More jobs:
Incident Response Manager
Job in
Sarasota, Sarasota County, Florida, 34236, USA
Listed on 2026-07-10
Listing for:
Crowe
Full Time
position Listed on 2026-07-10
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
Incident Response Manager
The Incident Response Manager serves as a senior technical leader responsible for managing complex cybersecurity incident response engagements, mentoring and developing incident responders, overseeing engagement delivery, and acting as a trusted advisor to clients during cybersecurity crises. This role combines deep technical expertise with leadership, business development, client relationship management, and operational oversight responsibilities.
Responsibilities- Serve as the primary client-facing leader during major cybersecurity incidents.
- Lead multiple concurrent incident response engagements involving ransomware, data breaches, insider threats, cloud compromises, and advanced threat actor activity.
- Provide executive-level briefings to CISOs, CIOs, legal counsel, executive leadership, boards of directors, and other stakeholders.
- Direct forensic investigations, threat hunting activities, containment efforts, eradication plans, and recovery operations.
- Review and approve technical findings, investigation reports, executive summaries, and client deliverables.
- Coordinate internal and external resources to ensure successful engagement execution and client outcomes.
- Ensure investigations meet legal, regulatory, and evidentiary requirements.
- Develop and maintain incident response methodologies, playbooks, procedures, and service offerings.
- Lead and mentor Incident Response consultants and senior staff through coaching, technical guidance, and performance feedback.
- Assist with recruiting, onboarding, and professional development of team members.
- Support business development efforts through proposal development, scoping, client presentations, and strategic discussions.
- Identify opportunities to expand client relationships and deliver additional cybersecurity services.
- Contribute to thought leadership through whitepapers, webinars, conference presentations, and market-facing content.
- 7+ years of cybersecurity experience with at least 3 years focused on incident response, digital forensics, threat hunting, or cyber defense operations.
- Demonstrated experience leading complex incident response engagements from initial detection through recovery.
- Experience managing project teams, mentoring technical staff, and coordinating cross-functional stakeholders.
- Strong leadership, decision-making, and risk management capabilities.
- Excellent communication skills with the ability to present technical findings to executive and non-technical audiences.
- Ability to manage competing priorities and multiple concurrent engagements.
- Strong understanding of networking, operating systems, identity systems, cloud technologies, and cybersecurity principles.
- Experience utilizing SIEM platforms such as Splunk, Elastic, Microsoft Sentinel, or FortiSIEM.
- Experience utilizing EDR platforms such as Crowd Strike, Sentinel One, Microsoft Defender for Endpoint, or Carbon Black.
- Proficiency with scripting and automation using Power Shell, Python, Bash, or similar technologies.
- Strong documentation and report-writing capabilities.
- Willingness to travel approximately 15% or more as required.
- Expert knowledge of Windows, Linux, Active Directory, Microsoft Entra , Microsoft 365, AWS, Azure, and Google Cloud environments.
- Advanced understanding of attacker tactics, techniques, and procedures (MITRE ATT&CK).
- Experience leading enterprise-scale ransomware investigations and recovery efforts.
- Experience coordinating legal counsel, cyber insurance carriers, law enforcement, and third-party stakeholders during incidents.
- Experience developing incident response programs, tabletop exercises, and cyber resilience strategies.
- Experience managing consulting engagements and project financials.
- Experience building and managing cybersecurity teams.
- Relevant certifications such as GCFA, GCIH, GCED, GREM, GCTD, CISSP, CCSP, CISM, AWS Security Specialty, or Azure Security Engineer Associate.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×