Manager of Incident Response
Listed on 2026-07-01
-
IT/Tech
Cybersecurity
Position Overview
The Manager of Security Operations & Incident Response leads a team of security analysts and engineers responsible for protecting the organization through detection, response, and continuous improvement of security controls. This role owns the operational and engineering functions across the security tooling stack including SIEM, EDR, email security, identity monitoring, and network monitoring while serving as the primary liaison between technical security operations and business stakeholders.
This is a people‑first leadership role. The right candidate builds teams that operate with autonomy, brings calm and clarity during incidents, and earns credibility across the organization through both technical depth and sound judgment.
- Incident response experience strongly preferred.
- Department:
Cyber Security - Reports To:
Director of Cyber Security - Location:
Atlanta, GA / Hybrid - Compensation:
Base salary $135,000 annually, plus performance bonus and comprehensive benefits package.
- Lead, coach, and develop a team of analysts and security engineers, building a culture of accountability, ownership, and continuous growth.
- Collaborate with IT, Data Governance, Compliance, and Business Unit Owners to ensure detection and response capabilities are implemented effectively.
- Serve as a liaison, translating subject matter expert knowledge from incident response and security engineering teams for business stakeholders.
- Delegate with intention and trust; creating space for the team to solve problems independently while maintaining visibility on outcomes.
- Champion a security‑first culture through ongoing training, awareness programs, and cross‑functional advocacy.
- Lead the development, maintenance, and continuous improvement of enterprise IR playbooks, workflows, and reporting cadences.
- Oversee investigation and response operations across SIEM, EDR, email security, and network monitoring platforms.
- Manage IR queues; ensure timely triage, containment, and resolution.
- Serve as the organizational liaison between technical responders and business stakeholders during security incidents.
- Drive the deployment, configuration, and ongoing optimization of the security tooling stack (EDR, Identity, Email, WAF).
- Drive SIEM engineering and detection engineering initiatives to improve threat visibility and reduce noise.
- Own SSO/MFA engineering and policy governance, including SSO administration and application approval processes.
- Manage day‑to‑day security operations via delegation and cross‑team collaboration.
- Produce and maintain security dashboards, analytics, and executive‑level reporting using SIEM and visualization tools.
- Lead security awareness programs providing oversight and input for training and phishing simulation campaigns.
- Oversee the Security projects and project intake process to ensure operational work is visible, prioritized, and resourced.
- Bachelor’s degree in information systems, Computer Science, Cybersecurity, or related field – or equivalent experience.
- 5+ years of progressive experience in information security, with at least 2 years in a people management role.
- Hands‑on experience with SIEM platforms, detection engineering, and security operations workflows.
- Experience with email security, identity and access management, and endpoint protection platforms.
- Proven ability to lead incident response operations, including playbook development and cross‑functional coordination.
- Excellent communication skills with demonstrated ability to translate technical risk for non‑technical stakeholders.
- Strong organizational skills with experience managing operational queues, projects, knowledge management, and competing priorities.
- We prefer candidates who demonstrate genuine commitment to continuous learning and actively foster that same mindset in their teams. This includes staying current with the evolving threat landscape, pursuing relevant certifications or training, and creating an environment where team members are encouraged to develop their skills and share knowledge.
- ISACA Certified Information Security Manager (CISM)
- GIAC Security Essentials (GSEC) or GIAC Certified Incident Handler (GCIH)
- Certified Information Systems Security Professional (CISSP)
- CompTIA Security+ or CySA+
- Base Salary: $135,000 annually
- Bonus:
Performance‑based annual incentive plan - Benefits:
Comprehensive health, dental, vision, 401(k) match, paid time off, training reimbursement, and hybrid work flexibility. - Career Path:
Opportunities for advancement.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).