Remote Incident Response Manager
Wisconsin, USA
Listed on 2026-02-01
-
IT/Tech
Cybersecurity, IT Project Manager
Data Analysis Incorporated (DAI) is the controlling entity of the O’Neil family of businesses. DAI and its subsidiaries operate in diverse industries worldwide, including global equity markets, health care, financial services, digital news, and insurance. Our global footprint allows our teams to be responsive to customer needs in a timely and efficient manner. We are dedicated to using technology and innovation to bring change and growth to our businesses.
We believe in a dynamic workplace, creating engaging, informative products and services that help our customers succeed. Integrity is an essential characteristic for our firms and our associates; if this describes you, please apply!
The Incident Response Manager leads and directly participates in the investigation and response to cybersecurity incidents across the organization. This role serves as the designated Incident Commander for security events, owning technical decision making from detection through containment, remediation, and recovery. In addition to providing functional leadership to the incident response team, the manager coordinates cross-functional stakeholders, drives clear and consistent response execution, and leads post-incident analysis to improve readiness and effectiveness.
The role emphasizes hands‑on technical leadership, real‑time incident command, and continuous improvement to reduce risk and protect enterprise assets.
- Acts as the designated Incident Commander during high severity cybersecurity incidents, with authority to direct response actions and coordinate cross-functional teams.
- Lead incident response activities directly while providing functional leadership and guidance to incident responders. Oversee the execution of incident response playbooks, driving consistency in root cause analysis and post-incident reporting.
- Coordinate with IT, IAM, Legal, Privacy, and Business stakeholders during active incident management and escalation.
- Ensure incident response actions are effective, timely, and defensible, with appropriate alignment to policy and regulatory expectations. Continuously assess incident trends and integrate lessons learned into improved processes, detection logic, and tooling.
- Provide subject matter expertise in the implementation and tuning of detection and response capabilities (e.g., Microsoft Defender XDR, Sentinel, Entra , Purview).
- Collaborate with Security Operations and Detection Engineering to develop and optimize incident response readiness and metrics.
- Maintain up-to-date knowledge of attacker techniques (e.g., MITRE ATT&CK) and advise on evolving threat response strategies.
- Present incident summaries and remediation plans to executive and technical leadership as appropriate.
- Contribute to the development of staff through coaching, mentoring, and performance feedback.
Required Education, Experience, Certification/Licensure
- Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience in a related technical field.
- Minimum of 7 years of experience in cybersecurity, including 3+ years in hands‑on incident response roles.
- Demonstrated experience serving as a technical lead or incident commander during security incidents; formal people management experience is preferred but not required.
- Proven experience leading and responding to security incidents across multiple domains including endpoint, identity, cloud, and SaaS environments.
- Strong proficiency with enterprise security tooling such as Microsoft Defender XDR, Sentinel, and identity protection platforms.
Preferred Education, Experience, Certification/Licensure
- Industry‑recognized certifications (e.g., GCIH, GCFA, GCIA, CISSP).
- Experience with in a regulated enterprise or consulting environment.
- Deep understanding of cybersecurity threat landscapes, attack vectors, and IR methodologies.
- Strong leadership, communication, and team‑building skills.
- Ability to prioritize and drive response under pressure while maintaining situational awareness.
- Experience managing cross‑functional incident coordination and executive communications.
- Aptitude for analyzing complex problems and…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).