Sr. Incident Response Manager

Overview

The Senior Incident Response (IR) Manager provides strategic and operational leadership for detecting, responding to, and eradicating cyber threats targeting Kia America (KUS) and its affiliated entities. This position oversees end‑to‑end incident response activities including triage, containment, forensics, recovery, and post‑incident analysis and ensures continuous enhancement of blue‑team capabilities across email, endpoint, identity, cloud, and network environments.

• Lead incident response across KUS and affiliates (triage, containment, eradication, recovery, communication).
• Coordinate internal/external stakeholders and ensure timely executive reporting.
• Design, implement, and tune detections mapped to MITRE ATT&CK framework across SIEM, SOAR, XDR, email security, and network sensors.
• Develop IR runbooks/playbooks, automate with SOAR, run tabletop and purple‑team exercises, coordinate vulnerability remediation with IT partner, and maintain metrics/KPI for continuous improvement.
• Drive phishing and Business Email Compromise (BEC) takedown efforts; monitor email authentication protocols (SPF, DKIM, DMARC) and harden high‑risk identity workflows.
• Acquire and preserve digital evidence; perform host, network, and cloud forensics; analyze malware artifacts; determine root cause; and document findings through comprehensive incident reports.

Education

• Bachelor’s degree in Computer Science, Information Technology, or a related field required.

Experience

• 5–7 years of cybersecurity experience with mature security processes, including 5–7 years of hands‑on technical work and 2–4 years specializing in enterprise‑scale incident response and blue‑team operations.
• In‑depth knowledge and practical experience with SIEM/XDR/SOAR (e.g., Microsoft Sentinel, Microsoft 365 Defender suite, Splunk ES), EDR (e.g., Defender for Endpoint, Sentinel One), email security (e.g., Mimecast), and Infra/Network vulnerability scanning tools (e.g., Rapid7, Qualys, Nessus, Nmap, Wireshark).
• Strong understanding of security frameworks and standards (NIST, ISO, CIS) and network security, applications, cloud, and infrastructure.

Other Requirements

• 20% domestic or international travel.
• Must be able to respond to challenges with poise and agility and handle competing priorities effectively.
• Other duties as assigned.

Specialized Skills

• Strong understanding of authentication and email security (SPF/DKIM/DMARC), identity protection (MFA/Conditional Access), and log sources across Windows, O365, Azure, and common SaaS.
• Solid experience with SIEM/XDR/SOAR, EDR, email security, and network vulnerability scanning tools.

$123,279 - $177,697 per year

KUS provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, ancestry, national origin, sex, pregnancy, gender identity, gender expression, age, disability, veteran status, genetic information, or any other characteristic protected by applicable law. KUS complies with applicable non‑discrimination law in all areas of employment, including recruitment, hiring, promotion, and compensation.