Sr. Cyber Defense Manager - Incident Response


Link Technologies
Dice Job Match Score™
📋 Comparing job requirements...
Job Details
Skills
- IT Consulting
- Recovery
- NIST SP 800 Series
- Analytics
- Security Engineering
- MEAN Stack
- Use Cases
- Cloud Computing
- Network
- Knowledge Transfer
- SLA
- Due Diligence
- Data Migration
- Access Control
- Performance Monitoring
- Continuous Improvement
- Team Leadership
- Mentorship
- Performance Management
- Coaching
- Collaboration
- Reporting
- Legal
- Law Enforcement
- Forensics
- Regulatory Compliance
- ISO/IEC 27001:2005
- Vulnerability Management
- Security Awareness
- Digital Forensics
- Security Operations
- Incident Management
- Management
- Outsourcing
- SIEM
- Threat Analysis
- Cyber Security
- Computer Science
- Information Systems
- CISSP
- CISM
- Finance
- Health Care
- Splunk
- Microsoft
- System On A Chip
- International Relations
- Investor Relations
- Information Retrieval
- Leadership
- Communication
- Stakeholder Management
- Program Management
- Analytical Skill
- Root Cause Analysis
- Law
Summary
- JOB-7706
- Sr. Cyber Defense Manager - Incident Response
- LAS VEGAS, NV
- Link Technologies (LinkTechConsulting.com), a Las Vegas-based IT consulting firm, is currently seeking a Senior Cyber Defense Manager - Incident Response to join our team in Las Vegas, NV for Perm opportunity.
Job Description
Lead the Cyber Incident Response Program
- Oversee the full incident response lifecycle: preparation, identification, containment, eradication, recovery, and post-incident lessons learned (per NIST SP 800-61 or similar frameworks).
- Manage day-to-day incident response operations, including triage, investigation coordination, forensic analysis, and executive-level reporting.
- Develop, maintain, and regularly test incident response playbooks, runbooks, and escalation procedures.
Enhance Detection Capabilities
- Drive continuous improvement of threat detection engineering, including tuning of SIEM rules, EDR/XDR configurations, threat intelligence integration, and behavioral analytics.
- Collaborate with SOC, threat hunting, and security engineering teams to reduce false positives, accelerate mean time to detect (MTTD) and respond (MTTR), and implement proactive detection use cases.
- Lead initiatives to mature internal blue-team capabilities across endpoints, cloud, identity, network, and email environments.
Manage MSSP Services Transition
- Lead the end-to-end transition of MSSP services from the current provider to the new partner, including planning, knowledge transfer, contract/SLA alignment, and cutover execution.
- Conduct due diligence on the new MSSP, define transition success criteria, and mitigate risks during handover (e.g., service continuity, data migration, access controls).
- Establish governance for the new MSSP relationship, including performance monitoring, regular service reviews, incident handoff protocols, and continuous improvement feedback loops.
- Ensure the transition strengthens rather than disrupts detection and response effectiveness.
Team Leadership & Development
- Build, mentor, and lead a high-performing incident response team (internal analysts, responders, and cross-functional partners).
- Provide performance management, career development, and technical coaching to team members.
- Foster a culture of continuous learning, tabletop exercises, red/blue team simulations, and post-incident reviews.
- Stakeholder Collaboration & Reporting
- Serve as the primary point of contact for major incidents, briefing executive leadership, legal, compliance, and external regulators as needed.
- Coordinate with IT, legal, risk, business units, and external partners (e.g., law enforcement, forensics firms) during incidents.
- Produce executive-level reports on incident trends, program maturity, detection improvements, and transition status.
Program Maturity & Compliance
- Align incident response practices with industry standards (NIST, ISO 27001, MITRE ATT&CK, etc.) and regulatory requirements.
- Drive metrics-driven improvements and maturity assessments for the IR program.
- Contribute to enterprise-wide security initiatives, including vulnerability management, threat intelligence, and security awareness.
Qualifications
Required:
- 10+ years of progressive experience in cybersecurity, with at least 5+ years in incident response, digital forensics, or security operations leadership roles.
- Proven experience leading cyber incident response teams and managing complex, high-impact incidents.
- Demonstrated success in vendor/MSSP transitions or outsourcing handovers in a cybersecurity context.
- Strong understanding of detection technologies (SIEM, EDR/XDR, SOAR, threat intelligence platforms) and experience improving detection efficacy.
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field (Master's preferred).
- Relevant certifications such as CISSP, CISM, GIAC GCFAIHTI, or similar.
Preferred:
- Experience in a regulated industry (e.g., finance, healthcare, critical infrastructure).
- Hands-on technical experience with tools such as Splunk, Elastic, CrowdStrike, Microsoft Defender, Sentinel, or similar.
- Prior experience building or maturing an internal SOC/IR function while reducing MSSP dependency. Skills & Competencies
- Exceptional leadership, communication, and stakeholder management skills - able to translate technical details for non-technical audiences.
- Strong project/program management abilities, especially in high-stakes transitions. Analytical mindset with experience in root cause analysis and threat hunting.
- Ability to thrive in a fast-paced, high-pressure environment with on-call responsibilities.
- Strategic thinker focused on long-term program maturity and risk reduction.
Link Technologies is an equal opportunity employer. All qualified applicants will receive consideration for employment without discrimination based on race, color, religion, sex, gender identity/expression, sexual orientation, national origin, protected veteran status, disability, or any other factors protected by law.
- Dice Id: linktech
- Position Id: JOB-7706
- Posted 22 hours ago
Company Info
Founded in 2000, Link Technologies is a certified SDB, DBE, WOSB, and 8(a) Graduate company delivering customized IT and cybersecurity solutions to top commercial, government and hospitality clients. Specializing in infrastructure development, PCI compliance, QSA audits, and end-to-end project management, Link Technologies provides cost-effective, scalable solutions that align with their core values: Client Focus, Quality, and Satisfaction.
Link Technologies provides highly qualified professionals to take care of evolving client need in an industry with rigorous standards, enabling organizations to focus on what matters most: their core business. We operate our own fully managed Network Operations Center (NOC) and Security Operations Center (SOC), providing around-the-clock monitoring, SIEM services, and Tier 1 & 2 Help Desk support—all managed in-house to ensure quality, accountability, and rapid response.
Quality isn’t an add-on: it’s a standard. At Link Technologies, we believe every engagement, no matter how complex, should be executed with precision and consistency. The Link Technologies team is committed to delivering exceptional results the first time, every time. This commitment to quality is the foundation of our continued success and the driving force behind everything we do


Similar Jobs
It looks like there aren't any Similar Jobs for this job yet.
Search all similar jobs