefits and rewards can be found on our career page: here.
Attention Applicants
If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, please let us know. Likewise, if you are limited in the ability to access or use this online application process and need an alternative method for applying, we will determine an alternate way for you to apply. Please contact our Talent Acquisition Team at lfcareers@idexcorp.com for assistance with an accommodation.