nexus IT group
A global enterprise is seeking a
Senior Incident Response Manager
to lead strategic and operational efforts in detecting, responding to, and mitigating cyber threats across its North American business operations. This role will oversee all stages of incident response — from triage and containment to recovery and post-incident analysis — while continuously improving the organization’s blue-team maturity and detection capabilities.
The ideal candidate will combine strong technical skills in threat detection, forensics, and vulnerability management with the leadership ability to guide cross-functional response efforts and enhance security resilience across multiple environments.
Key Responsibilities:
Lead enterprise-wide incident response, coordinating internal and external stakeholders to manage active threats and communicate with executive leadership.
Design and tune detection systems using SIEM, SOAR, and XDR technologies aligned with the MITRE ATT&CK framework.
Conduct proactive threat hunting, digital forensics, and malware analysis to uncover adversarial activity and strengthen defenses.
Manage vulnerability and exposure programs, including enterprise scanning, patch governance, and adherence to configuration standards such as CIS benchmarks.
Develop and maintain incident response playbooks and automation workflows.
Execute tabletop and purple-team exercises to improve preparedness.
Drive phishing defense, email authentication (SPF, DKIM, DMARC), and identity protection initiatives.
Partner with IT teams to implement secure baselines and ensure timely remediation of findings.
Provide regular reporting on incident trends, metrics, and readiness posture.
Qualifications:
Bachelor’s degree in Computer Science, Information Technology, or related field (Master’s preferred).
5–7 years of cybersecurity experience with a focus on incident response, detection engineering, and forensics in mature enterprise environments.
Expertise with SIEM, XDR, SOAR, and endpoint protection tools (e.g., Microsoft Sentinel, Splunk, Defender, Mimecast).
Strong understanding of authentication and identity security controls, email protection, and vulnerability management solutions.
Familiarity with frameworks such as NIST, ISO, and CIS.
Excellent communication and decision-making skills; capable of leading during high‑pressure security events.
Approximately 20% travel (domestic and international).
#J-18808-Ljbffr
Senior Incident Response Manager
to lead strategic and operational efforts in detecting, responding to, and mitigating cyber threats across its North American business operations. This role will oversee all stages of incident response — from triage and containment to recovery and post-incident analysis — while continuously improving the organization’s blue-team maturity and detection capabilities.
The ideal candidate will combine strong technical skills in threat detection, forensics, and vulnerability management with the leadership ability to guide cross-functional response efforts and enhance security resilience across multiple environments.
Key Responsibilities:
Lead enterprise-wide incident response, coordinating internal and external stakeholders to manage active threats and communicate with executive leadership.
Design and tune detection systems using SIEM, SOAR, and XDR technologies aligned with the MITRE ATT&CK framework.
Conduct proactive threat hunting, digital forensics, and malware analysis to uncover adversarial activity and strengthen defenses.
Manage vulnerability and exposure programs, including enterprise scanning, patch governance, and adherence to configuration standards such as CIS benchmarks.
Develop and maintain incident response playbooks and automation workflows.
Execute tabletop and purple-team exercises to improve preparedness.
Drive phishing defense, email authentication (SPF, DKIM, DMARC), and identity protection initiatives.
Partner with IT teams to implement secure baselines and ensure timely remediation of findings.
Provide regular reporting on incident trends, metrics, and readiness posture.
Qualifications:
Bachelor’s degree in Computer Science, Information Technology, or related field (Master’s preferred).
5–7 years of cybersecurity experience with a focus on incident response, detection engineering, and forensics in mature enterprise environments.
Expertise with SIEM, XDR, SOAR, and endpoint protection tools (e.g., Microsoft Sentinel, Splunk, Defender, Mimecast).
Strong understanding of authentication and identity security controls, email protection, and vulnerability management solutions.
Familiarity with frameworks such as NIST, ISO, and CIS.
Excellent communication and decision-making skills; capable of leading during high‑pressure security events.
Approximately 20% travel (domestic and international).
#J-18808-Ljbffr