We are seeking a highly skilled and strategic Cyber Security Incident Response & Threat Intelligence Manager to lead our security operations function. This role combines proactive threat intelligence with advanced incident response leadership, requiring a candidate who can anticipate emerging threats, drive strategic defenses, and lead teams through high-stakes cyber incidents.
The ideal candidate will oversee security monitoring and response capabilities, guide a team of analysts and responders, and partner cross-functionally to strengthen the organization’s security posture.
Incident Response Leadership
Lead and manage end-to-end response efforts during active cyber incidents, including detection, containment, eradication, and recovery
Serve as incident commander for high-severity events, ensuring timely decision-making and stakeholder communication
Oversee deep-dive forensic investigations to determine root cause, scope, and business impact
Coordinate cross-functional response efforts with IT, Legal, Compliance, and business stakeholders
Establish, maintain, and continuously improve incident response playbooks, processes, and escalation protocols
Present post-incident findings, lessons learned, and risk mitigation plans to senior leadership
Threat Intelligence Strategy & Oversight
Lead the development and execution of the organization’s threat intelligence strategy
Oversee research and tracking of global threat actors, campaigns, and emerging attack techniques
Don't want to miss the next one?
Subscribe to daily email alerts for roles matching your interests.
Develop metrics and KPIs to measure program effectiveness and maturity
Support budget planning and resource allocation for security operations
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
12+ years of experience in incident response, threat intelligence, or security operations, with leadership experience preferred
Proven experience leading incident response efforts and managing high-impact security events
Strong understanding of attacker methodologies, malware analysis, and intrusion techniques
Experience mapping adversary behaviors to MITRE ATT&CK or similar frameworks
Demonstrated ability to communicate complex security concepts to both technical and executive audiences
Technical Expertise
Hands-on experience with Endpoint Detection & Response (EDR) tools such as:
CrowdStrike Falcon
SentinelOne
Microsoft Defender for Endpoint
- Experience with NDR/XDR platforms, including:
ExtraHop
Cisco XDR
Deep familiarity with SIEM platforms, log analysis, and security monitoring tools
Strong knowledge of networking protocols, operating systems, and cloud security concepts
Experience driving detection engineering and threat hunting programs
Operational Expectations
Lead on-call rotation strategy and provide escalation support for critical incidents
Ensure rapid and effective response to high-severity threats and vulnerabilities
Maintain strong situational awareness of the evolving threat landscape
Collaborate with internal leadership and external stakeholders during security events
Foster a culture of continuous improvement and operational resilience
Preferred Qualifications
Relevant certifications (e.g., CISSP, GCIA, GCIH, GCFA, or equivalent)
Experience with scripting or automation (Python, PowerShell)
Background in threat hunting, malware analysis, or digital forensics
Experience building or scaling security operations or incident response programs
Offers of employment are conditional upon passage of screening criteria applicable to the job
EEO Statement
Integrated into our shared values is NCR Voyix’s commitment to equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment.
Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes
“When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.”
Similar roles you might like
More openings like this one — take a look before you go.