Detection and Response Manager

PNC

Detection and Response Manager overseeing the security incident response lifecycle for Tempus Technologies. Responsible for 24/7 SOC operations and driving improvements in security posture.

Posted 6/16/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $100,100 - $223,080 per yearWebsite

Tech Stack

Tools & technologies

CloudCyber SecurityServiceNowSplunk

About the role

Key responsibilities & impact

Lead day‑to‑day Detection and Response activities, ensuring timely detection, triage, investigation, and response to security events.
Ensure 24/7 incident response readiness by maintaining and managing the on‑call rotation, including scheduling, escalation paths, and service‑level expectations.
Serve as the owner for incident response execution, including initial containment, escalation, incident declaration, and forensic coordination.
Act as the primary technical lead and liaison during high‑severity incidents, collaborating with Infrastructure, Engineering, Legal, and Executive leadership.
Oversee the development, tuning, and continuous improvement of SIEM detections, alerting logic, and correlation rules.
Drive integration of internal and external Threat Intelligence to enhance visibility and detection capabilities.
Produce operational metrics and performance reporting focused on detection coverage, MTTD/MTTR, case handling quality, and tooling efficacy.
Evaluate and implement new technologies, integrations, and automation opportunities to reduce manual workload and enhance response capabilities.
Own and maintain incident response playbooks, SOPs, escalation paths, and response frameworks.
Ensure regulatory, contractual, and internal stakeholder notifications are initiated and documented when required.
Manage post-incident activities, including after-action reviews, corrective actions, and measurable improvements.
Lead readiness activities such as tabletop exercises, red/blue/purple team scenarios, and simulation‑based training.
Ensure incident response posture aligns with organizational risk appetite, audit requirements, and industry best practices.
Direct and mentor analysts in investigations, incident handling, and operational processes.
Execute staffing decisions, performance evaluations, onboarding, and the professional development pipeline for analysts.
Identify operational gaps and recommend technical or process improvements to mature the detection and response program.
Champion a culture of continuous improvement, documentation discipline, and analytical excellence.

Requirements

What you’ll need

Bachelor's degree in Computer Science, Information Security, Engineering, or a related field (or equivalent experience).
CCSP, CISSP, GCIA, GCIH, GCFA, CySA+ or equivalent certifications.
5+ years of experience leading security operations, incident response, digital forensics, or security engineering.
Demonstrated ability to lead incident response activities from detection through containment, eradication, recovery, and post incident review.
Experience performing root cause analysis, log analysis, and threat investigation.
Exposure to compliance frameworks such as PCI DSS, SOC 2, HIPAA, and FedRAMP.
Strong understanding of cybersecurity fundamentals, including networking, operating systems, endpoint security, cloud security, and identity access management.
Hands-on experience with SIEM platforms (e.g., Elastic, Splunk), EDR tools, IDP/IPS, and other monitoring technologies.
Expertise with incident handling methodologies and frameworks such as NIST 800 61, ISO 27035, and MITRE ATT&CK.
Proficiency in incident management tools and ticketing systems (e.g., Jira, ServiceNow).
Excellent ability to translate technical details into clear, actionable communication for both technical and non-technical stakeholders.
Strong communication and interpersonal skills with the ability to manage stressful situations.
Strong organizational skills with the ability to prioritize and manage multiple concurrent incidents and tasks.
Excellent problem-solving, analytical, and decision-making skills.

Benefits

Comp & perks

medical/prescription drug coverage (with a Health Savings Account feature)
dental and vision options
employee and spouse/child life insurance
short and long-term disability protection
401(k) with PNC match
pension and stock purchase plans
dependent care reimbursement account
back-up child/elder care
adoption, surrogacy, and doula reimbursement
educational assistance, including select programs fully paid
a robust wellness program with financial incentives
maternity and/or parental leave
up to 11 paid holidays each year
9 occasional absence days each year, unless otherwise required by law
between 15 to 25 vacation days each year, depending on career level; and years of service

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident responsedigital forensicsroot cause analysislog analysisthreat investigationcybersecurity fundamentalsincident handling methodologiesperformance reportingautomationcontinuous improvement

Soft Skills

leadershipcommunicationinterpersonal skillsorganizational skillsproblem-solvinganalytical skillsdecision-makingstress managementmentoringcollaboration

Certifications

CCSPCISSPGCIAGCIHGCFACySA+