Cyber Security Incident Response Team Manager

"I can be myself at work."

You are more than a job title. We want you to feel comfortable doing great work and bringing your best, authentic self to everything you do. We value your talents, traditions, and uniqueness-and we're committed to fostering a strong sense of belonging in a respectful workplace.

We intentionally seek diverse perspectives, experiences, and backgrounds, investing in a culture designed to celebrate differences. We believe that belonging leads to better outcomes and a stronger community of associates united by our mission. At Capital, we live our core values every day: Integrity, Client Focus, Diverse Perspectives, Long-Term Thinking, and Community.

"I can influence my income."

You want to feel recognized at work. Your performance will be reviewed annually, and your compensation will be designed to motivate and reward the value that you provide. You'll receive a competitive salary, bonuses and benefits. Your company-funded retirement contribution will factor in salary and variable pay, including bonuses.

"I can lead a full life."

You bring unique goals and interests to your job and your life. Whether you're raising a family, you're passionate about where you volunteer, or you want to explore different career paths, we'll give you the resources that can set you up for success.

• Enjoy generous time-away and health benefits from day one, with the opportunity for flexible work options

• Receive 2-for-1 matching gifts for your charitable contributions and the opportunity to secure annual grants for the organizations you love

• Access on-demand professional development resources that allow you to hone existing skills and learn new ones

"I can succeed as a Cyber Security Incident Response Team Manager at Capital Group."

We are seeking a highly technical and hands-on Incident Response Manager to lead our 24/7 global team of analysts responsible for monitoring, detecting, and responding to cybersecurity incidents. This role combines leadership, technical expertise, and operational excellence in a fast-paced environment. You will manage incident response activities, enforce playbooks and policies, and serve as a point of escalation during critical events.

The ideal candidate is a strong leader with advanced technical skills, coding ability, and experience in security operations and incident response. You will work closely with cybersecurity leadership, IT, and business stakeholders to ensure incidents are prioritized, investigated, and remediated effectively.

"I am the person Capital Group is looking for."

• Lead and mentor a globally distributed team of security analysts and engineers responsible for initial detection, triage, containment, and advanced investigation of security incidents.

• Serve as incident commander and escalation point for high-severity incidents, including ransomware, account compromise, phishing, and data leakage.

• Architect and automate Integrate AI/ML-driven threat detection and behavioral analytics into IR processes. Design incident response workflows using SOAR platforms and custom scripting (Python, PowerShell, Bash, etc.) to improve mean time to respond (MTTR).

• Implement and enforce IR playbooks, policies, and best practices aligned with NIST and MITRE ATT&CK frameworks.

• Coordinate cross-functional response with IT, developers, legal, privacy, and business continuity teams.

• Analyze and prioritize complex incidents, ensuring adherence to SLAs and regulatory/privacy requirements.

• Continuously improve detection, response, and reporting processes through metrics, trends, KPIs, KRI's and post-incident reviews

• Conduct tabletop exercises and oversee vulnerability and penetration testing assessments to identify gaps.

• Stay current with emerging threats, attacker TTPs, and integrate threat intelligence into response strategies.

• Foster a culture of learning and technical excellence, supporting team certifications and hands-on development.

Qualifications:

• 7+ years in cybersecurity (SOC and IR), including 3+ years in a leadership role.

• Bachelor's degree in Cybersecurity, Computer Science, or related field preferred.

• Certifications such as GCIH, GCFA, GCFE, CISSP, OSCP, or equivalent highly desirable.

• Proven ability to lead distributed teams under pressure and in high-stakes environments.

• Hands-on coding in Python (preferred), PowerShell, Bash, or similar languages.

• Proven expertise with traditional and Next-Generation SIEM platforms such as Splunk, Sentinel, QRadar, Exabeam, and CrowdStrike Falcon.

• Strong proficiency in SQL and query optimization across modern data lake platforms (e.g., Snowflake, Databricks, Azure Data Lake).

• Familiarity with Cribl LogStream, data normalization, and enrichment strategies for high-fidelity alerting.

• Advanced knowledge of attacker methods (escalation, lateral movement, TTPs).

• Familiarity with cloud IR (AWS, Azure) and hybrid environments.

• Strong understanding of forensic analysis, malware reverse engineering, and threat hunting.

• Exceptional organizational, communication, and decision-making abilities.

• Proven ability to foster team well-being, prevent burnout, and support professional growth.

• Ability to remain calm under pressure and manage team well-being.

• Experience in building dashboards, metrics, and reporting frameworks.

"I can apply in less than 4 minutes."

You've reviewed this job posting and you're ready to start the candidate journey with us. Apply now to move to the next step in our recruiting process. If this role isn't what you're looking for, check out our other opportunities and join our talent community.

"I can learn more about Capital Group."

At Capital Group, the success of the people who invest with us depends on the people in whom we invest. That's why we offer a culture, compensation and opportunities that empower our associates to build successful and prosperous careers. Through nine decades, our goal has been to improve people's lives through successful investing. We know that our history is a testament to the strength of the people we hire. More than 9,000 associates in 30+ offices around the world help our clients and each other grow and thrive every day. Find us on LinkedIn, Instagram, YouTube and Glassdoor.

In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital's annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings.

You can learn more about our compensation and benefits here.

* Temporary positions in the United States are excluded from the above mentioned compensation and benefit plans.

We are an equal opportunity employer, which means we comply with all federal, state and local laws that prohibit discrimination when making all decisions about employment. As equal opportunity employers, our policies prohibit unlawful discrimination on the basis of race, religion, color, national origin, ancestry, sex (including gender and gender identity), pregnancy, childbirth and related medical conditions, age, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, citizenship status, AIDS/HIV status, political activities or affiliations, military or veteran status, status as a victim of domestic violence, assault or stalking or any other characteristic protected by federal, state or local law.