A global enterprise is seeking a Senior Incident Response Manager to lead strategic and operational efforts in detecting, responding to, and mitigating cyber threats across its North American business operations. This role will oversee all stages of incident response — from triage and containment to recovery and post-incident analysis — while continuously improving the organization’s blue-team maturity and detection capabilities.
The ideal candidate will combine strong technical skills in threat detection, forensics, and vulnerability management with the leadership ability to guide cross-functional response efforts and enhance security resilience across multiple environments.
Lead enterprise-wide incident response, coordinating internal and external stakeholders to manage active threats and communicate with executive leadership.
Design and tune detection systems using SIEM, SOAR, and XDR technologies aligned with the MITRE ATT&CK framework.
Conduct proactive threat hunting, digital forensics, and malware analysis to uncover adversarial activity and strengthen defenses.
Manage vulnerability and exposure programs, including enterprise scanning, patch governance, and adherence to configuration standards such as CIS benchmarks.
Develop and maintain incident response playbooks and automation workflows.
Execute tabletop and purple-team exercises to improve preparedness.
Drive phishing defense, email authentication (SPF, DKIM, DMARC), and identity protection initiatives.
Partner with IT teams to implement secure baselines and ensure timely remediation of findings.
Provide regular reporting on incident trends, metrics, and readiness posture.
Bachelor’s degree in Computer Science, Information Technology, or related field (Master’s preferred).
5–7 years of cybersecurity experience with a focus on incident response, detection engineering, and forensics in mature enterprise environments.
Expertise with SIEM, XDR, SOAR, and endpoint protection tools (e.g., Microsoft Sentinel, Splunk, Defender, Mimecast).
Strong understanding of authentication and identity security controls, email protection, and vulnerability management solutions.
Familiarity with frameworks such as NIST, ISO, and CIS.
Excellent communication and decision-making skills; capable of leading during high-pressure security events.
Approximately 20% travel (domestic and international).
nexus IT group is a leading IT staffing agency and direct placement firm. Since 2010, nexus IT group was founded on a simple idea: job searches should simple, fun, and educational. Today, more than 1000+ customers in every large city in the United States use nexus IT group to transform the way they attract, engage, and delight tech candidates. nexus IT group is headquartered in Overland Park, KS and has been recognized for our culture and one of the fastest growing companies. Learn more at www.nexusITgroup.com and lets start finding you quality IT candidates.
