Senior Manager, Incident Response

Role Purpose 

The Senior Manager of Incident Response is the leader responsible for Dover Corporation’s global incident detection and response capabilities. This role provides strategic direction and operational leadership for a globally distributed incident responsible team tasked with protecting Dover Corporation and its Operating Companies (OpCos).

 
Serving as the primary incident commander during significant security events, this leader ensures disciplined execution and clear executive decision support. The role combines deep technical expertise in digital forensics and incident response (DFIR) with executive presence, sound judgement, and composure under pressure.

 
A critical component of this position is maintaining alignment with US International Traffic in Arms Regulations (ITAR) and Cybersecurity Maturity Model Certification (CMMC) requirements, reinforcing our commitment to operational resilience, regulatory rigor, and risk-informed governance.

Key Responsibilities:

•    Lead, mentor, and scale a 24/7 global response team, overseeing talent strategy, performance management, and professional development to deliver a high-performance culture grounded in technical excellence, accountability, continuous learning, and rapid disciplined execution.

•    Serve as the primary incident commander for significant and enterprise-impacting security events. Direct and coordinate cross-functional response efforts across IT, Legal, HR, Communications, executive leadership, and external partners to ensure rapid containment, recovery, and resolution.

•    Own and continuously improve incident response processes to ensure adherence to ITAR data sovereignty requirements and CMMC Level 1-3 requirements.

•    Ensure accurate, defensible incident reporting, documentation, and audit readiness aligned with regulatory and legal expectations.

•    Define and execute the long-term incident response strategy and roadmap, including the adoption of advanced Security Orchestration, Automation, & Response (SOAR) capabilities and Extended Detection & Response (XDR) frameworks.

•    Drive measurable improvements in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through process optimization, tooling, and skills development.

•    Develop, maintain, and mature incident response plans, playbooks, and tabletop exercises to ensure organizational readiness across global business units.

•    Lead post-incident reviews and translate lessons learned into actionable improvements controls, processes, and response capabilities.

•    Translate complex technical findings into clear, concise, risk-based reports for C-Suite during and following significant security events.

•    Serve as a trusted advisor to senior leadership on response readiness, cyber resilience, and incident risk posture.

•    Oversee proactive threat hunting initiatives and integrate tactical threat intelligence into the incident lifecycle.

•    Advance the organization from reactive response to predictive, data-driven defense.
 

Qualifications 

•    10+ years of progressive experience in Cyber Security within a large-scale global enterprise.

•    5+ years in a dedicated incident response leadership role.

•    Professional certifications such as CISSP, GCIH, GCFA, or CISM are highly desirable.

•    Bachelor’s degree in computer science, Cyber Security, or a related field. A master’s degree is a plus.

•    Demonstrated experience managing security operations within ITAR-controlled environments.

•    Strong working knowledge of CMMC frameworks, compliance, and response requirements.

•    Proven track record of managing global teams across multiple time zones and cultures.

•    Experience managing third-party Managed Security Service Providers (MSSPs) preferred.

•    Demonstrated ability to lead decisively during high-pressure, high-visibility security events.

•    Ability to balance deep technical analysis with risk management and business priorities.

•    Strong judgement in ambiguous environments and scenarios with incomplete information.

•    Exceptional written & verbal communication skills, including delivery of clear messaging during high-stress events.

•    Hands-on experience with EDR / XDR platforms, SIEM technologies, and forensic toolsets.

•    Strong knowledge of MITRE ATT&CK framework and cloud security architecture.

•    Due to ITAR requirements, candidates must be a "U.S. Person" as defined by 22 C.F.R. § 120.15 (U.S. Citizen, permanent resident, or protected individual).
 

Reporting Line & Location 
•    Role is based in Downers Grove, Illinois.
•    Approximately 15% of travel is required.