[Hiring] Incident Response Manager @TTEC

Role Description

Your potential has a place here with TTEC’s award-winning employment experience. As an Incident Response Manager working remote in the United States, you’ll be a part of bringing humanity to business. #experienceTTEC

As part of our Information Security team, you will support the compliance lifecycle needs of existing Federal clients as well as consult on new projects’ information security and compliance needs. This role will provide vulnerability-management services to project teams, client personnel, and on behalf of stakeholders to comply with a federal agency’s comprehensive security program and the NIST Risk Management Framework (RMF).

During a Typical Day You’ll:

• Lead Incident Orchestration efforts, serving as the primary responder for security incidents escalated by the SOC, including coordination of containment, eradication, and recovery activities across technical teams.
• Manage and mentor a high-performing Incident Response and Security Analyst team, providing hands-on technical guidance, coaching, and professional development to strengthen detection and response capabilities.
• Develop, maintain, and continuously improve the Incident Response Plan (IRP) and detailed playbooks for a range of threat scenarios, including ransomware, phishing, insider threat, and third-party incidents, ensuring alignment with FedRAMP and NIST RMF requirements.
• Design and facilitate tabletop and simulation exercises to test incident readiness, validate executive and technical response procedures, and identify gaps prior to real-world events.
• Translate complex technical findings into clear, actionable communications for Legal, HR, PR, executive leadership, and client stakeholders during and after security incidents.
• Conduct Post-Incident Reviews (Post-Mortems) to assess root cause, response effectiveness, and control gaps, driving continuous improvement of security posture, policies, and processes.
• Configure and execute vulnerability scans of FedRAMP-authorized environments, analyze results, and lead remediation discussions with technical and business stakeholders.
• Prepare, validate, and maintain security and compliance documentation, including System Security Plans (SSP), Risk Assessments (RA), Contingency Plans (CP), Privacy Impact Assessments (PIA), and FIPS categorizations.
• Provide end-to-end security lifecycle support for major applications supporting Federal clients, partnering closely with project teams and customer stakeholders.
• Advise internal and client teams on remediation of security and privacy weaknesses, balancing risk, compliance, and operational impact.
• Prepare and deliver security and privacy awareness training tailored to technical teams, business users, and leadership audiences.
• Identify, track, and manage POA&Ms, driving corrective action plans through remediation and closure.
• Collaborate with cross-functional teams to support Security Assessment & Authorization (SA&A) / C&A activities, audits, and continuous monitoring efforts.

Qualifications

• 3+ years of experience in Federal government information security and privacy providing direct support to project teams and client stakeholders.
• 7+ years in CyberSecurity with 4+ years of hands-on experience with industry-standard vulnerability management tools such as Qualys, Tenable, or Rapid7.
• Perform vulnerability assessments, conduct research and evaluate relevant risks to the findings.
• Write runbooks to assist junior-level Engineers and other team members with appropriate reactions and activities based on finding types.
• Capable of self-direction in situations involving complex vulnerabilities that require in-depth troubleshooting.
• Ensure solid communication with key stakeholders, including progress on issues or findings and setting relevant expectations.
• Must be able to participate in and/or lead security assessments and audits.
• Experience with Protected Health Information (PHI), Personally Identifiable Information (PII) in Federal healthcare programs and Payment Card Industry Data Security Standard (PCI DSS).
• Experience in preparing security documentation, evaluating and documenting security and privacy controls, and completing non-technical analysis activities.
• Experience with FedRAMP, NIST 800-53 Rev 4 (or 800-171) or agency equivalent.

Requirements

• Some experience with common penetration tools/frameworks (Open Source or Commercial).
• Bash and/or Python scripting experience and building API-based integrations.

Benefits

• This is a 100% work from home position.
• Working with a company and team that is supportive of your career and professional development.
• An inclusive culture and community-minded organization where giving back is encouraged.
• A global team of curious lifelong learners guided by our company values.
• Paid time off (PTO) plus wellness and healthcare benefits.
• A great compensation package and performance bonus opportunities, benefits you'd expect and maybe a few perks that would pleasantly surprise you (like tuition reimbursement).
• The anticipated range is $120,000-140,000. Actual compensation offers to a candidate may vary based upon geographic location, work experience, education and/or skill levels.