AmTrust Financial Services, Inc. · 22 hours ago
Manager, Cyber Security Incident Response
Greater Cleveland
Full-time
Onsite
Mid, Senior Level
$105K/yr - $160K/yrAmTrust Financial Services, Inc. is seeking a Cyber Security Incident Response Manager to lead their Incident Response program. This role involves preparing the organization to detect, analyze, contain, and recover from cyber threats while collaborating with various departments to strengthen cyber resilience.
FinanceFinancial ServicesInsurance
Responsibilities
Lead the Cyber Security Incident Response (CSIR) program, ensuring rapid detection, containment, eradication, and recovery of cyber incidents
Develop and maintain IR processes, runbooks, and playbooks for various attack scenarios (e.g., ransomware, phishing, insider threat, data breach, business email compromise)
Serve as primary point of contact and coordinator during cyber incidents, engaging technical teams, executive leadership, and external stakeholders
Manage and continuously improve incident response technologies including SIEM, SOC, SOAR, EDR, threat intelligence platforms, and case management tools
Perform forensic analysis and root cause investigations of incidents; ensure lessons learned are documented and remediation activities are tracked
Conduct tabletop exercises, red team/blue team simulations, and coordinate post-incident reviews
Maintain an up-to-date incident escalation matrix and ensure 24/7 coverage/rotation for incident handling
Partner with threat intelligence, vulnerability management, and SOC teams to proactively reduce incident risk
Collaborate with Legal, HR, Risk, and Compliance during investigations to ensure appropriate evidence handling, reporting, and regulatory notifications
Track, analyze, and report on incident metrics, response times, and overall program effectiveness to senior leadership
Ensure incident response procedures remain aligned with frameworks such as NIST 800-61, ISO 27035, and regulatory requirements (e.g., NYDFS 500, GDPR, HIPAA)
Engage with law enforcement and external partners as needed during significant cyber events
Qualification
Required
Bachelor's degree from an accredited college or university in Cyber Security, Information Technology, or a related field
Demonstrated experience leading cyber incident response in a large enterprise or highly regulated industry
Strong technical expertise in digital forensics, malware analysis, SIEM/EDR tools, and network intrusion detection
Proven ability to manage high-pressure situations and provide clear, timely communication to both technical teams and executives
Familiarity with legal, regulatory, and compliance requirements for cyber incidents, including breach notification laws
Excellent written and verbal communication skills, capable of translating complex technical findings into executive-level reports
Strong organizational, analytical, and problem-solving abilities
Preferred
Industry certifications preferred: GCIH, GCFA, GCIA, GNFA, CISM, or CISSP
Benefits
Medical & Dental Plans
Life Insurance, including eligible spouses & children
Health Care Flexible Spending
Dependent Care
401k Savings Plans
Paid Time Off
Company
AmTrust Financial Services, Inc.
AmTrust Financial Services, Inc., through its subsidiaries, operates as a multinational property and casualty insurance company.
Founded in 1998
5001-10000 employees
H1B Sponsorship
AmTrust Financial Services, Inc. has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2023 (3)
2022 (5)
Funding
Current Stage
Public CompanyTotal Funding
unknown2006-11-13IPO
Leadership Team
D
Daniel Pacicco
Executive Vice President, Chief Financial Officer
Carl Canales
Executive Vice President - North American Field Operations
Recent News
2025-11-07
2025-11-05
Company data provided by crunchbase