Senior Manager, Cybersecurity Incident Response & Security Operations
IDEX Corporation · United States · 1 wk ago
RemoteRemoteInformation Technology$142k–$213k/yrFull-time
Position Responsibilities
- Support enterprise incident response activities across detection, triage, containment, eradication, and recovery
- Coordinate the execution of high-impact cybersecurity incidents, in support of Cybersecurity leadership
- Serve as an operational escalation point for incident response, ensuring issues are appropriately routed and addressed
- Develop and maintain incident response playbooks, procedures, and standards
- Support coordination with legal, compliance, IT, and external response partners under the direction of Cybersecurity leadership
- Lead post-incident reviews with relevant stakeholders to identify improvements and strengthen organizational readiness
Security Operations Lead
- Oversee internal teams and external service providers (e.g., MSSPs) to ensure consistent, high-quality security operations coverage
- Establish and enforce operational standards for alert triage, escalation, and incident handling
- Drive scalability and efficiency through automation, orchestration, and process optimization
- Ensure effective monitoring coverage across Microsoft 365 Commercial and Government Community Cloud High (GCCH) environments
Security Operations Program & Technology Management
- Own and evolve security operations technologies, including security information & event monitoring (SIEM) and detection and response platforms
- Define and govern how multiple SOCs (internal and external) operate together, ensuring clear roles, responsibilities, and coordination models
- Own IDEX Cybersecurity as the lead authority for major incident response, with external SOCs supporting detection and escalation
- Manage relationships with external SOC providers, including performance oversight, metrics, and participation in QBRs
- Improve detection fidelity through alert tuning, use case development, and false positive reduction
- Drive enhancements in detection coverage, response speed (MTTR), and overall operational effectiveness
- Promote consistent, security-first practices across IT operations and service delivery
Operational Coordination & Service Delivery
- Cybersecurity requests and activities across teams, ensuring work is properly triaged, prioritized, and completed
- Manage ticketing and escalation processes, ensuring issues are routed, tracked, and resolved in a timely manner
- Track and communicate the status of incidents, initiatives, and key activities across teams
- Partner with IT and project management office (PMO) teams to ensure cybersecurity requirements are built into projects and services from the start
Metrics, Reporting & Continuous Improvement
- Own security operations performance metrics and reporting, including MTTR, detection effectiveness, alert quality, and service level agreements (SLAs)
- Develop and enhance operational metrics and dashboards to support enterprise reporting and risk visibility
- Use data-driven insights to identify gaps, inefficiencies, and improvement opportunities
- Drive continuous improvement initiatives to enhance operational maturity, scalability, and consistency
Training, Exercises & Readiness Support
- Coordination of cybersecurity readiness efforts, including tabletop exercises and crisis simulations
- Mentor and develop team members and stakeholders in incident response practices
- Support knowledge transfer and training initiatives to improve enterprise-wide response capabilities
- Contribute to development and maintenance of operational documentation and standards