Jobs · Management · California

Sr. Incident Response Manager

Kia America · Irvine, CA · 2 wk ago
On-siteManagement$123k–$178k/yrFull-time

About the role

The Senior Incident Response (IR) Manager provides strategic and operational leadership for detecting, responding to, and eradicating cyber threats targeting Kia America (KUS) and its affiliated entities. This position oversees end-to-end incident response activities including triage, containment, forensics, recovery, and post-incident analysis and ensures continuous enhancement of blue-team capabilities across email, endpoint, identity, cloud, and network environments.

This role drives proactive vulnerability and exposure management, enforces secure configuration baselines, and governs enterprise-wide patch management to minimize risk and prevent incidents before they occur. The role is also accountable for aligning KUS security operations with global and regional (Kia North America) cybersecurity strategies, coordinating with affiliate IT/security teams, developing and maintaining IR playbooks, and advancing the organization's overall security maturity through awareness programs and cross-functional collaboration.

Responsibilities

  • Priority One – 20% of Time
    • Lead incident response across KUS and affiliates (triage, containment, eradication, recovery, communication)
    • Career Development
    • Coordinate internal/external stakeholders and ensure timely executive reporting.
  • Priority Two – 20% of Time
    • Detection Engineering & Threat Hunting
      • Design, implement, and tune detections mapped to MITRE ATT&CK framework across the following platforms:
      • Security Information and Event Management (SIEM)- e.g., Microsoft Sentinel
      • Security Orchestration, Automation, and Response (SOAR) - e.g., Splunk ES
      • Extended Detection and Response (XDR) - e.g., Microsoft 365 Defender
      • Email Security- e.g., Microsoft EOP/Mimecast
      • Network sensors
  • Priority Three – 20% of Time
    • Program Improvement
      • Develop IR runbooks/playbooks, automate with SOAR, run tabletop and purple-team exercises, coordinate vulnerability remediation with IT partner, and maintain metrics/KPI for continuous improvement.
      • Maintain proactive vulnerability and exposure management, including: enterprise scanning (on-premises, cloud, and container environments); attack surface management (ASM); configuration baselines such as Center for Internet Security (CIS) Benchmarks; patch and change governance with IT partner; measurement and reporting, such as Common Vulnerability Scoring System (CVSS) / Exploit Prediction Scoring System (EPSS); and preventive controls and system hardening.
  • Priority Four – 20% of Time
    • Email & Identity Threat Defense
      • Drive phishing and Business Email Compromise (BEC) takedown efforts; domain abuse monitoring through email authentication protocols including SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance); strengthen identity protection measures; and harden high-risk workflows including Finance and HR.
  • Priority Five – 20% of Time
    • Digital Forensics & Malware Triage
      • Acquire and preserve digital evidence; perform host, network, and cloud forensics; analyze malware artifacts; determine root cause; and document findings and lessons learned through comprehensive incident reports.

Qualifications

  • Bachelor’s degree in Computer Science, Information Technology, or a related field required.
  • Master’s degree preferred.

Requirements

  • 5-7 years of cybersecurity experience in organizations with mature security processes, including 5-7 years of hands-on technical work and 2-4 years specializing in enterprise-scale incident response and blue team operations.
  • In-depth knowledge and practical experience with various IT and security systems.
  • Familiar with security related regulations and compliance requirements.
  • Experience in policy development and implementation.
  • Strong understanding of security frameworks and standards (e.g., NIST, ISO, CIS).
  • Strong understanding of network security, applications, cloud, and infrastructure.

Specialized Skills and Knowledge

  • Practical expertise with SIEM/XDR/SOAR (e.g., Microsoft Sentinel, Microsoft 365 Defender suite, Splunk ES), EDR (e.g., Defender for Endpoint, Sentinel One), email security (e.g., Mimecast), and Infra/Network vulnerability scanning tools (e.g., Rapid7, Qualys, Nessus, and Nmap, Wireshark).
  • Strong understanding of authentication and email security (SPF/DKIM/DMARC), identity protection (MFA/Conditional Access), and log sources across Windows, O365, Azure, and common SaaS.

Pay Range

$123,279 - $177,697

Benefits

Kia provides team members with competitive benefits including premium paid medical, dental and vision coverage for you and your dependents, 401(k) plan matching of 100% up to 6% of the salary deferral, and paid time off. Kia also offers company lease and purchase programs, company-wide holiday shutdown, paid volunteer hours, and premium lifestyle amenities at our corporate campus in Irvine, California.

Similar jobs

Sr. Incident Manager

DoubleVerifyNew York, NY· 1 wk ago
Information Technology$131k/yrapply on grnh.se

Manager of Incident Response

Aveanna HealthcareAtlanta, GA· 3 mo ago
Information Technology$135k/yrapply on biweekly-portal-aveanna.icims.com