IT Program Mgr
Posted
Job Title: IT Program Mgr.
Job ID: 24448
Job Location: 8200 Coral Sea Street NE, Mounds View, Minnesota, 55112
Duration: 12 Months
Payrate: $55-60/HR on W2
Role Summary
The Contract Program Manager provides critical support and continuity for the Cybersecurity Incident Response team during a one-year military leave of the current manager. Working closely with the Cybersecurity Incident Response Director, this role is responsible for facilitating day-to-day operations, strengthening cross-functional collaboration, and driving continuous improvement. The Program Manager empowers the team by providing guidance, removing obstacles, and enabling effective execution, ensuring operational excellence and timely incident response throughout the year. The ideal candidate demonstrates initiative and accountability, is able to take direction from the Director, and works independently with minimal oversight in a dynamic environment.
Key Responsibilities
Incident Response Team Support & Coordination
Deliver proactive support and guidance as the team manages security tickets, investigations, and escalations assisting with ownership tracking, priority setting, and seamless handoffs between shifts and global team members. Ensure thorough follow-up on after-action items and confirm complete resolution and closure of all events and incidents.
Facilitate daily standups, incident reviews, and coordination meetings to maintain alignment and clear communication within the team.
Collaborate with internal teams and service providers including Privacy, Legal, and other key stakeholders to support investigations, containment, remediation, and post-incident activities.
Partner with the Cyber Threat Intelligence (CTI) team to share and incorporate threat information into alerting, leverage CTI insights during incidents to identify motive and context, and integrate intelligence into response activities.
Work alongside the Detection Engineering team to implement, refine, and optimize detection and alerting capabilities, ensuring new threats and lessons learned are rapidly translated into actionable monitoring and response processes.
On-Call Coverage & Operational Readiness
Support the implementation and ongoing effectiveness of the follow-the-sun on-call model, ensuring collaborative teamwork and seamless handoffs across all shifts and regions.
Assist the Director in maintaining comprehensive 24x7 on-call coverage, adapting to regional and time zone needs.
Coordinate on-call rotation changes, coverage adjustments, and shift handoffs, ensuring all updates are accurately documented and communicated.
Support escalation management, incident triage, and handoffs in alignment with established protocols.
Monitor and assess operational readiness, helping identify gaps and opportunities for process improvement.
Program & Process Improvement
Guide the team through changes in operational processes, including updating and developing playbooks, coordinating testing, and providing hands-on support to ensure smooth adoption and minimal disruption.
Refine systems and processes for global threat visibility, alerting, and incident response.
Drive incremental improvements to detection, response, and investigation workflows based on feedback and lessons learned.
Promote the adoption of industry frameworks to strengthen prevention, detection, and response capabilities.
Identify operational gaps and recommend practical enhancements to tools, workflows, and coordination models.
Contribute to the cybersecurity operations roadmap in alignment with organizational strategies.
Partnership & Communication
Foster strong collaboration with cybersecurity, technology, and IT teams to support effective incident response, operational planning, and cross-functional alignment.
Build and maintain productive relationships with business stakeholders and the Major Incident team to facilitate clear communication and coordinated resolution of significant events.
Manage relationships with the third-party SOC and other vendors, ensuring effective communication, seamless coordination, and successful implementation of alerting and response processes. Provide support with contract renewals and evaluate new features or service offerings to enhance operational capabilities.
Promote transparency, information sharing, and teamwork across all involved parties to support consistent execution of response strategies and operational priorities.
Culture & Ways of Working
Cultivate a collaborative, supportive, and high-performing team environment through positive influence and partnership.
Serve as a role model for disciplined incident management, operational excellence, and cross-team collaboration.
Champion continuous improvement, shared learning, and resilience within the incident response function.
Encourage professional growth, recognize achievements, and help team members leverage their strengths throughout the year.
Promote ongoing team alignment and focus by supporting progress toward shared objectives and celebrating milestones.
Required Experience & Skills
Experience supporting or coordinating cybersecurity incident response in a complex enterprise environment.
Prior experience within or alongside a SOC, incident response, or cyber defense team.
Strong understanding of cybersecurity operations, detection and response tooling, and incident management practices.
Demonstrated experience overseeing ticket management workflows in enterprise platforms such as ServiceNow.
Proven ability to manage alerting and monitoring processes using advanced tools like Splunk.
Familiarity with endpoint detection and response (EDR) technologies, including platforms such as CrowdStrike.
Hands-on experience applying frameworks such as NIST and MITRE Telecommunication&CK.
Experience collaborating with Privacy teams and supporting privacy-related incident response activities.
Ability to take direction from leadership and work independently, demonstrating initiative and accountability without extensive oversight.
Ability to guide and facilitate through influence, not direct people management.
Experience supporting or coordinating on-call rotations and operational coverage.
Excellent communication skills for engaging technical teams, leadership, and stakeholders during high-pressure situations.
Strong organizational and program management skills with the ability to manage competing priorities.
Job ID: 24448
Job Location: 8200 Coral Sea Street NE, Mounds View, Minnesota, 55112
Duration: 12 Months
Payrate: $55-60/HR on W2
Role Summary
The Contract Program Manager provides critical support and continuity for the Cybersecurity Incident Response team during a one-year military leave of the current manager. Working closely with the Cybersecurity Incident Response Director, this role is responsible for facilitating day-to-day operations, strengthening cross-functional collaboration, and driving continuous improvement. The Program Manager empowers the team by providing guidance, removing obstacles, and enabling effective execution, ensuring operational excellence and timely incident response throughout the year. The ideal candidate demonstrates initiative and accountability, is able to take direction from the Director, and works independently with minimal oversight in a dynamic environment.
Key Responsibilities
Incident Response Team Support & Coordination
Deliver proactive support and guidance as the team manages security tickets, investigations, and escalations assisting with ownership tracking, priority setting, and seamless handoffs between shifts and global team members. Ensure thorough follow-up on after-action items and confirm complete resolution and closure of all events and incidents.
Facilitate daily standups, incident reviews, and coordination meetings to maintain alignment and clear communication within the team.
Collaborate with internal teams and service providers including Privacy, Legal, and other key stakeholders to support investigations, containment, remediation, and post-incident activities.
Partner with the Cyber Threat Intelligence (CTI) team to share and incorporate threat information into alerting, leverage CTI insights during incidents to identify motive and context, and integrate intelligence into response activities.
Work alongside the Detection Engineering team to implement, refine, and optimize detection and alerting capabilities, ensuring new threats and lessons learned are rapidly translated into actionable monitoring and response processes.
On-Call Coverage & Operational Readiness
Support the implementation and ongoing effectiveness of the follow-the-sun on-call model, ensuring collaborative teamwork and seamless handoffs across all shifts and regions.
Assist the Director in maintaining comprehensive 24x7 on-call coverage, adapting to regional and time zone needs.
Coordinate on-call rotation changes, coverage adjustments, and shift handoffs, ensuring all updates are accurately documented and communicated.
Support escalation management, incident triage, and handoffs in alignment with established protocols.
Monitor and assess operational readiness, helping identify gaps and opportunities for process improvement.
Program & Process Improvement
Guide the team through changes in operational processes, including updating and developing playbooks, coordinating testing, and providing hands-on support to ensure smooth adoption and minimal disruption.
Refine systems and processes for global threat visibility, alerting, and incident response.
Drive incremental improvements to detection, response, and investigation workflows based on feedback and lessons learned.
Promote the adoption of industry frameworks to strengthen prevention, detection, and response capabilities.
Identify operational gaps and recommend practical enhancements to tools, workflows, and coordination models.
Contribute to the cybersecurity operations roadmap in alignment with organizational strategies.
Partnership & Communication
Foster strong collaboration with cybersecurity, technology, and IT teams to support effective incident response, operational planning, and cross-functional alignment.
Build and maintain productive relationships with business stakeholders and the Major Incident team to facilitate clear communication and coordinated resolution of significant events.
Manage relationships with the third-party SOC and other vendors, ensuring effective communication, seamless coordination, and successful implementation of alerting and response processes. Provide support with contract renewals and evaluate new features or service offerings to enhance operational capabilities.
Promote transparency, information sharing, and teamwork across all involved parties to support consistent execution of response strategies and operational priorities.
Culture & Ways of Working
Cultivate a collaborative, supportive, and high-performing team environment through positive influence and partnership.
Serve as a role model for disciplined incident management, operational excellence, and cross-team collaboration.
Champion continuous improvement, shared learning, and resilience within the incident response function.
Encourage professional growth, recognize achievements, and help team members leverage their strengths throughout the year.
Promote ongoing team alignment and focus by supporting progress toward shared objectives and celebrating milestones.
Required Experience & Skills
Experience supporting or coordinating cybersecurity incident response in a complex enterprise environment.
Prior experience within or alongside a SOC, incident response, or cyber defense team.
Strong understanding of cybersecurity operations, detection and response tooling, and incident management practices.
Demonstrated experience overseeing ticket management workflows in enterprise platforms such as ServiceNow.
Proven ability to manage alerting and monitoring processes using advanced tools like Splunk.
Familiarity with endpoint detection and response (EDR) technologies, including platforms such as CrowdStrike.
Hands-on experience applying frameworks such as NIST and MITRE Telecommunication&CK.
Experience collaborating with Privacy teams and supporting privacy-related incident response activities.
Ability to take direction from leadership and work independently, demonstrating initiative and accountability without extensive oversight.
Ability to guide and facilitate through influence, not direct people management.
Experience supporting or coordinating on-call rotations and operational coverage.
Excellent communication skills for engaging technical teams, leadership, and stakeholders during high-pressure situations.
Strong organizational and program management skills with the ability to manage competing priorities.
Featured