IDEX CorporationRemote
Senior Manager, Cybersecurity Incident Response – Security Operations
Illinois, United States of America
Full Time
1 week ago
$141,800 - $212,800 USD
No Visa Sponsorship
Key skills
CloudCyber SecurityAILeadershipProject ManagementCommunication
About this role
Role Overview
- Support enterprise incident response activities across detection, triage, containment, eradication, and recovery
- Coordinate the execution of high-impact cybersecurity incidents, in support of Cybersecurity leadership
- Serve as an operational escalation point for incident response, ensuring issues are appropriately routed and addressed
- Develop and maintain incident response playbooks, procedures, and standards
- Support coordination with legal, compliance, IT, and external response partners under the direction of Cybersecurity leadership
- Lead post-incident reviews with relevant stakeholders to identify improvements and strengthen organizational readiness
- Lead security operations activities focused on SOC services, including security monitoring, alert management, and incident response execution
- Oversee internal teams and external service providers (e.g., MSSPs) to ensure consistent, high-quality security operations coverage
- Establish and enforce operational standards for alert triage, escalation, and incident handling
- Drive scalability and efficiency through automation, orchestration, and process optimization
- Ensure effective monitoring coverage across Microsoft 365 Commercial and Government Community Cloud High (GCCH) environments
- Own and evolve security operations technologies, including security information & event monitoring (SIEM) and detection and response platforms
- Define and govern how multiple SOCs (internal and external) operate together, ensuring clear roles, responsibilities, and coordination models
- Establish IDEX Cybersecurity as the lead authority for major incident response, with external SOCs supporting detection and escalation
- Manage relationships with external SOC providers, including performance oversight, metrics, and participation in QBRs
- Improve detection fidelity through alert tuning, use case development, and false positive reduction
- Drive enhancements in detection coverage, response speed (MTTR), and overall operational effectiveness
- Partner with cybersecurity leadership to define operational roadmap, priorities, and maturity targets
- Coordinate cybersecurity requests and activities across teams, ensuring work is properly triaged, prioritized, and completed
- Manage ticketing and escalation processes, ensuring issues are routed, tracked, and resolved in a timely manner
- Track and communicate the status of incidents, initiatives, and key activities across teams
- Partner with IT and project management office (PMO) teams to ensure cybersecurity requirements are built into projects and services from the start
- Promote consistent, security-first practices across IT operations and service delivery
- Own security operations performance metrics and reporting, including MTTR, detection effectiveness, alert quality, and service level agreements (SLAs)
- Develop and enhance operational metrics and dashboards to support enterprise reporting and risk visibility
- Use data-driven insights to identify gaps, inefficiencies, and improvement opportunities
- Drive continuous improvement initiatives to enhance operational maturity, scalability, and consistency
- Support coordination of cybersecurity readiness efforts, including tabletop exercises and crisis simulations
- Mentor and develop team members and stakeholders in incident response practices
- Support knowledge transfer and training initiatives to improve enterprise-wide response capabilities
- Contribute to development and maintenance of operational documentation and standards.
Requirements
- Bachelor’s degree in Information Systems, Computer Science, Information Security, or equivalent experience
- 10+ years of experience in cybersecurity with a focus on security operations, incident response, or SOC leadership
- Demonstrated experience leading enterprise incident response and security operations programs
- Strong expertise in SIEM platforms, detection engineering concepts, and monitoring operations
- Experience in complex enterprise or regulated environments
- Proven ability to lead cross-functional initiatives in matrixed organizations
- Strong communication skills with the ability to engage both technical and executive stakeholders
- Experience supporting Microsoft 365 GCC High (GCCH) environments
- Experience managing MSSPs or external SOC/forensic partners
- Familiarity with NIST CSF, NIST 800-53, and NIST 800-171
- Relevant certifications preferred (e.g., CISSP, GCIH, GCFA, CISM)
- Experience implementing automation, orchestration, and AI-enabled security operations capabilities.
Tech Stack
- Cloud
- Cyber Security
Benefits
- Health benefits
- 401(k) retirement savings program with company match
- PTO
- More information on our benefits and rewards can be found on our career page: https://www.idexcorp.com/careers/our-benefits-and-rewards/