Senior Manager, Incident Response

Role Purpose

The Senior Manager of Incident Response is the leader responsible for Dover Corporations global incident detection and response capabilities. This role provides strategic direction and operational leadership for a globally distributed incident responsible team tasked with protecting Dover Corporation and its Operating Companies (OpCos).

Serving as the primary incident commander during significant security events this leader ensures disciplined execution and clear executive decision support. The role combines deep technical expertise in digital forensics and incident response (DFIR) with executive presence sound judgement and composure under pressure.

A critical component of this position is maintaining alignment with US International Traffic in Arms Regulations (ITAR) and Cybersecurity Maturity Model Certification (CMMC) requirements reinforcing our commitment to operational resilience regulatory rigor and risk-informed governance.

Key Responsibilities:

Lead mentor and scale a 24/7 global response team overseeing talent strategy performance management and professional development to deliver a high-performance culture grounded in technical excellence accountability continuous learning and rapid disciplined execution.

Serve as the primary incident commander for significant and enterprise-impacting security events. Direct and coordinate cross-functional response efforts across IT Legal HR Communications executive leadership and external partners to ensure rapid containment recovery and resolution.

Own and continuously improve incident response processes to ensure adherence to ITAR data sovereignty requirements and CMMC Level 1-3 requirements.

Ensure accurate defensible incident reporting documentation and audit readiness aligned with regulatory and legal expectations.

Define and execute the long-term incident response strategy and roadmap including the adoption of advanced Security Orchestration Automation & Response (SOAR) capabilities and Extended Detection & Response (XDR) frameworks.

Drive measurable improvements in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through process optimization tooling and skills development.

Develop maintain and mature incident response plans playbooks and tabletop exercises to ensure organizational readiness across global business units.

Lead post-incident reviews and translate lessons learned into actionable improvements controls processes and response capabilities.

Translate complex technical findings into clear concise risk-based reports for C-Suite during and following significant security events.

Serve as a trusted advisor to senior leadership on response readiness cyber resilience and incident risk posture.

Oversee proactive threat hunting initiatives and integrate tactical threat intelligence into the incident lifecycle.

Advance the organization from reactive response to predictive data-driven defense.

Qualifications

10 years of progressive experience in Cyber Security within a large-scale global enterprise.

5 years in a dedicated incident response leadership role.

Professional certifications such as CISSP GCIH GCFA or CISM are highly desirable.

Bachelors degree in computer science Cyber Security or a related field. A masters degree is a plus.

Demonstrated experience managing security operations within ITAR-controlled environments.

Strong working knowledge of CMMC frameworks compliance and response requirements.

Proven track record of managing global teams across multiple time zones and cultures.

Experience managing third-party Managed Security Service Providers (MSSPs) preferred.

Demonstrated ability to lead decisively during high-pressure high-visibility security events.

Ability to balance deep technical analysis with risk management and business priorities.

Strong judgement in ambiguous environments and scenarios with incomplete information.

Exceptional written & verbal communication skills including delivery of clear messaging during high-stress events.

Hands-on experience with EDR / XDR platforms SIEM technologies and forensic toolsets.

Strong knowledge of MITRE ATT&CK framework and cloud security architecture.

Due to ITAR requirements candidates must be a U.S. Person as defined by 22 C.F.R. 120.15 (U.S. Citizen permanent resident or protected individual).

Reporting Line & Location
Role is based in Downers Grove Illinois.
Approximately 15% of travel is required.