Cyber Incident Manager
The Salvation Army Eastern Territory
Overview
The Salvation Army, an international movement, is an evangelical part of the universal Christian Church. Its message is based on the Bible. Its ministry is motivated by the love of God. Its mission is to preach the gospel of Jesus Christ and to meet human needs in His name without discrimination.
We are the largest non-governmental provider of social services in America and every year, we help over 30 million Americans overcome poverty, homelessness, addiction, economic hardships, loneliness, and exploitation through a wide range of programs and services.
Our Eastern Territorial Headquarters' Information Technology Department has an opening for a Cyber Incident Manager. This position will lead the response to cyber incidents, ensuring they are handled promptly and efficiently to minimize damage and reduce recovery time and costs. They play a pivotal role in coordination with various internal and external stakeholders to manage the incident lifecycle from preparation to post-incident review through identification, containment, eradication, recovery, and lessons learned. This position is integral to the cybersecurity framework, serving as the frontline defense against incidents that can compromise sensitive data, disrupt business operations, and damage the organization's reputation. The Cyber Incident Manager is not just a technical role. The role is a strategic position that requires a blend of technical acumen, leadership skills, and business understanding to appropriately address incidents while maintaining customer engagement. This individual is critical in ensuring the organization's resilience against ever-evolving cyber threats.
This position requires approximately 35 hours of work per week and is eligible for a hybrid work arrangement (3 days onsite/ 2 days remote) after three months of employment.
Responsibilities
- Incident Leadership: The Cyber Incident Manager is responsible for taking command during cybersecurity events, orchestrating response efforts, and promptly addressing incidents. This involves quick decision-making, prioritizing tasks, and directing response teams effectively.
- Strategic Planning and Preparedness: Beyond reactive measures, this role demands proactive planning and preparedness. This includes developing, maintaining, and regularly updating incident response plans, ensuring the organization is equipped to handle various cyber incidents. It also involves conducting risk assessments and scenario planning (tabletop exercises) to anticipate potential threats and vulnerabilities.
- Coordination and Collaboration: The position requires extensive coordination with various internal departments (e.g., IT, Legal, HR, and public relations) and external entities (such as law enforcement, cybersecurity firms, and regulatory bodies). This coordination is crucial for a holistic approach to incident management, encompassing technical response, legal compliance, internal and external communications, and post-incident recovery.
- Technical Expertise and Analysis: The Cyber Incident Manager should deeply understand the cyber threat landscape, including the latest trends in cyber-attacks and defense strategies. They are expected to analyze incident patterns and weaknesses, offering insights that drive improvements in the organization’s cybersecurity posture.
- Stakeholder Engagement: Effective communication with stakeholders, including executive leadership, is a key aspect of this role. The Cyber Incident Manager must be able to translate complex technical incidents into understandable terms, advising on the impact, necessary actions, and implications for the business.
- Continuous Improvement and Learning: Post-incident analysis is a critical function. Learning from incidents to improve systems, processes, and training is essential. This role involves regularly reviewing and refining incident response strategies, staying informed about new technologies and methodologies in cybersecurity, and integrating these into the organization’s practices.
- Regulatory Compliance and Documentation: Ensuring that incident response activities adhere to legal and regulatory requirements is paramount. The Cyber Incident Manager maintains comprehensive records of incidents, responses, and outcomes for compliance purposes, audits, and continuous improvement.
- Risk Mitigation: By effectively managing cyber incidents, this role directly contributes to reducing the risk and impact of cyber threats on the organization.
- Operational Continuity: Ensuring rapid and efficient response to incidents minimizes downtime and maintains business operations, which is crucial for the organization’s success and reputation.
- Compliance and Trust: Adherence to compliance standards and effective incident handling enhances the organization's credibility and trust among clients, partners, and regulatory bodies.
Qualifications
- Bachelor's degree from four-year college or university.
- 3-5 years of related experience.
- Technical Skills: • Digital Forensics & Incident Response (DFIR)• Security Information and Event Management (SIEM) (e.g., Splunk, Sentinel, QRadar)• Intrusion Detection/Prevention Systems (IDS/IPS)• Endpoint Detection & Response (EDR) (e.g., CrowdStrike, Darktrace, SentinelOne)• Network Traffic Analysis & Packet Capture (Wireshark, etc.)• Malware Analysis & Reverse Engineering (basic to intermediate)• Log Correlation and Threat Hunting• Firewall, Proxy, and IDS Log Analysis (e.g., Fortinet, Meraki)• Threat Intelligence Integration and Analysis• Email Header and Phishing Analysis• Security Orchestration, Automation, and Response (SOAR) platforms (e.g., Palo Alto XSOAR, Swimlane)• Forensics Tools: EnCase, FTK, Autopsy, Volatility• Threat Intel Platforms: Recorded Future, ThreatConnect, MISP• Ticketing Systems: ZenDesk, ServiceNow, Jira, Remedy
- Framework Proficiency: • Incident Response Lifecycle (NIST SP 800-61, PICERL model)• Knowledge of MITRE ATT&CK Framework• Vulnerability Management & Prioritization• Disaster Recovery & Business Continuity Planning (e.g., DR/BC, BIA)• Risk Assessment & Gap Analysis• Change Control and Root Cause Analysis (RCA)
- Regulatory, Compliance, and Privacy Awareness: • HIPAA, PCI-DSS, NY SHIELD, GDPR, CCPA, CJIS, etc.• SOX ITGC Controls and Audit Support• Cyber Insurance (CLI) & Legal Considerations in Breach Response• Chain of Custody and Evidence Handling
- Leadership and Management Skills: • Relevant certifications (e.g., CISSP, CISM, GCIH, GCFA, CRISC).• Collaboration: Confluence, MS Teams, Slack, Monday.com, Telegram (war room coordination)• Strong leadership and decision-making.• Excellent communication and interpersonal skills.• Deep understanding of cybersecurity frameworks and standards.• Ability to work under pressure and handle crises effectively.
What We Offer
- Generous Medical, Dental, Vision Benefits
- TSA paid Life Insurance for Employees
- Additional life insurance options for employees
- On-site cafeteria
- Paid Time Off – Vacation, Sick, Personal day
- 403(b) retirement savings plan
- Non-contributory Pension Plan
- Professional Development
- Free, on-site Fitness Center
- Federal holidays
- Opportunities to give back and support our communities
All qualified applicants will receive consideration for employment without regard to race, color, sex, national origin, disability or protected veteran status.
- ...Director, Cyber Security Location: Montvale, NJ, Ogden, UT - Multiple locations (... ...lead our information security function, managing a cybersecurity team and overseeing the implementation... ...of strategic planning, risk assessment, incident response, and team management. Key...SuggestedFull timeWork from homeFlexible hours3 days per week
- ...the noise to reach and convert the best candidates. Our unified platform uses data and automated technology to help you efficiently manage applications and connect with quality talent - regardless of which recruitment systems you already use. Finally, all the pieces of...SuggestedFor contractors
$115k - $135k
...Position Overview The Privacy Manager is a member of the FUJIFILM Holdings America Corporation reporting to the Privacy Officer and Data... ...covering critical privacy topics. Support the Fujifilm’s incident and breach response program, ensuring timely intake, assessment...SuggestedRemote workFlexible hours- ...is hiring for the following full-time direct hire position. POSITION OVERVIEW As a Cyber Security Director , your roles and responsibilities will include: Management of a team of Cyber Security engineers Proficient in conducting risk vs business impact...SuggestedPermanent employmentFull timeFor contractorsRelocation
- Ampcus, Inc is looking for a seasoned Program Manager in White Plains, NY. This hybrid position involves overseeing IT initiatives, particularly in cybersecurity. The ideal candidate will have 8-10 years of project management experience, preferably with a focus on AI and...Suggested
$90k - $110k
...Technology, or related discipline, or equivalent practical experience. 3–5 years of experience in security operations, vulnerability management, or endpoint protection analysis. Exceptional communication and follow‑through—keeps others informed and initiates discussion...- Standing position, Full-Time, NYC Metro, Secret. The next role we open will be filled from the inbox. Reviewed by Founder's desk Quarterly Cybersecurity Analyst (SOC) About the role Monitor and respond to security events in our 24/7 SOC supporting federal and state government...Full timeContract work
- IT Custom Solution is seeking a Cybersecurity Analyst in New City, NY. The role involves monitoring and responding to security events in a 24/7 SOC supporting federal and state government clients. Candidates should have over 3 years of SOC/SIEM experience and relevant certifications...
$115k - $135k
...FUJIFILM Holdings America Corporation is seeking a Privacy Manager to oversee the organization’s enterprise privacy program and ensure compliance across various operations. The successful candidate will manage day-to-day privacy operations while developing policies and...Remote work- ...fashion. The Technical Support Engineer will also analyze and resolve software application issues and work closely with the Support Manager to ensure correct resolution. Candidates must be energetic possess a strong motivation to learn new technologies and provide...Work at officeRemote work
- Ampcus, Inc is seeking a Cyber Security Analyst in White Plains, NY, to protect digital assets through network security management. The role includes implementing Zero Trust models and managing firewalls and VPNs. Ideal candidates will have 3-5 years of experience in cybersecurity...
$110k - $130k
...Architects and Engineers in White Plains, NY is seeking a Senior Project Electrical Engineer to join our MEP team. This role involves managing and designing electrical systems for buildings, ensuring compliance with codes, and working collaboratively with a variety of...- Mavis Tire Supply in White Plains, NY is seeking a Network Infrastructure Engineer devoted to troubleshooting and managing a diverse network environment. You will ensure the security and performance of transport layers, handle carrier-grade circuits, and maintain cloud...Weekly pay
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cyber Incident Manager. Be the first to apply!

