Detection and Response Manager, Tempus Technologies

Responsibilities

• Core Detection & Response Operations
• Lead day‑to‑day Detection and Response activities, ensuring timely detection, triage, investigation, and response to security events.
• Ensure 24/7 incident response readiness by maintaining and managing the on‑call rotation, including scheduling, escalation paths, and service‑level expectations.
• Serve as the owner for incident response execution, including initial containment, escalation, incident declaration, and forensic coordination.
• Act as the primary technical lead and liaison during high‑severity incidents, collaborating with Infrastructure, Engineering, Legal, and Executive leadership. Detection Engineering & Threat Intelligence
• Oversee the development, tuning, and continuous improvement of SIEM detections, alerting logic, and correlation rules.
• Drive integration of internal and external Threat Intelligence to enhance visibility and detection capabilities.
• Produce operational metrics and performance reporting focused on detection coverage, MTTD/MTTR, case handling quality, and tooling efficacy.
• Evaluate and implement new technologies, integrations, and automation opportunities to reduce manual workload and enhance response capabilities. Incident Response Program Management
• Own and maintain incident response playbooks, SOPs, escalation paths, and response frameworks.
• Ensure regulatory, contractual, and internal stakeholder notifications are initiated and documented when required.
• Manage post-incident activities, including after-action reviews, corrective actions, and measurable improvements.
• Lead readiness activities such as tabletop exercises, red/blue/purple team scenarios, and simulation‑based training.
• Ensure incident response posture aligns with organizational risk appetite, audit requirements, and industry best practices. Leadership, Coaching & Continuous Improvement
• Direct and mentor analysts in investigations, incident handling, and operational processes.
• Execute staffing decisions, performance evaluations, onboarding, and the professional development pipeline for analysts.
• Identify operational gaps and recommend technical or process improvements to mature the detection and response program.
• Champion a culture of continuous improvement, documentation discipline, and analytical excellence. Key Relationships:
• Security Operations & Application Security Teams
• IT Infrastructure Teams
• Development Teams
• Executive Leadership
• External Vendors & Incident Response Partners Qualifications:
• Bachelor's degree in Computer Science, Information Security, Engineering, or a related field (or equivalent experience).
• CCSP, CISSP, GCIA, GCIH, GCFA, CySA+ or equivalent certifications.
• 5+ years of experience leading security operations, incident response, digital forensics, or security engineering.
• Demonstrated ability to lead incident response activities from detection through containment, eradication, recovery, and post incident review.
• Experience performing root cause analysis, log analysis, and threat investigation.
• Exposure to compliance frameworks such as PCI DSS, SOC 2, HIPAA, and FedRAMP.
• Strong understanding of cybersecurity fundamentals, including networking, operating systems, endpoint security, cloud security, and identity access management.
• Hands-on experience with SIEM platforms (e.g., Elastic, Splunk), EDR tools, IDP/IPS, and other monitoring technologies.
• Expertise with incident handling methodologies and frameworks such as NIST 800 61, ISO 27035, and MITRE ATT&CK.
• Proficiency in incident management tools and ticketing systems (e.g., Jira, ServiceNow).
• Excellent ability to translate technical details into clear, actionable communication for both technical and non-technical stakeholders.
• Strong communication and interpersonal skills with the ability to manage stressful situations.
• Strong organizational skills with the ability to prioritize and manage multiple concurrent incidents and tasks.
• Excellent problem-solving, analytical, and decision-making skills. This position may be eligible for remote work in select geographic locations, subject to approval by PNC. If approved, work must be conducted from a quiet, secure, and confidential home-based workspace. Occasional in-office participation may be required based on business needs. PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position. Job Description Manages a team that oversees the day-to-day operations and effectiveness of assigned security technology and programs. Manages resources that enables security control effectiveness with a team and technology. Monitor trends and continuously assesses staff/security system capabilities to meet business demands. Leads in policy development, audit mitigation, and other tasks related to securing and maintaining the operational health of the infrastructure. Evaluates security systems, teams and processes to provide recommendations to maintain continuity and operational health. Documents and revises procedures and playbooks for teams, processes and technology to provide a standard security practice and increase team effectiveness. PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be: Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions. Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework. PNC also has fundamental expectations of our people managers. As a manager of talent in PNC, you will be expected to: Include Intentionally - Cultivates diverse teams and inclusive workplaces to expand thinking. Live the Values - Role models our values with transparency and courage. Enable Change - Takes action to drive change and innovation that will transform our business. Achieve Results - Takes personal ownership to deliver results. Empowers and trusts others in decision making. Develop the Best - Raises the bar with every talent decision and guides the achievement of all employees and customers. Qualifications Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position. Preferred Skills Access Control (AC), Building Architecture, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Physical Security, Risk Assessments, Security Technologies Competencies Data Governance, Information Assurance, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, Knowledge of Organization Work Experience Roles at this level typically require a university / college degree, with 5+ years of industry-relevant experience. At least 3 years of prior management experience is typically required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered. Education Associates Certifications No Required Certification(s) Licenses No Required License(s) Pay Transparency Base Salary: $100,100.00 – $223,080.00 Salaries may vary based on geographic location, market data and on individual skills, experience, and education. This role is incentive eligible with the payment based upon company, business and/or individual performance. Application Window Generally, this opening is expected to be posted for two business days from 06/16/2026, although it may be longer with business discretion. Benefits PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options
• employee and spouse/child life insurance
• short and long-term disability protection
• 401(k) with PNC match, pension and stock purchase plans
• dependent care reimbursement account
• back-up child/elder care
• adoption, surrogacy, and doula reimbursement
• educational assistance, including select programs fully paid
• a robust wellness program with financial incentives. In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave
• up to 11 paid holidays each year
• 9 occasional absence days each year, unless otherwise required by law
• between 15 to 25 vacation days each year, depending on career level
• and years of service. To learn more about these and other programs, including benefits for full time and part-time employees, visit pncthrive.com . Disability Accommodations Statement If an accommodation is required to participate in the application process, please contact us via email at AccommodationRequest@pnc.com . Please include “accommodation request” in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses. Applicants may also call 877-968-7762 and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. At PNC we foster an inclusive and accessible workplace. We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions. Equal Employment Opportunity (EEO) PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law. This position is subject to the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA) and, for any registered role, the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) and/or the Financial Industry Regulatory Authority (FINRA), which prohibit the hiring of individuals with certain criminal history. California Residents Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.