Skip to main content
0

Sr Mgr CyberSecurity Incident Response

a person looking at a tablet
Apply Now
Share

Description

The Sr. Manager of Cybersecurity Incident Response & Insider Threat leads MACU’s enterprise-wide cyber incident response, digital forensics, and insider threat program. This role is responsible for preparing the organization to detect, respond to, and recover from cybersecurity incidents while protecting member data, intellectual property, and critical systems. In this highly visible leadership role, you will partner closely with Cybersecurity, IT, Legal, HR, Governance, Risk Management, and Executive Leadership to manage high-impact incidents, insider risk, and crisis situations. You will define response strategy, mature operational capabilities, and ensure the organization is resilient against both external attacks and internal misuse.

LOCATION: UTAH

9800 S. Monroe Street

Sandy, UT 84070

SCHEDULE: Full-Time hybrid in-office with some remote days

To be effective, an individual must be able to perform each job duty successfully.

Key Responsibilities

Incident Response & Crisis Management

  • Lead the enterprise cybersecurity incident response program, including preparation, detection, containment, eradication, and recovery activities.
  • Serve as the executive incident commander for high-severity cybersecurity events, coordinating technical teams, business stakeholders, and leadership.
  • Define and maintain incident response plans, playbooks, escalation models, and crisis communication procedures.
  • Conduct executive-level briefings during and after incidents, including post-incident reports, root cause analysis, and lessons learned.
  • Oversee breach investigations, digital forensics, and evidence preservation in coordination with Legal and Compliance.
  • Lead tabletop exercises, red/blue team simulations, and ransomware readiness scenarios.
  • Lead the organization’s brand protection efforts to safeguard reputation and identity.
  • Lead proactive threat-hunting initiatives to identify advanced threats, vulnerabilities, and anomalous activities across the enterprise environment.
  • Define and maintain incident response plans, playbooks, escalation models, and crisis communication procedures.

Insider Threat Program Leadership

  • Own and operate the enterprise Insider Threat Program, addressing malicious, negligent, and compromised insider risks.
  • Define insider threat detection, triage, investigation, and response processes across people, process, and technology.
  • Partner with HR, Legal, Privacy, and Risk Management teams to ensure investigations are lawful and appropriate.
  • Implement behavioral, technical, and contextual monitoring capabilities.
  • Establish governance, oversight, and separation of duties for insider investigations.

Security Operations & Capability Maturity

  • Collaborate with SOC leadership to enhance monitoring, alerting, and response automation.
  • Drive continuous improvement using metrics and maturity models.
  • Translate threat intelligence into actionable detection and response strategies.

Governance, Risk, and Compliance

  • Ensure alignment with regulatory frameworks including NCUA, FFIEC, and NIST.
  • Support audits, regulatory exams, and breach notification requirements.
  • Partner with Risk Management and Internal Audit to remediate gaps.

Leadership & Influence

  • Lead and mentor incident response and insider threat professionals.
  • Partner across IT, Digital Solutions, Legal, HR, Communications, and executives.
  • Act as a trusted advisor during high-impact and sensitive situations.

KNOWLEDGE, SKILLS, and ABILITIES

The requirements listed are representative of the knowledge, skills, and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions.

Education and Experience

  • 6+ years of experience in cybersecurity operations or incident response with progressive responsibility.
  • 5+ years in a leadership role responsible for cybersecurity operations or incident response.
  • Experience leading enterprise-scale incident response programs.
  • Financial services or regulated industry experience preferred.
  • Bachelor’s degree in a related discipline or equivalent experience required.

Licenses, Certifications, Registrations

  • CISSP strongly preferred.
  • GCIH, GCFA, CISM, CISA, or GIAC certifications highly desirable.

Other Skills and Abilities

  • Expertise in incident response and digital forensics.
  • Strong understanding of insider threat risk and investigations.
  • Executive-level communication and leadership under pressure.
  • Proven ability to balance security, privacy, and business needs.
  • Strategic thinking.
  • Problem-solving skills.
  • Verbal/written communication skills.
  • Leadership and talent management skills.
  • Public speaking skills.

PHYSICAL ABILITIES / WORKING CONDITIONS

Physical Demands
Ability to sit, talk and hear consistently

Vision Requirements
Close vision (clear vision at 20 inches or less)
Distance vision (clear vision at 20 feet or more)
Color vision (ability to identify and distinguish colors)

Weight Lifted or Force Exerted
Ability to lift up to 10 pounds frequently and up to 25 pounds occasionally

Environmental
There are no unusual environmental factors (such as a typical office)

Noise Environment
Moderate noise (business office with computers and printers, light traffic)

***This Job is not eligible to be performed in Colorado or Connecticut, either remotely or in-person.***

a group of people putting their hands together

Join our talent community

Create your profile to connect with our talent acquisition team. You will receive occasional emails about career opportunities that match your interest and skills.

Join now