Mountain America Credit Union

Sr Mgr CyberSecurity Incident Response

Mountain America Credit Union$100K — $130K *
Sandy, UT 84092In-Person
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 6+ years in cybersecurity operations or incident response leadership
  • 5+ years in a management role within cybersecurity
  • Experience with enterprise-scale incident response programs
  • Preferred experience in financial services or regulated industries
  • Bachelor's degree in a related field or equivalent experience
  • CISSP certification preferred; other cybersecurity certifications desirable

Responsibilities

  • Lead the enterprise cybersecurity incident response program
  • Serve as the executive incident commander for high-severity events
  • Conduct executive-level briefings during and after incidents
  • Oversee breach investigations and digital forensics
  • Own and operate the Insider Threat Program to mitigate risks
  • Collaborate with SOC leadership to improve monitoring and response
  • Ensure compliance with regulatory frameworks and support audits

Benefits

  • Hybrid work schedule allowing for both in-office and remote days
  • Opportunities for leadership development and mentoring
  • Engagement in high-visibility and impactful roles
  • Collaborative work with various departments and executive teams
Full Job Description
Please reference the schedule and minimum qualifications listed below before applying.

If you need assistance with filling out our application form or during any phase of the application, interview, or employment process, please notify our Human Resources Team at [redacted] option 1 or email [redacted] and every reasonable effort will be made to accommodate your needs in a timely manner.

Job Summary
The Sr. Manager of Cybersecurity Incident Response & Insider Threat leads MACU's enterprise-wide cyber incident response, digital forensics, and insider threat program. This role is responsible for preparing the organization to detect, respond to, and recover from cybersecurity incidents while protecting member data, intellectual property, and critical systems.
In this highly visible leadership role, you will partner closely with Cybersecurity, IT, Legal, HR, Governance, Risk Management, and Executive Leadership to manage high-impact incidents, insider risk, and crisis situations. You will define response strategy, mature operational capabilities, and ensure the organization is resilient against both external attacks and internal misuse.

Job Description

LOCATION: UTAH

9800 S. Monroe Street

Sandy, UT 84070

SCHEDULE: Full-Time hybrid in-office with some remote days

To be effective, an individual must be able to perform each job duty successfully.
Key Responsibilities

Incident Response & Crisis Management
  • Lead the enterprise cybersecurity incident response program, including preparation, detection, containment, eradication, and recovery activities.
  • Serve as the executive incident commander for high-severity cybersecurity events, coordinating technical teams, business stakeholders, and leadership.
  • Define and maintain incident response plans, playbooks, escalation models, and crisis communication procedures.
  • Conduct executive-level briefings during and after incidents, including post-incident reports, root cause analysis, and lessons learned.
  • Oversee breach investigations, digital forensics, and evidence preservation in coordination with Legal and Compliance.
  • Lead tabletop exercises, red/blue team simulations, and ransomware readiness scenarios.
  • Lead the organization's brand protection efforts to safeguard reputation and identity.
  • Lead proactive threat-hunting initiatives to identify advanced threats, vulnerabilities, and anomalous activities across the enterprise environment.
  • Define and maintain incident response plans, playbooks, escalation models, and crisis communication procedures.

Insider Threat Program Leadership
  • Own and operate the enterprise Insider Threat Program, addressing malicious, negligent, and compromised insider risks.
  • Define insider threat detection, triage, investigation, and response processes across people, process, and technology.
  • Partner with HR, Legal, Privacy, and Risk Management teams to ensure investigations are lawful and appropriate.
  • Implement behavioral, technical, and contextual monitoring capabilities.
  • Establish governance, oversight, and separation of duties for insider investigations.

Security Operations & Capability Maturity
  • Collaborate with SOC leadership to enhance monitoring, alerting, and response automation.
  • Drive continuous improvement using metrics and maturity models.
  • Translate threat intelligence into actionable detection and response strategies.

Governance, Risk, and Compliance
  • Ensure alignment with regulatory frameworks including NCUA, FFIEC, and NIST.
  • Support audits, regulatory exams, and breach notification requirements.
  • Partner with Risk Management and Internal Audit to remediate gaps.

Leadership & Influence
  • Lead and mentor incident response and insider threat professionals.
  • Partner across IT, Digital Solutions, Legal, HR, Communications, and executives.
  • Act as a trusted advisor during high-impact and sensitive situations.
KNOWLEDGE, SKILLS, and ABILITIES

The requirements listed are representative of the knowledge, skills, and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions.

Education and Experience
  • 6+ years of experience in cybersecurity operations or incident response with progressive responsibility.
  • 5+ years in a leadership role responsible for cybersecurity operations or incident response.
  • Experience leading enterprise-scale incident response programs.
  • Financial services or regulated industry experience preferred.
  • Bachelor's degree in a related discipline or equivalent experience required.

Licenses, Certifications, Registrations
  • CISSP strongly preferred.
  • GCIH, GCFA, CISM, CISA, or GIAC certifications highly desirable.

Other Skills and Abilities
  • Expertise in incident response and digital forensics.
  • Strong understanding of insider threat risk and investigations.
  • Executive-level communication and leadership under pressure.
  • Proven ability to balance security, privacy, and business needs.
  • Strategic thinking.
  • Problem-solving skills.
  • Verbal/written communication skills.
  • Leadership and talent management skills.
  • Public speaking skills.

PHYSICAL ABILITIES / WORKING CONDITIONS

Physical Demands
Ability to sit, talk and hear consistently

Vision Requirements
Close vision (clear vision at 20 inches or less)
Distance vision (clear vision at 20 feet or more)
Color vision (ability to identify and distinguish colors)

Weight Lifted or Force Exerted
Ability to lift up to 10 pounds frequently and up to 25 pounds occasionally

Environmental
There are no unusual environmental factors (such as a typical office)

Noise Environment
Moderate noise (business office with computers and printers, light traffic)

***This Job is not eligible to be performed in Colorado or Connecticut, either remotely or in-person.***

About Mountain America Credit Union

Mountain America Credit Union is a federally chartered credit union headquartered in Sandy, Utah, regulated under the authority of the National Credit Union Administration (NCUA). It is the second-largest credit union in Utah, with over 100 branches and 1,000 ATMs across the United States. Mountain America Credit Union offers a range of financial products and services, including savings accounts, checking accounts, loans, mortgages, credit cards, and investment services. The credit union was founded in 1934 as the Salt Lake Telephone Employees Credit Union and has since grown to serve over 900,000 members.
Learn more about Mountain America Credit Union
Size
2,000 employees
Industry
Founded
1934

Similar Jobs

More Jobs at Mountain America Credit Union

More Information Technology Jobs

Find similar Sr Mgr CyberSecurity Incident Response jobs: