We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Crowe jobs

Incident Response Manager

Crowe
A reasonable estimate of the current range is $110,800.00 - $226,400.00 per year.
United States, Florida, Tallahassee
Jun 26, 2026

Your Journey at Crowe Starts Here:

At Crowe, you can build a meaningful and rewarding career. With real flexibility to balance work with life moments, you're trusted to deliver results and make an impact. We embrace you for who you are, care for your well-being, and nurture your career. Everyone has equitable access to opportunities for career growth and leadership. Over our 80-year history, delivering excellent service through innovation has been a core part of our DNA across our audit, tax, and consulting groups. That's why we continuously invest in innovative ideas, such as AI-enabled insights and technology-powered solutions, to enhance our services. Join us at Crowe and embark on a career where you can help shape the future of our industry.

Job Description:

Incident Response Manager

Position Summary
The Incident Response Manager serves as a senior technical leader responsible for managing complex cybersecurity incident response engagements, mentoring and developing incident responders, overseeing engagement delivery, and acting as a trusted advisor to clients during cybersecurity crises. This role combines deep technical expertise with leadership, business development, client relationship management, and operational oversight responsibilities.

Responsibilities
  • Serve as the primary client-facing leader during major cybersecurity incidents.
  • Lead multiple concurrent incident response engagements involving ransomware, data breaches, insider threats, cloud compromises, and advanced threat actor activity.
  • Provide executive-level briefings to CISOs, CIOs, legal counsel, executive leadership, boards of directors, and other stakeholders.
  • Direct forensic investigations, threat hunting activities, containment efforts, eradication plans, and recovery operations.
  • Review and approve technical findings, investigation reports, executive summaries, and client deliverables.
  • Coordinate internal and external resources to ensure successful engagement execution and client outcomes.
  • Ensure investigations meet legal, regulatory, and evidentiary requirements.
  • Develop and maintain incident response methodologies, playbooks, procedures, and service offerings.
  • Lead and mentor Incident Response consultants and senior staff through coaching, technical guidance, and performance feedback.
  • Assist with recruiting, onboarding, and professional development of team members.
  • Support business development efforts through proposal development, scoping, client presentations, and strategic discussions.
  • Identify opportunities to expand client relationships and deliver additional cybersecurity services.
  • Contribute to thought leadership through whitepapers, webinars, conference presentations, and market-facing content.
Requirements
  • 7+ years of cybersecurity experience with at least 3 years focused on incident response, digital forensics, threat hunting, or cyber defense operations.
  • Demonstrated experience leading complex incident response engagements from initial detection through recovery.
  • Experience managing project teams, mentoring technical staff, and coordinating cross-functional stakeholders.
  • Strong leadership, decision-making, and risk management capabilities.
  • Excellent communication skills with the ability to present technical findings to executive and non-technical audiences.
  • Ability to manage competing priorities and multiple concurrent engagements.
  • Strong understanding of networking, operating systems, identity systems, cloud technologies, and cybersecurity principles.
  • Experience utilizing SIEM platforms such as Splunk, Elastic, Microsoft Sentinel, or FortiSIEM.
  • Experience utilizing EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, or Carbon Black.
  • Proficiency with scripting and automation using PowerShell, Python, Bash, or similar technologies.
  • Strong documentation and report-writing capabilities.
  • Willingness to travel approximately 15% or more as required.
Preferred Qualifications
  • Expert knowledge of Windows, Linux, Active Directory, Microsoft Entra ID, Microsoft 365, AWS, Azure, and Google Cloud environments.
  • Advanced understanding of attacker tactics, techniques, and procedures (MITRE ATT&CK).
  • Experience leading enterprise-scale ransomware investigations and recovery efforts.
  • Experience coordinating legal counsel, cyber insurance carriers, law enforcement, and third-party stakeholders during incidents.
  • Experience developing incident response programs, tabletop exercises, and cyber resilience strategies.
  • Experience managing consulting engagements and project financials.
  • Experience building and managing cybersecurity teams.
  • Relevant certifications such as GCFA, GCIH, GCED, GREM, GCTD, CISSP, CCSP, CISM, AWS Security Specialty, or Azure Security Engineer Associate.

We expect the candidate to uphold Crowe's values of Care, Trust, Courage, and Stewardship. These values define who we are. We expect all of our people to act ethically and with integrity at all times.

The application deadline for this role is 09/30/2026.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire. Crowe is not sponsoring for work authorization at this time.

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Crowe, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $110,800.00 - $226,400.00 per year.

Our Benefits:
Your exceptional people experience starts here. At Crowe, we know that great peopleare what makes a great firm. We care about our people and offer employees a comprehensive total rewards package. Learn more about what working at Crowe can mean for you!

How You Can Grow:
We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations. Learn more about where talent can prosper!

More about Crowe:
Crowe (www.crowe.com) is one of the largest public accounting, consulting and technology firms in the United States. Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. Crowe is recognized by many organizations as one of the country's best places to work. Crowe serves clients worldwide as an independent member of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 130 countries around the world.

Crowe LLP provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, sexual orientation, gender identity or expression, genetics, national origin, disability or protected veteran status, or any other characteristic protected by federal, state or local laws.

Crowe LLP does not accept unsolicited candidates, referrals or resumes from any staffing agency, recruiting service, sourcing entity or any other third-party paid service at any time. Any referrals, resumes or candidates submitted to Crowe, or any employee or owner of Crowe without a pre-existing agreement signed by both parties covering the submission will be considered the property of Crowe, and free of charge.

Crowe will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws.

Please visit our webpage to see notices of the various state and local Ban-the-Box laws and Fair Chance Ordinances, where applicable.

We are committed to a merit-based hiring process, evaluating all candidates consistently using objective, job-related criteria such as relevant experience, demonstrated skills, measurable impact, and alignment with the role's responsibilities, and making employment decisions in a fair and inclusive manner free from discrimination.

If you are interested in applying for employment with Crowe and are in need of an accommodation or require special assistance to navigate our website or to complete your application, please visit our Applicant Assistance and Accommodations page for more information: https://careers.crowe.com/crowe-applicant-assistance-and-accommodation

Applied = 0
MORE JOBS LIKE THIS

(web-77cf7d65c7-4rhzf)