Incident Response Manager

As an Incident Response Manager working remote in the United States, you’ll be a part of bringing humanity to business.

As part of our Information Security team, you will manage the team that is responsible for detecting, containing, and remediating cybersecurity threats. This role balances the technical understanding of attack methods and response with the leadership skills to manage the experienced security analysts.

• Lead Incident Lifecycle efforts, serving as the responder for security incidents escalated by the 24x7 SOC, including coordination of containment, eradication, and recovery activities across technical teams.
• Manage and mentor a high‑performing Incident Response and Security Analyst team, providing hands‑on technical guidance, coaching, and professional development to strengthen detection and response capabilities.
• Develop, maintain, and continuously improve the Incident Response Plan (IRP) and detailed playbooks for a range of threat scenarios, including ransomware, phishing, insider threat, and third‑party incidents, ensuring alignment with evolving attack methods and regulatory requirements.
• Design and facilitate tabletop and simulation exercises to test incident readiness, validate executive and technical response procedures, and identify gaps prior to real‑world events.
• Translate complex technical findings into clear, actionable communications for Legal, HR, executive leadership, and business stakeholders during and after security incidents.
• Conduct Post‑Incident Reviews (Post‑Mortems) to assess root cause, response effectiveness, and control gaps, driving continuous improvement of security posture, policies, and processes.
• Prepare, validate, and maintain security and compliance documentation.
• Advise internal and client teams on remediation of security and privacy weaknesses, balancing risk, compliance, and operational impact.
• Prepare and deliver security and privacy awareness training tailored to technical teams, business users, and leadership audiences.

• 5 years in Cyber Security including experience with security tools such as EDR, SIEM, etc.
• 3 years of leadership experience.
• Strong understanding of advanced threat analysis methodologies like MITRE ATT&CK.
• Review runbooks to assist SOC Analysts and other team members with appropriate reactions and activities based on finding types.
• Capable of self‑direction in situations involving complex attack methods that require in‑depth analysis and response.
• Ensure solid communication with key stakeholders, including progress on issues or findings and setting relevant expectations.
• Familiarity with security assessments and audits covering Protected Health Information (PHI), Personally Identifiable Information (PII), and Payment Card Industry Data Security Standard (PCI DSS).
• Experience in preparing security documentation, evaluating and documenting security and privacy controls, and completing non‑technical analysis activities.

• Some experience with common penetration tools/frameworks (Open Source or Commercial).
• Powershell and/or Python scripting experience and building API‑based integrations.

• This is a 100% work from home position.
• Working with a company and team that is supportive of your career and professional development.
• An inclusive culture and community‑minded organization where giving back is encouraged.
• A global team of curious lifelong learners guided by our company values.
• Paid time off (PTO) plus wellness and healthcare benefits.
• And yes… a great compensation package and performance bonus opportunities, benefits you'd expect and maybe a few perks that would pleasantly surprise you (like tuition reimbursement).
• Visit TTEC Benefits for U.S. Employees | TTEC for more information.

The anticipated range is $120,000‑140,000. Actual compensation offers to a candidate may vary based upon geographic location, work experience, education and/or skill levels.

Title:

Incident Response Manager

Location:

TX‑Austin

Requisition B3S

Other Locations:
United States, US‑TX‑Austin

TTEC is proud to be an equal opportunity employer where all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. TTEC embraces and is committed to building a diverse and inclusive workforce that respects and empowers the cultures and perspectives within our global teams.

We aim to reflect the communities we serve, by not only delivering amazing service and technology, but also humanity. We make it a point to make sure all our employees feel valued, belonging, and comfortable being their authentic selves  a global company, we know diversity is our strength because it enables us to view things from different perspectives and for you to bring value to the table in your own unique way.