← Back to Jobs
Other
Sr. Cyber Defense Manager - Incident Response
Link TechnologiesLas Vegas, NV🇺🇸United StatesPosted 6 Jul 2026
Quick Overview
Work Type
Hybrid
Level
Mid Senior
Job Description
- JOB-7706
- Sr. Cyber Defense Manager - Incident Response
- LAS VEGAS, NV
- Link Technologies (LinkTechConsulting.com), a Las Vegas-based IT consulting firm, is currently seeking a Senior Cyber Defense Manager - Incident Response to join our team in Las Vegas, NV for Perm opportunity.
Job Description
Lead the Cyber Incident Response Program
- Oversee the full incident response lifecycle: preparation, identification, containment, eradication, recovery, and post-incident lessons learned (per NIST SP 800-61 or similar frameworks).
- Manage day-to-day incident response operations, including triage, investigation coordination, forensic analysis, and executive-level reporting.
- Develop, maintain, and regularly test incident response playbooks, runbooks, and escalation procedures.
Enhance Detection Capabilities
- Drive continuous improvement of threat detection engineering, including tuning of SIEM rules, EDR/XDR configurations, threat intelligence integration, and behavioral analytics.
- Collaborate with SOC, threat hunting, and security engineering teams to reduce false positives, accelerate mean time to detect (MTTD) and respond (MTTR), and implement proactive detection use cases.
- Lead initiatives to mature internal blue-team capabilities across endpoints, cloud, identity, network, and email environments.
Manage MSSP Services Transition
- Lead the end-to-end transition of MSSP services from the current provider to the new partner, including planning, knowledge transfer, contract/SLA alignment, and cutover execution.
- Conduct due diligence on the new MSSP, define transition success criteria, and mitigate risks during handover (e.g., service continuity, data migration, access controls).
- Establish governance for the new MSSP relationship, including performance monitoring, regular service reviews, incident handoff protocols, and continuous improvement feedback loops.
- Ensure the transition strengthens rather than disrupts detection and response effectiveness.
Team Leadership & Development
- Build, mentor, and lead a high-performing incident response team (internal analysts, responders, and cross-functional partners).
- Provide performance management, career development, and technical coaching to team members.
- Foster a culture of continuous learning, tabletop exercises, red/blue team simulations, and post-incident reviews.
- Stakeholder Collaboration & Reporting
- Serve as the primary point of contact for major incidents, briefing executive leadership, legal, compliance, and external regulators as needed.
- Coordinate with IT, legal, risk, business units, and external partners (e.g., law enforcement, forensics firms) during incidents.
- Produce executive-level reports on incident trends, program maturity, detection improvements, and transition status.
Program Maturity & Compliance
- Align incident response practices with industry standards (NIST, ISO 27001, MITRE ATT&CK, etc.) and regulatory requirements.
- Drive metrics-driven improvements and maturity assessments for the IR program.
- Contribute to enterprise-wide security initiatives, including vulnerability management, threat intelligence, and security awareness.
Qualifications
Required:
- 10+ years of progressive experience in cybersecurity, with at least 5+ years in incident response, digital forensics, or security operations leadership roles.
- Proven experience leading cyber incident response teams and managing complex, high-impact incidents.
- Demonstrated success in vendor/MSSP transitions or outsourcing handovers in a cybersecurity context.
- Strong understanding of detection technologies (SIEM, EDR/XDR, SOAR, threat intelligence platforms) and experience improving detection efficacy.
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field (Master's preferred).
- Relevant certifications such as CISSP, CISM, GIAC GCFAIHTI, or similar.
Preferred:
- Experience in a regulated industry (e.g., finance, healthcare, critical infrastructure).
- Hands-on technical experience with tools such as Splunk, Elastic, CrowdStrike, Microsoft Defender, Sentinel, or similar.
- Prior experience building or maturing an internal SOC/IR function while reducing MSSP dependency. Skills & Competencies
- Exceptional leadership, communication, and stakeholder management skills - able to translate technical details for non-technical audiences.
- Strong project/program management abilities, especially in high-stakes transitions. Analytical mindset with experience in root cause analysis and threat hunting.
- Ability to thrive in a fast-paced, high-pressure environment with on-call responsibilities.
- Strategic thinker focused on long-term program maturity and risk reduction.
Link Technologies is an equal opportunity employer. All qualified applicants will receive consideration for employment without discrimination based on race, color, religion, sex, gender identity/expression, sexual orientation, national origin, protected veteran status, disability, or any other factors protected by law.
Skills
Splunk
Compliance
Continuous Improvement
Due Diligence
Performance Management
Root Cause Analysis
Stakeholder Management
Triage
Similar jobs
TECHNICAL PRODUCT LEAD
Connect Tech+Talent · United States
59 minutes agoOracle Order
StratEdge It consulting INC · Sunnyvale, United States
59 minutes agoLMS Administration & Training Operations
Innovecture · United States
1 hour agoSenior Trading Analyst
Vistra Corp · Irving, United States
1 hour agoInformation Assurance Systems Administrator
Booz Allen Hamilton · Leavenworth, United States
1 hour ago$61.9k - $141k/yrTechnical Project Lead
Seek Thermal · Santa Barbara, United States
2 hours ago