Senior Manager, Cybersecurity Incident Response & Security Operations

Senior Manager, Cybersecurity Incident Response & Security Operations

If you're looking for a special place to build or grow your career, you've found it. Whether you're an experienced professional, a recent college graduate or somewhere in between, IDEX is a place where you can apply your existing skills and learn new ones in an environment where you can make an impact.

With interesting opportunities in engineering, marketing, sales, supply chain, operations, HR, finance, and more across more than 40 diverse businesses around the globe, chances are, we have something special for you.

The Senior Manager, Cybersecurity Incident Response & Security Operations serves as a operational leader within the IDEX Cybersecurity function, responsible for coordinating and advancing enterprise-wide incident detection and response capabilities.

This role oversees the execution and continuous improvement of incident response processes and security operations (SOC) functions across multiple internal and external providers, ensuring consistent, high-quality monitoring, escalation, and response.

This role is responsible for defining how cybersecurity incidents are assessed, escalated, and managed across the enterprise, and for ensuring IDEX Cybersecurity leads the response to significant security events. This role will partner with the IT and infrastructure teams that operate specific environments (e.g., data center SOC services).

The role partners closely with IT, infrastructure, and external SOC providers to align on detection capabilities and operational processes, while supporting Cybersecurity leadership in coordinating high-impact incidents and driving continuous improvement in response effectiveness.

Position Responsibilities

Incident Response:

• Support enterprise incident response activities across detection, triage, containment, eradication, and recovery
• Coordinate the execution of high-impact cybersecurity incidents, in support of Cybersecurity leadership
• Serve as an operational escalation point for incident response, ensuring issues are appropriately routed and addressed
• Develop and maintain incident response playbooks, procedures, and standards
• Support coordination with legal, compliance, IT, and external response partners under the direction of Cybersecurity leadership
• Lead post-incident reviews with relevant stakeholders to identify improvements and strengthen organizational readiness

Security Operations:

• Lead security operations activities focused on SOC services, including security monitoring, alert management, and incident response execution
• Oversee internal teams and external service providers (e.g., MSSPs) to ensure consistent, high-quality security operations coverage
• Establish and enforce operational standards for alert triage, escalation, and incident handling
• Drive scalability and efficiency through automation, orchestration, and process optimization
• Ensure effective monitoring coverage across Microsoft 365 Commercial and Government Community Cloud High (GCCH) environments

Security Operations Program & Technology Management:

• Own and evolve security operations technologies, including security information & event monitoring (SIEM) and detection and response platforms
• Define and govern how multiple SOCs (internal and external) operate together, ensuring clear roles, responsibilities, and coordination models
• Establish IDEX Cybersecurity as the lead authority for major incident response, with external SOCs supporting detection and escalation
• Manage relationships with external SOC providers, including performance oversight, metrics, and participation in QBRs
• Improve detection fidelity through alert tuning, use case development, and false positive reduction
• Drive enhancements in detection coverage, response speed (MTTR), and overall operational effectiveness
• Partner with cybersecurity leadership to define operational roadmap, priorities, and maturity targets

Operational Coordination & Service Delivery:

• Coordinate cybersecurity requests and activities across teams, ensuring work is properly triaged, prioritized, and completed
• Manage ticketing and escalation processes, ensuring issues are routed, tracked, and resolved in a timely manner
• Track and communicate the status of incidents, initiatives, and key activities across teams
• Partner with IT and project management office (PMO) teams to ensure cybersecurity requirements are built into projects and services from the start
• Promote consistent, security-first practices across IT operations and service delivery

Metrics, Reporting & Continuous Improvement:

• Own security operations performance metrics and reporting, including MTTR, detection effectiveness, alert quality, and service level agreements (SLAs)
• Develop and enhance operational metrics and dashboards to support enterprise reporting and risk visibility
• Use data-driven insights to identify gaps, inefficiencies, and improvement opportunities
• Drive continuous improvement initiatives to enhance operational maturity, scalability, and consistency

Training, Exercises & Readiness:

• Support coordination of cybersecurity readiness efforts, including tabletop exercises and crisis simulations
• Mentor and develop team members and stakeholders in incident response practices
• Support knowledge transfer and training initiatives to improve enterprise-wide response capabilities
• Contribute to development and maintenance of operational documentation and standards

Position Qualifications, Skills, and Experience:

• Bachelor's degree in Information Systems, Computer Science, Information Security, or equivalent experience
• 10+ years of experience in cybersecurity with a focus on security operations, incident response, or SOC leadership
• Demonstrated experience leading enterprise incident response and security operations programs
• Strong expertise in SIEM platforms, detection engineering concepts, and monitoring operations
• Experience in complex enterprise or regulated environments
• Proven ability to lead cross-functional initiatives in matrixed organizations
• Strong communication skills with the ability to engage both technical and executive stakeholders
• Experience supporting Microsoft 365 GCC High (GCCH) environments
• Experience managing MSSPs or external SOC/forensic partners
• Familiarity with NIST CSF, NIST 800-53, and NIST 800-171
• Relevant certifications preferred (e.g., CISSP, GCIH, GCFA, CISM)
• Experience implementing automation, orchestration, and AI-enabled security operations capabilities

Are you ready to join a different kind of company where our people, our culture, and our commitments are centered around providing trusted solutions that improve lives around the world?

Total Rewards

The compensation range for this position is $141,800.00 - $212,800.00, depending on experience. This position may be eligible for performance based bonus plan.

Benefits Package

Our comprehensive U.S. benefit offerings include: Health benefits, 401(k) retirement savings program with company match, PTO, and more. More information on our benefits and rewards can be found on our career page.

IDEX is an Equal Opportunity Employer. IDEX gives consideration for employment to qualified applicants without regard to race, color, religion, creed, genetic information, sex, sexual orientation, gender identity or expression, marital status, age, national origin, disability, protected veteran status, or any other consideration or protected category made unlawful by federal, state or local laws.

Attention Applicants: If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, please let us know. Likewise, if you are limited in the ability to access or use this online application process and need an alternative method for applying, we will determine an alternate way for you to apply. Please contact our Talent Acquisition Team at View email address on click.appcast.io for assistance with an accommodation. These contact tools may be used only by individuals with a disability for accommodation requests. Do not inquire as to the status of an application.

This posting is for an existing vacancy.

Artificial intelligence is not used to screen, assess or select applicants.