Senior Incident Response Manager 1125

nexus IT group

Irvine, California

JOB DETAILS
SKILLS
Analysis Skills, Authentication, Automation, Benchmarking, Business Operations, Communication Skills, Computer Forensics, Computer Science, Computer Security, Continuous Improvement, Cross-Functional, Endpoint Security, Forensic Science, Hunting, ISO (International Organization for Standardization), Incident Management, Incident Response, Information Technology & Information Systems, Internet Security, Leadership, Malware Analysis, Metrics, Microsoft Product Family, Operational Strategy, Organizational Development/Management, Phishing, Reporting Skills, Security Attacks, Security Information and Event Management (SIEM), Software Patches, Splunk, Time Management, Trend Analysis, U.S. National Institute of Standards and Technology (NIST), Willing to Travel
LOCATION
Irvine, California
POSTED
30+ days ago

A global enterprise is seeking a Senior Incident Response Manager to lead strategic and operational efforts in detecting, responding to, and mitigating cyber threats across its North American business operations. This role will oversee all stages of incident response — from triage and containment to recovery and post-incident analysis — while continuously improving the organization’s blue-team maturity and detection capabilities.

The ideal candidate will combine strong technical skills in threat detection, forensics, and vulnerability management with the leadership ability to guide cross-functional response efforts and enhance security resilience across multiple environments.

Key Responsibilities:

  • Lead enterprise-wide incident response, coordinating internal and external stakeholders to manage active threats and communicate with executive leadership.

  • Design and tune detection systems using SIEM, SOAR, and XDR technologies aligned with the MITRE ATT&CK framework.

  • Conduct proactive threat hunting, digital forensics, and malware analysis to uncover adversarial activity and strengthen defenses.

  • Manage vulnerability and exposure programs, including enterprise scanning, patch governance, and adherence to configuration standards such as CIS benchmarks.

  • Develop and maintain incident response playbooks and automation workflows.

  • Execute tabletop and purple-team exercises to improve preparedness.

  • Drive phishing defense, email authentication (SPF, DKIM, DMARC), and identity protection initiatives.

  • Partner with IT teams to implement secure baselines and ensure timely remediation of findings.

  • Provide regular reporting on incident trends, metrics, and readiness posture.

Qualifications:

  • Bachelor’s degree in Computer Science, Information Technology, or related field (Master’s preferred).

  • 5–7 years of cybersecurity experience with a focus on incident response, detection engineering, and forensics in mature enterprise environments.

  • Expertise with SIEM, XDR, SOAR, and endpoint protection tools (e.g., Microsoft Sentinel, Splunk, Defender, Mimecast).

  • Strong understanding of authentication and identity security controls, email protection, and vulnerability management solutions.

  • Familiarity with frameworks such as NIST, ISO, and CIS.

  • Excellent communication and decision-making skills; capable of leading during high-pressure security events.

  • Approximately 20% travel (domestic and international).

About the Company

n

nexus IT group