Job Description

Job role : Senior Incident Response Manager

Duration : Long term

Location : Palo Alto, CA Hybrid

Position Overview:

We are seeking an experienced Senior Incident Response Manager to lead our Platform, security and incident response and recovery efforts, collaborating closely with Platform Engineering and Cybersecurity teams to ensure seamless incident detection, response, and resolution. The ideal candidate has deep expertise in incident handling, threat intelligence, automation, and cloud-native security within modern hybrid environments.

Key Responsibilities:

Incident Response Leadership:

• Lead end-to-end incident response, from identification to containment, eradication, and recovery.
• Develop, maintain, and execute IR playbooks and runbooks aligned with NIST 800-61, CIS, and ISO 27001 standards.
• Oversee threat hunting activities to proactively identify vulnerabilities and threats.

Security Monitoring & Detection:

• Manage SIEM platforms, intrusion detection systems, and anomaly detection tools for real-time analysis.

• Implement monitoring for hybrid environments (AWS, GCP, Azure, on-prem).
• Conduct regular threat analysis, vulnerability assessments, and risk evaluations.

Collaboration with Platform Engineering Teams:

• Integrate security into CI/CD pipelines and DevSecOps processes.

• Work closely with DevOps and SRE to enhance infrastructure resilience, automation, and fault tolerance.
• Drive security improvements in container orchestration (Kubernetes, Docker) and infrastructure as code (Terraform, Ansible).

Forensic Analysis & Reporting:

Conduct forensic investigations on affected systems, collecting and preserving evidence.

• Produce executive-level incident reports and technical root-cause analyses.
• Present findings to senior leadership and stakeholders, highlighting risk mitigation strategies.

Root Cause Analysis (RCA):

• Internal RCA: Lead comprehensive root cause analysis for all major incidents within internal systems and infrastructure, ensuring complete documentation and follow-up action items.
• Third-Party RCA: Collaborate with third-party vendors to perform joint RCAs, ensuring transparency, accountability, and timely resolution of incidents affecting shared infrastructure or services.
• Maintain RCA reports, track corrective actions, and enforce SLAs with third-party partners for incident resolution.

Policy Development & Compliance:

• Design and enforce security policies and incident response procedures.

• Ensure alignment with compliance frameworks (NIST, HIPAA, CIS, SOC2, GDPR).
• Lead tabletop exercises and red team/blue team drills.

Continuous Improvement & Automation:

• Identify opportunities for automation to improve incident detection and response time.

• Implement SOAR (Security Orchestration, Automation, and Response) platforms to optimize workflows.
• Stay current with evolving cybersecurity threats, technologies, and best practices.

Qualifications:

• Education : Bachelor's degree in Cybersecurity, Information Technology, or related field (Master's preferred).

Experience:

• 7+ years of experience in Incident Response, Cybersecurity Operations, or DevSecOps.
• Strong background in DevOps, SRE, and cloud security best practices.
• Proven expertise in SIEM tools (Splunk, Sentinel, Elastic), EDR (CrowdStrike), and IDS/IPS systems.
• Familiarity with Terraform, Ansible, VMWare, Kubernetes, and Docker in high-availability environments.
• Experience with threat intelligence platforms and SOC operations.
• Demonstrated experience in conducting and managing Root Cause Analysis (RCA) both internally and with third-party vendors.

Certifications (preferred):

• CISSP, CISM, GCIA, GCIH, OSCP, or equivalent.

• AWS Certified Security Specialist, GCP Professional Cloud Security Engineer, or Azure Security Engineer.

Technical Skills:

• Advanced scripting (Python, Bash, PowerShell).
• Familiarity with Zero Trust architecture and network segmentation.
• Experience with vulnerability scanners (Qualys, Nessus, OpenVAS).

Soft Skills:

• Exceptional analytical and problem-solving abilities.
• Strong leadership and team collaboration skills.
• Effective communication with technical and non-technical stakeholders.

Job Tags

Similar Jobs