Senior Cyber Defense Manager Incident Response

Lead the Cyber Incident Response Program

• Oversee the full incident response lifecycle: preparation identification containment eradication recovery and post-incident lessons learned (per NIST SP 800-61 or similar frameworks).
• Manage day-to-day incident response operations including triage investigation coordination forensic analysis and executive-level reporting.
• Develop maintain and regularly test incident response playbooks runbooks and escalation procedures.

Enhance Detection Capabilities

• Drive continuous improvement of threat detection engineering including tuning of SIEM rules EDR/XDR configurations threat intelligence integration and behavioral analytics.
• Collaborate with SOC threat hunting and security engineering teams to reduce false positives accelerate mean time to detect (MTTD) and respond (MTTR) and implement proactive detection use cases.
• Lead initiatives to mature internal blue-team capabilities across endpoints cloud identity network and email environments.

Manage MSSP Services Transition

• Lead the end-to-end transition of MSSP services from the current provider to the new partner including planning knowledge transfer contract/SLA alignment and cutover execution.
• Conduct due diligence on the new MSSP define transition success criteria and mitigate risks during handover (e.g. service continuity data migration access controls).
• Establish governance for the new MSSP relationship including performance monitoring regular service reviews incident handoff protocols and continuous improvement feedback loops.
• Ensure the transition strengthens rather than disrupts detection and response effectiveness.

Team Leadership & Development

• Build mentor and lead a high-performing incident response team (internal analysts responders and cross-functional partners).
• Provide performance management career development and technical coaching to team members.
• Foster a culture of continuous learning tabletop exercises red/blue team simulations and post-incident reviews.
• Stakeholder Collaboration & Reporting
• Serve as the primary point of contact for major incidents briefing executive leadership legal compliance and external regulators as needed.
• Coordinate with IT legal risk business units and external partners (e.g. law enforcement forensics firms) during incidents.
• Produce executive-level reports on incident trends program maturity detection improvements and transition status.

Program Maturity & Compliance

• Align incident response practices with industry standards (NIST ISO 27001 MITRE ATT&CK etc.) and regulatory requirements.
• Drive metrics-driven improvements and maturity assessments for the IR program.
• Contribute to enterprise-wide security initiatives including vulnerability management threat intelligence and security awareness.

Qualifications :

Required:

• 10 years of progressive experience in cybersecurity with at least 5 years in incident response digital forensics or security operations leadership roles.
• Proven experience leading cyber incident response teams and managing complex high-impact incidents.
• Demonstrated success in vendor/MSSP transitions or outsourcing handovers in a cybersecurity context.
• Strong understanding of detection technologies (SIEM EDR/XDR SOAR threat intelligence platforms) and experience improving detection efficacy.
• Bachelors degree in Cybersecurity Computer Science Information Systems or a related field (Masters preferred).
• Relevant certifications such as CISSP CISM GIAC GCFA/GCIH/GCTI or similar.

Preferred:

• Experience in a regulated industry (e.g. finance healthcare critical infrastructure).
• Hands-on technical experience with tools such as Splunk Elastic CrowdStrike Microsoft Defender Sentinel or similar.
• Prior experience building or maturing an internal SOC/IR function while reducing MSSP dependency. Skills & Competencies
• Exceptional leadership communication and stakeholder management skills able to translate technical details for non-technical audiences.
• Strong project/program management abilities especially in high-stakes transitions. Analytical mindset with experience in root cause analysis and threat hunting.
• Ability to thrive in a fast-paced high-pressure environment with on-call responsibilities.
• Strategic thinker focused on long-term program maturity and risk reduction.

Additional Information :

Boyd Gaming is proud to be an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race color sex age national origin religion sexual orientation gender identity status as a veteran and basis of disability or any other federal state or local protected class.

Boyd Gaming is proud to be an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race color sex age national origin religion sexual orientation gender identity status as a veteran and basis of disability or any other federal state or local protected class.

Remote Work :

No

Employment Type :

Full-time