IR / SOC Manager (Security Engineering)

Lead and develop a high-performing team of SOC analysts, detection engineers, and incident responders operating across multiple time zones with 24/7 coverage Play a key role in developing the detection engineering framework, contributing to detections-as-code (DaC) via GitOps/CI/CD pipelines for consistency and automated deployment Drive AI Agentic SOC adoption — evaluate, select, and implement AI-driven triage and investigation tooling to maximize SOC efficiency, reduce false positives, and accelerate initial response speed Manage the full incident lifecycle — from detection through containment, eradication, recovery, and lessons learned — partnering with Legal, Communications, Privacy, and Engineering teams Build and refine detection content across the SIEM platform, integrating log sources across all MG brands (Tinder, Hinge, Match, E&E, HPCNT, Eureka, and New Bets) Establish and track SOC metrics and SLAs, creating dashboards to visualize performance, alert fidelity, and response effectiveness Coordinate and execute IR tabletop exercises (technical and management-level) across brands to validate readiness and improve playbooks Partner with the Red Team to validate detection capabilities through adversary simulation and assumed-compromise testing Collaborate with Platform Security, InfraSec, and AppSec teams to identify and close detection gaps across cloud-native and hybrid environments (AWS, GCP), datacenter infrastructure, endpoints (CrowdStrike), identity (Okta), SaaS, and application layers Integrate threat intelligence into detection and response workflows to anticipate and proactively defend against emerging threats Use automation to improve detection and response times and mitigate incident impact