Cyber Security Incident Response Team Manager jobs in United States
cer-icon
Apply on Employer Site
company-logo

Capital Group · 10 hours ago

Cyber Security Incident Response Team Manager

positionNew York, United States
timeFull-time
remoteHybrid
senioritySenior Level
money$179K/yr - $287K/yr
date7+ years exp

Capital Group is seeking a highly technical and hands-on Incident Response Manager to lead their 24/7 global team of analysts responsible for monitoring, detecting, and responding to cybersecurity incidents. This role combines leadership, technical expertise, and operational excellence in a fast-paced environment, managing incident response activities and coordinating with various stakeholders.

Financial Services
check
Comp. & Benefits

Responsibilities

Lead and mentor a globally distributed team of security analysts and engineers responsible for initial detection, triage, containment, and advanced investigation of security incidents
Serve as incident commander and escalation point for high-severity incidents, including ransomware, account compromise, phishing, and data leakage
Architect and automate Integrate AI/ML-driven threat detection and behavioral analytics into IR processes. Design incident response workflows using SOAR platforms and custom scripting (Python, PowerShell, Bash, etc.) to improve mean time to respond (MTTR)
Implement and enforce IR playbooks, policies, and best practices aligned with NIST and MITRE ATT&CK frameworks
Coordinate cross-functional response with IT, developers, legal, privacy, and business continuity teams
Analyze and prioritize complex incidents, ensuring adherence to SLAs and regulatory/privacy requirements
Continuously improve detection, response, and reporting processes through metrics, trends, KPIs, KRI’s and post-incident reviews
Conduct tabletop exercises and oversee vulnerability and penetration testing assessments to identify gaps
Stay current with emerging threats, attacker TTPs, and integrate threat intelligence into response strategies
Foster a culture of learning and technical excellence, supporting team certifications and hands-on development

Qualification

Cybersecurity leadershipIncident response managementSIEM platforms expertiseCoding in PythonCloud IR knowledgeForensic analysisThreat huntingSQL proficiencyCommunication skillsOrganizational skillsDecision-making skills

Required

7+ years in cybersecurity (SOC and IR), including 3+ years in a leadership role
Proven ability to lead distributed teams under pressure and in high-stakes environments
Hands-on coding in Python (preferred), PowerShell, Bash, or similar languages
Proven expertise with traditional and Next-Generation SIEM platforms such as Splunk, Sentinel, QRadar, Exabeam, and CrowdStrike Falcon
Strong proficiency in SQL and query optimization across modern data lake platforms (e.g., Snowflake, Databricks, Azure Data Lake)
Advanced knowledge of attacker methods (escalation, lateral movement, TTPs)
Strong understanding of forensic analysis, malware reverse engineering, and threat hunting
Exceptional organizational, communication, and decision-making abilities
Proven ability to foster team well-being, prevent burnout, and support professional growth
Ability to remain calm under pressure and manage team well-being
Experience in building dashboards, metrics, and reporting frameworks

Preferred

Bachelor's degree in Cybersecurity, Computer Science, or related field preferred
Certifications such as GCIH, GCFA, GCFE, CISSP, OSCP, or equivalent highly desirable
Familiarity with Cribl LogStream, data normalization, and enrichment strategies for high-fidelity alerting
Familiarity with cloud IR (AWS, Azure) and hybrid environments

Benefits

Enjoy generous time-away and health benefits from day one, with the opportunity for flexible work options
Receive 2-for-1 matching gifts for your charitable contributions and the opportunity to secure annual grants for the organizations you love
Access on-demand professional development resources that allow you to hone existing skills and learn new ones
Individual annual performance bonus
Capital’s annual profitability bonus
Retirement plan where Capital contributes 15% of your eligible earnings

Company

Capital Group

twitter
Glassdoor4.1
company-logo
Capital Group was established in 1931 in Los Angeles, California, and now has 31 offices around the globe.
dateFounded in 1931
location
Los Angeles, CA, US
people-size5001-10000 employees
web-link
https://www.capitalgroup.com/us/landing-pages/linkedin-terms-of-use.html

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Mike Gitlin
President & CEO
linkedin
leader-logo
Canise Arredondo (she/her/hers)
Chief Financial Officer
linkedin

Recent News

MarketScreener
Alten: The Capital Group Companies below 5% of voting rights
2024-05-06
MarketScreener
Deutsche Bank has new big shareholder with Capital Group's 3% stake
2024-04-17
Bloomberg
Capital Group Says ‘Gentle Bubble’ Is Forming in US Tech Stocks
2024-02-27
Company data provided by crunchbase