Cyber Security Incident Response Team Lead (CSIRT Manager) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Stellantis · 23 hours ago

Cyber Security Incident Response Team Lead (CSIRT Manager)

positionAuburn Hills, MI
timeFull-time
remoteOnsite
senioritySenior Level

Stellantis is a global mobility leader aiming to provide clean and affordable mobility solutions. The Cyber Security Incident Response Team Lead will manage the CSIRT, overseeing the incident response lifecycle and ensuring operational excellence while cultivating a high-performing team.

AutomotiveIndustrial ManufacturingRetailTransportation
check
H1B Sponsor Likelynote

Responsibilities

Own the IR Lifecycle & Escalation: Direct the end-to-end response across preparation, detection/analysis, containment, eradication, recovery, and post incident, following
Lead & Develop the Team: Manage, mentor, and schedule CSIRT analysts and leads across shifts and on call rotations within the distributed regional model; drive skills development and readiness
Command During Crises: Serve as Incident Commander for high/critical events and integrate the right SMEs into the crisis cell, ensuring disciplined communications and handoffs as defined in the CSIR crisis process
Metrics & Reporting: Establish, track, and improve KPIs/SLAs (e.g., MTTD, MTTR, containment time, PIR completion) and present status in monthly business reviews and dashboards
Playbooks, Use Cases & Lessons Learned: Ensure playbooks/response procedures are current and threat informed; feed PIR insights back into detections, SOAR workflows, and control hardening in partnership with platform engineering and detection teams
Cross Functional Orchestration: Coordinate with CDOC other products (CTI, Redteam, Monitoring) and Legal/Privacy, Comms, and business/IT/Cloud owners; align to the SOC Target Operating Model and service catalogue
Threat Informed Response: Consume and task Cyber Threat Intelligence and threat hunting to guide scoping, IOCs, and hypotheses; ensure bidirectional feedback between CTI, Red Team, and CSIRT
Tooling & Case Management: Ensure consistent use of the incident/case platform and evidence handling procedures; maintain audit ready documentation and artifacts
Vendor & Retainer Oversight: Govern IR retainer(s) and MSSP engagements; validate service performance and integration with internal processes
Compliance & Governance: Ensure incident handling aligns with Stellantis policy, applicable regulations, and internal governance boards; prepare materials for audits, PIRs, and leadership readouts (per SOC governance and crisis documentation)
Direct major incident bridges, integrate SMEs, and ensure timely executive updates per crisis process; confirm accurate status tracking and next actions
Oversee investigations (host/network/cloud), evidence handling, and scoping; validate containment/eradication and business recovery while maintaining audit‑ready documentation
Run post‑incident reviews and feed structured improvements into playbooks/use cases and control posture, track remediation to closure
Report KPIs/SLAs and risk themes in monthly reviews; align resourcing and tooling roadmaps to findings
Coordinate with CTI for threat‑informed scoping and proactive hunts; ensure bi‑directional intel sharing and IOC packages

Qualification

Incident Response LifecycleCyber Threat IntelligenceMetrics & ReportingTeam LeadershipCompliance & GovernanceTooling & Case ManagementCrisis ManagementCommunication Skills

Required

Experience leading a Cyber Security Incident Response Team (CSIRT)
Strong understanding of the incident response lifecycle
Ability to manage, mentor, and schedule team members across shifts
Experience serving as Incident Commander during high/critical events
Proficiency in establishing, tracking, and improving KPIs/SLAs
Experience in ensuring playbooks/response procedures are current and threat informed
Ability to coordinate with cross-functional teams and stakeholders
Experience in consuming and tasking Cyber Threat Intelligence
Proficiency in incident/case platform and evidence handling procedures
Experience in governing IR retainers and MSSP engagements
Knowledge of compliance and governance related to incident handling
Ability to prepare materials for audits and leadership readouts

Company

Stellantis

twittertwittertwitter
Glassdoor3.7
company-logo
Stellantis is an Franco-Italian-American automotive holding company that manufactures automobiles.
dateFounded in 2021
location
Hoofddorp, Noord-Holland, NLD
people-size10001+ employees
web-link
https://www.stellantis.com/

H1B Sponsorship

Stellantis has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2024 (3)
2023 (2)

Funding

Current Stage
Public Company
Total Funding
$14.13B
2021-07-23Post Ipo Debt· $14.13B
2021-01-18IPO

Leadership Team

leader-logo
Antonio Filosa
Chief Executive Officer
linkedin
leader-logo
Christine Feuell
Chrysler and Alfa Romeo NA Brand CEO
linkedin

Recent News

DBusiness Magazine
Stellantis Releases Vehicle Lineup and Debuts for Detroit Auto Show
2026-01-16
MEXICONOW
Mexican Automotive Market Shows Strength in 2025
2026-01-16
MEXICONOW
Stellantis Discontinues Its Entire Line of Plug-in Hybrids
2026-01-16
Company data provided by crunchbase