OpenText

Principal Service Manager

OpenText$104K — $154K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years in cybersecurity, with 3+ years specifically in Incident Response (IR) or DFIR roles.
  • Demonstrated experience leading incidents through the complete IR lifecycle.
  • Proficient in digital forensics in various environments, including Windows, Linux, and cloud.
  • Experience providing security services in MSSP or MDR environments for multiple clients.
  • Strong record of producing clear incident reports and post-incident reviews.
  • Familiarity with SIEM platforms, EDR tools, and case management systems.
  • Knowledge of cyber attack lifecycles and various threat actor techniques.

Responsibilities

  • Lead IR engagements, managing containment, eradication, recovery, and triage activities.
  • Investigate incidents such as ransomware and insider threats using on-site and remote techniques.
  • Coordinate response efforts with clients, including IT teams and legal counsel.
  • Deliver comprehensive incident reports and root cause analyses post-incident.
  • Maintain evidence handling procedures for forensic investigations.
  • Conduct digital forensics across multiple operating systems and cloud environments.
  • Analyze various data sources to determine scope and impact of incidents.

Benefits

  • Comprehensive benefits package supporting physical, emotional, and financial wellbeing.
  • Variable and commission opportunities for eligible roles.
  • Paid vacation and time off available.
  • Support for professional certifications and continuous education.
Full Job Description
Your Impact

The Principal Service Manager is a senior technical practitioner within the MSS SOC and CSIRT function, responsible for leading and delivering incident response engagements across the organization's multi-tenant managed security client base. This role provides dedicated capacity for the Incident Response retainer service, ensuring clients receive rapid, expert-led containment, investigation, and remediation when security incidents occur.

Operating within an MSS environment serving SMB clients, the Senior IR Analyst works alongside the existing CSIRT and DFIR capability to ensure retainer commitments are met without degrading day-to-day detection and response operations. The role demands a practitioner who can operate independently under pressure, communicate clearly with client stakeholders, and contribute to the continuous improvement of the MSS incident response capability.

This role is critical to maintaining client trust and delivering high-confidence incident response outcomes across the MSS portfolio.

As a Principal Service Manager, you will:

  • Lead Incident Response (IR) retainer engagements, directing containment, eradication, recovery, and incident triage activities across client environments.
  • Investigate security incidents including ransomware, BEC, data exfiltration, insider threats, and APTs through remote and on-site response engagements.
  • Coordinate incident response efforts with client IT teams, legal counsel, insurers, regulators, and stakeholders in accordance with MSOD requirements.
  • Deliver professional incident reports, root cause analyses, and post-incident review (PIR) documentation.
  • Maintain chain-of-custody procedures for digital evidence and support forensic investigations with legal or regulatory implications.
  • Perform digital forensic investigations across Windows, Linux, macOS, Microsoft 365, Azure AD/Entra ID, AWS, and Google Workspace environments.
  • Analyze memory, disk, log, network, and cloud audit data to determine incident scope, impact, root cause, and develop IOCs.
  • Utilize EDR tools and threat-hunting techniques to identify adversary activity, trace lateral movement, and support containment decisions.
  • Serve as an escalation point for SOC analysts, providing mentorship, investigation guidance, and contributing to IR playbooks, runbooks, TTX, and purple team exercises.
  • Communicate incident status, impacts, PIR findings, and strategic recommendations effectively to both technical and executive stakeholders.


What you need to Succeed:

  • 5+ years of progressive cybersecurity experience, including 3+ years in hands-on Incident Response (IR), DFIR, or senior SOC analyst roles.
  • Proven experience leading incidents through the full IR lifecycle, including preparation, detection, analysis, containment, eradication, recovery, and post-incident activities.
  • Hands-on digital forensics expertise across Windows, Linux, macOS, network, and cloud environments.
  • Experience delivering security services within MSSP, SOC, or MDR environments supporting multiple clients concurrently.
  • Strong background producing client-facing incident reports, post-incident reviews, and investigative documentation.
  • Proficiency with SIEM platforms (Devo, Splunk, Sentinel), EDR tools (CrowdStrike, SentinelOne, Defender for Endpoint), and case management systems.
  • Deep knowledge of cyber attack lifecycles, threat actor TTPs, ransomware, BEC, APT, insider threats, and identity-based attack techniques.
  • Expertise in forensic artifact analysis, memory forensics, live-response triage, network forensics, and cloud investigations across Microsoft 365, Azure AD/Entra ID, AWS, and Google Workspace.
  • Scripting and automation skills using Python, PowerShell, or Bash, with familiarity in SIEM/SOAR platforms, automated response playbooks, malware analysis, and chain-of-custody practices.
  • Holds or is actively pursuing industry certifications such as GIAC Certified Incident Handler (GCIH) or GIAC Certified Forensic Analyst (GCFA), with strong communication, leadership, collaboration, and documentation skills.


Compensation: At OpenText, we offer a thoughtfully designed benefits package that supports your physical, emotional, and financial wellbeing. As you move through the hiring process, we're happy to provide more details about our compensation programs, including variable and commission compensation opportunities for eligible roles, vacation entitlement, and paid time off.

Salary Range: $104,320.00 - $154,320.00; Depending on the candidate's education, experience, skills, geographical location, and alignment with internal equity and external market, actual salary may vary and be higher or lower than the range posted.

AI Usage Disclosure: As part of our commitment to transparency, we use artificial intelligence (AI) tools to assist in various stages of our recruitment process, including resume screening, candidate matching, interview scheduling, and communications. These tools are designed to improve efficiency, reduce bias, and enhance candidate experience. All decisions regarding hiring are made by qualified human professionals, and we continuously monitor our AI systems to ensure fairness and compliance with applicable regulations.

About OpenText

OpenText Corporation is a Canadian company that develops and sells enterprise information management software. The company is headquartered in Waterloo, Ontario, Canada. OpenText software applications manage content or unstructured data for large companies, government agencies, and professional service firms. OpenText aims to help customers digitize their operations and optimize their information management processes. The company has made several acquisitions over the years to expand its product offerings and customer base. OpenText has a global presence with offices in North America, Europe, Asia, and Australia.
Learn more about OpenText
Size
14,300 employees
Market Cap
$7.8 billion
Industry
Founded
1991
5 Year Trend
+8.8%
NASDAQ

Similar Jobs

More Jobs at OpenText

More Information Technology Jobs

Find similar Principal Service Manager jobs: