Senior Manager of Incident Response
About the role
The Senior Manager of Incident Response will lead global incident detection and response capabilities, serving as the primary incident commander during significant security events. This role requires deep technical expertise in DFIR, executive presence, and composure under pressure.
Responsibilities
Lead, mentor, and scale a 24/7 global response team, overseeing talent strategy, performance management, and professional development to deliver a high-performance culture grounded in technical excellence, accountability, continuous learning, and rapid disciplined execution.
Serve as the primary incident commander for significant and enterprise-impacting security events. Direct and coordinate cross-functional response efforts across IT, Legal, HR, Communications, executive leadership, and external partners to ensure rapid containment, recovery, and resolution.
Own and continuously improve incident response processes to ensure adherence to ITAR data sovereignty requirements and CMMC Level 1-3 requirements.
Ensure accurate, defensible incident reporting, documentation, and audit readiness aligned with regulatory and legal expectations.
Define and execute the long-term incident response strategy and roadmap, including the adoption of advanced SOAR capabilities and XDR frameworks.
Drive measurable improvements in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through process optimization, tooling, and skills development.
Develop, maintain, and mature incident response plans, playbooks, and tabletop exercises to ensure organizational readiness across global business units.
Lead post-incident reviews and translate lessons learned into actionable improvements controls, processes, and response capabilities.
Translate complex technical findings into clear, concise, risk-based reports for C-Suite during and following significant security events.
Serve as a trusted advisor to senior leadership on response readiness, cyber resilience, and incident risk posture.
Oversee proactive threat hunting initiatives and integrate tactical threat intelligence into the incident lifecycle.
Advance the organization from reactive response to predictive, data-driven defense.
Qualifications
10+ years of progressive experience in Cyber Security within a large-scale global enterprise.
5+ years in a dedicated incident response leadership role.
Professional certifications such as CISSP, GCIH, GCFA, or CISM are highly desirable.
Bachelor’s degree in computer science, Cyber Security, or a related field. A master’s degree is a plus.
Demonstrated experience managing security operations within ITAR-controlled environments.
Strong working knowledge of CMMC frameworks, compliance, and response requirements.
Proven track record of managing global teams across multiple time zones and cultures.
Experience managing third-party Managed Security Service Providers (MSSPs) preferred.
Demonstrated ability to lead decisively during high-pressure, high-visibility security events.
Ability to balance deep technical analysis with risk management and business priorities.
Strong judgement in ambiguous environments and scenarios with incomplete information.
Exceptional written & verbal communication skills, including delivery of clear messaging during high-stress events.
Hands-on experience with EDR / XDR platforms, SIEM technologies, and forensic toolsets.
Strong knowledge of MITRE ATT&CK framework and cloud security architecture.
Pay
$150,000 - $180,000 (based on experience) + bonus + benefits.
About The Company
Peterson Technology Partners (PTP) is an Equal Opportunity Employer committed to creating a transparent, inclusive, and human-centered hiring experience. Based in the Chicago suburb of Park Ridge, IL, our team of more than 500 employees and consultants is dedicated to helping every client make the best hiring decisions possible, matching professionals with the right IT jobs and career opportunities.