Job Description

We are seeking a Cybersecurity Incident Lead to lead the coordination, execution, and continuous improvement of our security incident response program. This role is responsible for ensuring security incidents are identified, triaged, contained, communicated, and learned from effectively across a complex, multi-business-unit environment.

The Incident Manager will act as the central operational leader during security incidents, bridging Security Operations, IAM, Engineering, Legal, Communications, and business stakeholders. This role is critical to reducing response time, limiting business impact, and improving organizational resilience against recurring threats such as social engineering, identity abuse, and cloud exposure.

Key Responsibilities

Incident Response Investigation & Leadership

• Serve as the primary incident coordinator for cybersecurity events, including social engineering, identity compromise, data exposure, and cloud security incidents.

• Lead incident triage, severity assessment, and escalation to ensure the right stakeholders are engaged quickly.

• Investigate and analyze: examine data from active and historical cases to uncover attack vectors, root causes, and emerging threats. Lead investigations to drive actionable findings and inform response strategies.

• Coordinate containment, eradication, and recovery activities across Security Operations, IAM, SecEng, IT, and business units. Ensure after action reviews are conducted and follow-on plans are implemented.

• Maintain IR playbooks, escalation paths, and communication templates.

• Ensure incidents are handled consistently, efficiently, and in accordance with established response playbooks.

Executive & Stakeholder Communication

• Own incident communications, including:

• Situation updates during active incidents

• Clear post-incident summaries

• Executive briefings

• Translate technical findings into business impact, risk, and decision-oriented messaging.

• Contribute to recurring security reporting by incorporating incident trends, metrics, and lessons learned.

Program Maturity & Readiness

• Help mature the organization’s incident management framework, including:

• Incident severity models

• Roles and responsibilities

• On-call and escalation procedures

• Lead tabletop exercises and simulations focused on high-risk scenarios such as:

• Social engineering and identity abuse

• Data exposure involving public or regulated datasets

• Cloud misconfiguration and multi-tenant impact

Qualifications

• 5-8 Years of Experience managing or coordinating the full lifecycle of security incidents in an enterprise environment.

• Proven ability to lead through influence across technical and non-technical teams.

• Excellent written and verbal communication skills and experience briefing senior leadership.

• Experience with security tooling to include but not limited to SIEM, EDR, IAM platforms, cloud security, DSPM tools, and ticketing systems.

• Strong understanding of security operations workflows, attack techniques, and mitigation strategies.

• Calm, structured decision-making under pressure.

Preferred

• Experiencing building or maturing incident response programs in distributed, multi-org companies.

• Experience using automation to improve incident workflows, response consistency, and follow-through.

• Familiarity with regulatory or privacy considerations in media, healthcare, or regulated environments.

Why This Role Matters

• By centralizing incident leadership and improving communication, the Incident Manager will help the organization:

• Reduce the impact of security incidents

• Prevent repeat failures

• Improve executive confidence in security operations

• Turn incidents into actionable improvements, not one-off fire drills

In accordance with applicable law, Hearst is required to include a reasonable estimate of the compensation for this role if hired in New York City. The reasonable estimate, if hired in New York City, is $160,000-$170,000. Please note this information is specific to those hired in New York City. If this role is open to candidates outside of New York City, the salary range would be aligned to that specific location. A final decision on the successful candidate’s starting salary will be based on a number of permissible, non-discriminatory factors, including but not limited to skills and experience, training, certifications, and education. Hearst provides a competitive benefits package, including medical, dental, vision, disability and life insurance, 401(k), paid holidays and paid time off, employee assistance programs, and more.

Hearst is a leading global, diversified information, services, and media company dedicated to innovating, informing audiences and leading with purpose, integrity and a culture of care.


Our portfolio includes more than 360 businesses worldwide. On the consumer side, we operate 35 television stations, 28 daily newspapers and publish more than 200 magazine editions featuring many of the most iconic brands in media. We also hold ownership stakes in leading cable networks such as A&E, HISTORY, Lifetime and ESPN. On the business-to-business side, our companies include Fitch Group, a global leader in financial information and analytics; Hearst Health, which provides intelligence and software that improve care outcomes; and Hearst Transportation, which delivers data and software for aviation, automotive and trucking.

Our strength lies in our people. We value the diverse perspectives that move us forward. We are an Equal Opportunity Employer and makes employment decisions without regard to race, color, religion, national origin, sex or gender, sexual orientation, gender identity, gender expression, age, disability, military or veteran status or any other status protected by federal, state, or local law. We also provide reasonable accommodations to applicants and employees consistent with applicable law.