What are the responsibilities and job description for the Sr. SOC / MDR Incident Manager position at N-able?
Why N-able
At N-able, we’re not just helping businesses be secure —we’re redefining what it means to be cyber resilient. Our end-to-end platform blends AI-powered capabilities and flexible tech stacks, so customers can manage, secure, and recover with confidence. But the real power behind it all? Our people. We’re a global crew of N-ablites, who love solving complex problems, sharing knowledge, and delivering solutions that actually make a difference. If you're into meaningful work, fast growth, and a team that’s got your back, you’ll be surrounded by people who believe in what they do—and in you.
The MDR Senior Incident Manager is a senior leadership role responsible for overseeing both the MDR Containment and MDR Incident Handling Teams. This position ensures seamless coordination across the incident lifecycle, from containment through eradication and recovery. Reporting directly to the Director of MDR, the Senior Incident Manager drives operational excellence, establishes cross-team standards, and represents the MDR organization in executive-level engagements during critical incidents.
What You'll Do
12-15 years of progressive SOC, MDR, or DFIR experience. Minimum 7 years in leadership roles, with proven experience managing multiple teams. Demonstrated success in enterprise-scale containment and incident response engagements.
Educational Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, or related field. Master’s degree is preferred.
Certifications
CISSP, CISM, or equivalent leadership-level certifications required. Advanced DFIR certifications (GCFA, GREM, GCIH, or equivalent) strongly preferred.
Purple Perks
What do we offer you?
At N-able, our mission is to protect businesses against evolving cyberthreats with an end-to-end cyber resilience platform to manage, secure, and recover. Our scalable technology infrastructure includes AI-powered capabilities, market-leading third-party integrations, and the flexibility to employ technologies of choice—to transform workflows and deliver critical security outcomes. Our partner-first approach combines our products with experts, training, and peer-led events that empower our customers to be secure, resilient, and successful.
At N-able, we’re not just helping businesses be secure —we’re redefining what it means to be cyber resilient. Our end-to-end platform blends AI-powered capabilities and flexible tech stacks, so customers can manage, secure, and recover with confidence. But the real power behind it all? Our people. We’re a global crew of N-ablites, who love solving complex problems, sharing knowledge, and delivering solutions that actually make a difference. If you're into meaningful work, fast growth, and a team that’s got your back, you’ll be surrounded by people who believe in what they do—and in you.
The MDR Senior Incident Manager is a senior leadership role responsible for overseeing both the MDR Containment and MDR Incident Handling Teams. This position ensures seamless coordination across the incident lifecycle, from containment through eradication and recovery. Reporting directly to the Director of MDR, the Senior Incident Manager drives operational excellence, establishes cross-team standards, and represents the MDR organization in executive-level engagements during critical incidents.
What You'll Do
- Provide strategic oversight for the MDR Containment and Incident Handling Teams.
- Ensure seamless transitions between containment and incident handling activities, when applicable.
- Act as escalation authority for high-severity and complex incidents across both teams.
- Represent both teams in executive customer briefings and serve as senior MDR spokesperson during crises.
- Establish and enforce SOC-wide standards for containment and incident handling playbooks, workflows, and tools.
- Partner with MDR leadership to align incident response strategy with business objectives.
- Guide both managers (Containment Manager and IH SOC Manager(s)), ensuring consistency in leadership, training, and development.
- Review after-action reports across containment and IH to identify cross-functional improvements.
- Mentor and coach senior leaders, building future SOC managers and incident response leaders.
- Drive integration of team processes into a unified customer experience.
- Champion innovation in containment and incident handling methodologies.
- Coordinate cross-team readiness exercises, including tabletops and team scenarios.
- Expert-level understanding of incident lifecycle, containment strategies, and response coordination.
- Exceptional leadership and multi-team management skills.
- Strong executive communication skills.
- Proficiency in SOC toolsets (SIEM, EDR/XDR, SOAR).
- Strategic and operational planning capability for global MDR services.
- Trusted leader with high integrity, accountability, and resilience under pressure.
- Visionary for evolving MDR operations and building long-term SOC maturity.
- Collaborative mindset with ability to unite cross-functional teams.
- Passionate mentor and role model for MDR leaders and analysts.
12-15 years of progressive SOC, MDR, or DFIR experience. Minimum 7 years in leadership roles, with proven experience managing multiple teams. Demonstrated success in enterprise-scale containment and incident response engagements.
Educational Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, or related field. Master’s degree is preferred.
Certifications
CISSP, CISM, or equivalent leadership-level certifications required. Advanced DFIR certifications (GCFA, GREM, GCIH, or equivalent) strongly preferred.
Purple Perks
What do we offer you?
- Medical, dental and vision - for employee, partner, and children!
- Generous PTO and observed holidays
- 2 Paid VoluNteer Days per year
- Pension Plan with company-contribution
- Employee Stock Purchase Program
- Discounted gym access at several local facilities
- FuN-raising opportunities as part of our giving program
- N-ablite Learning - custom learning experience as part of our investment in you
- The Way We Work - our hybrid working model based on trust and flexibility
At N-able, our mission is to protect businesses against evolving cyberthreats with an end-to-end cyber resilience platform to manage, secure, and recover. Our scalable technology infrastructure includes AI-powered capabilities, market-leading third-party integrations, and the flexibility to employ technologies of choice—to transform workflows and deliver critical security outcomes. Our partner-first approach combines our products with experts, training, and peer-led events that empower our customers to be secure, resilient, and successful.