Talent.com
Match Group
Incident Response Manager (Security Operations Center)Match Group • Vancouver, British Columbia
No longer accepting applications
Incident Response Manager (Security Operations Center)

Incident Response Manager (Security Operations Center)

Match Group • Vancouver, British Columbia
30+ days ago
Job type
  • Full-time
Job description

About Match Group

Match Group (NASDAQ: MTCH) is a leading provider of dating products across the globe, operating a portfolio of brands including Tinder, Hinge, Match, OkCupid, Pairs, Meetic, and more. With hundreds of millions of users worldwide generating billions of interactions daily, our scale demands world-class security operations.

About the Team

The MG Security Engineering organization provides unified security services across all Match Group brands. The Monitoring, Incident Response & SOC team is responsible for real-time threat detection, investigation, and response across the full portfolio — operating 24/7 to ensure security alerts are effectively triaged and responded to, minimizing the impact of potential threats.

About the Role

As the Manager, IR / SOC, you will lead the integrated team responsible for Detection Engineering, Security Operations Center (SOC), and Incident Response (IR) across Match Group. Reporting to the Sr. Director of Security Engineering, you will drive the strategic vision of maximizing rapid and accurate threat response capabilities by integrating these three core functions and leveraging AI-driven innovation.

You will own the detection lifecycle end-to-end — from signal engineering and alert tuning through triage, investigation, and incident resolution — while building toward an AI-augmented SOC model that reduces noise, accelerates response, and scales across a global portfolio.

What You'll Do

  • Lead and develop a high-performing team of SOC analysts, detection engineers, and incident responders operating across multiple time zones with 24/7 coverage

  • Play a key role in developing the detection engineering framework, contributing to detections-as-code (DaC) via GitOps/CI/CD pipelines for consistency and automated deployment

  • Drive AI Agentic SOC adoption — evaluate, select, and implement AI-driven triage and investigation tooling to maximize SOC efficiency, reduce false positives, and accelerate initial response speed

  • Manage the full incident lifecycle — from detection through containment, eradication, recovery, and lessons learned — partnering with Legal, Communications, Privacy, and Engineering teams

  • Build and refine detection content across the SIEM platform, integrating log sources across all MG brands (Tinder, Hinge, Match, E&E, HPCNT, Eureka, and New Bets)

  • Establish and track SOC metrics and SLAs, creating dashboards to visualize performance, alert fidelity, and response effectiveness

  • Coordinate and execute IR tabletop exercises (technical and management-level) across brands to validate readiness and improve playbooks

  • Partner with the Red Team to validate detection capabilities through adversary simulation and assumed-compromise testing

  • Collaborate with Platform Security, InfraSec, and AppSec teams to identify and close detection gaps across cloud-native and hybrid environments (AWS, GCP), datacenter infrastructure, endpoints (CrowdStrike), identity (Okta), SaaS, and application layers

  • Integrate threat intelligence into detection and response workflows to anticipate and proactively defend against emerging threats

  • Use automation to improve detection and response times and mitigate incident impact

What You'll Bring

  • 5+ years of experience in security operations, incident response, detection engineering, or threat hunting, with 2+ years in a team leadership or management role
  • Proven experience building and operating a modern SOC in cloud-native and hybrid environments (AWS, GCP) and datacenter infrastructure
  • Hands-on experience with SIEM platforms and SOAR tools — including detection-as-code methodologies
  • Strong understanding of AI/ML applications in security operations — agentic SOC, automated triage, and intelligent alert enrichment
  • Experience managing the full incident lifecycle across complex, multi-brand or multi-tenant environments
  • Deep knowledge of attacker TTPs (MITRE ATT&CK), endpoint and network forensics, and threat hunting techniques
  • Experience with cloud security monitoring (AWS CloudTrail, GuardDuty, Security Hub, CloudWatch; GCP Security Command Center), datacenter security, and container orchestration security (Kubernetes)
  • Familiarity with identity and access security monitoring (Okta, SSO, MFA events)
  • Experience coordinating with external incident response teams, law enforcement, and cross-functional stakeholders during security events
  • Polished verbal and written communication skills — ability to communicate clearly during high-pressure incidents and deliver thorough post-incident reports to technical and executive audiences
  • Relevant certifications are a plus: GCIH, GCFA, GCIA, GSOM, CISSP, or equivalent

Nice to Have

  • Experience with Python-based detections and log analysis in modern cloud-native SIEM platforms
  • Background in the consumer internet/dating industry or other high-scale B2C platforms
  • Familiarity with Cloudflare (WAF, Bot Management), CrowdStrike, and SaaS security monitoring (Obsidian or similar)
  • Experience building or leading a Blue Team volunteer program or cross-functional security response team
$170,000 - $190,000 a yearFactors such as scope and responsibilities of the position, candidate's work experience, education/training, job-related skills, internal peer equity, as well as market and business considerations may influence base pay offered.

This salary range is reflective of Vancouver, Canada. For all other locations, this salary may be subject to a geographic adjustment (according to a specific city and state), if an authorization is granted to work outside of the location listed in this posting.#LI-CB1
Why Match Group?
Our mission is simple – to help people find love and happiness! We love our employees too and understand the importance of all life's milestones. Here are some of the benefits we are proud to offer:
Mind & Body – Medical, mental health, and wellness benefits to support your overall health and well-beingFinancial Wellness – Competitive compensation, 100% employer match on 401k contributions up to 10% (cap at $10,000), as well as an employee stock purchase program to help you feel supported in your financial securityUnplug – Generous PTO and 14 paid holidays so you can unplugCareer – Annual training allowance for professional development and ERG membership opportunities and events so you feel connected and empowered in your workFamily – Families come in all shapes and sizes so we offer 20 weeks of 100% paid parental leave, fertility, adoption, and child care resources, as well as pet insurance and discounts Company Gatherings – We host company events where our employees get to know each other and build a sense of connection and belonging!
We are proud to be an equal opportunity employer and we value the rich dynamics that diversity brings to our company. We do not discriminate on the basis of race, religion, color, creed, national origin, ancestry, disability, marital status, age, sexual orientation, sex (including pregnancy and sexual harassment), gender identity or expression, uniformed service or veteran status, genetic information, or any other legally protected characteristic. Period.
If you require a reasonable accommodation to participate in the hiring process — such as during pre-employment testing or interviews — please indicate this by selecting “Yes” in the accommodation request field. We’ll reach out to discuss your needs if you're selected for the interview stage.
#MG.
Create a job alert for this search

Incident Response Manager (Security Operations Center) • Vancouver, British Columbia

Similar jobs

Information Security Risk Management Specialist

Insight GlobalVancouver
Full-time

Drive information security advancements as a Risk Management Specialist.Lead the formulation of risk assessments and governance metrics while collaborating with cross-functional teams.This role inv... Show more

 • Promoted

Project Manager, Clinical Operations - delta

Stiris Research Inc.delta, bc, ca
Full-time

Stiris Research is an entrepreneurial Clinical Trial Management Company providing Phase I through IIIB full-service support to Biotechnology and Biopharmaceutical companies.We make a difference by ... Show more

 • Promoted

X-Force Incident Response Consultant Associate (September 2026 - Calgary, Toronto, Ottawa, Mont[...]

IBMVancouver, Metro Vancouver Regional District, CA
Full-time

A career in IBM Consulting is rooted in long-term relationships and close collaboration with clients across the globe.Curiosity and a constant quest for knowledge serve as the foundation for succes... Show more

 • Promoted

Fraud Prevention and Investigation Manager

BC HousingBurnaby
Full-time

Reporting to the Associate Vice President, Enterprise Risk and Regulatory Affairs, the Fraud Prevention and Investigation Manager manages the design and delivery of programs to prevent, mitigate, a... Show more

 • Promoted

Global Therapist: Integrated Critical Incident Response (ICIR)

Spring HealthVancouver, Metro Vancouver Regional District, CA
Full-time

Global Therapist: Integrated Critical Incident Response (ICIR).Location: Brandon, Manitoba, Canada.Our mission: to eliminate every barrier to mental health.At Spring Health, we’re on a mission to r... Show more

 • Promoted

Manager, It Operation Security Remediation

TransLinkVancouver, Canada
Full-time

A career at TransLink and our family of companies means working with people with a wide range of skills and perspectives, all teaming up towards a common goal: preserving and enhancing the region&#... Show more

 • Promoted

Security Site Manager- With Relocation Support

Guardteck Security Corp.Vancouver, British Columbia, Canada
Full-time

Security Site Manager—With Relocation Support Security Site Manager position reports to the Account Manager designated by Guardteck Operations, and is important in ensuring that the site is perform... Show more

 • Promoted

Product Incubation Manager - delta

Syntaxdelta, bc, ca
Full-time

The Product Incubation Manager drives new software product ideas through the company’s incubation track, from early ideation to MVP realization.The role focuses on accelerating innovation by struct... Show more

 • Promoted

Senior DevOps Engineer with Expertise in Cloud and Incident Management

RipplingVancouver, Metro Vancouver Regional District, CA
Full-time

Advance your career as a Senior DevOps Engineer, focusing on optimizing corporate IT through security and automation.This role emphasizes autonomy within cloud-native environments while significant... Show more

 • Promoted

App Support Engineer — Incident Response & Observability

Global RelayVancouver, British Columbia, Canada
Full-time

A leading cloud archiving firm based in Vancouver seeks an Intermediate II Application Support Specialist.The role involves ensuring the stability of live systems, troubleshooting incidents, and co... Show more

 • Promoted

Senior Information Technology Project Manager - NEOGOV

NEOGOVdelta, bc, ca
Full-time

This role is a CONTRACT & REMOTE from anywhere in Canada ***.Senior PMO Manager – Product Delivery(SaaS/Remote/Contract).NEOGOV is a proud SaaS leader in the Public Sector for HR, Recruiting, emplo... Show more

 • Promoted

Senior Incident Response Consultant at CrowdStrike

CrowdStrikeVancouver, Metro Vancouver Regional District, CA
Full-time

Join CrowdStrike as a Senior Incident Response Consultant and play a critical role in modern cybersecurity.This position allows you to shape responses to sophisticated cyber threats.We are looking ... Show more

 • Promoted

Direct Response Specialist

Surrey Hospitals FoundationSurrey, Metro Vancouver Regional District, CA
Full-time

Since 1992, Surrey Hospitals Foundation has worked to ensure that every investment leads to better care, better access and better outcomes across the South Fraser region.As the recognized health ca... Show more

 • Promoted

Lead - Emergency Response

Artemis Gold Inc.Vancouver, Metro Vancouver Regional District, CA
Full-time

Artemis Gold is a well‑financed, growth‑oriented gold development company with strong financials aimed at creating shareholder value through the identification, acquisition, and development of gold... Show more

 • Promoted

SRE Incident Response Engineer

XsollaVancouver, British Columbia, Canada
Full-time

A global commerce company based in Canada is seeking an Operations Engineer to monitor the GTO Operational Dashboard, triage incidents, and ensure the smooth operation of production systems.The ide... Show more

 • Promoted

Remote Client Engagement Manager - Cyber Security

CyberClanVancouver, Metro Vancouver Regional District, CA
Remote
Full-time +1

A leading cybersecurity firm is seeking a Client Engagement Manager to provide superior customer-centric experiences.The role involves overseeing project execution, ensuring seamless onboarding for... Show more

 • Promoted

Cybersecurity Analyst - Drive Security Ops & Incident Response

Capilano UniversityNorth Vancouver
Full-time

A higher education institution in North Vancouver seeks a Cybersecurity Analyst to oversee and enhance cybersecurity operations.The ideal candidate will have over 3 years of relevant experience, in... Show more

 • Promoted

Information Security Policy and Implementation Specialist

TELUSVancouver
Full-time

TELUS Health Chief Security Office (CSO) operates globally at the forefront of cybersecurity excellence, where our team anticipates threats, solves complex security challenges, and delivers world‑c... Show more

 • Promoted

Senior Cybersecurity Analyst: Incident Response & Strategy

lululemonVancouver, Metro Vancouver Regional District, CA
Full-time

An innovative performance apparel company in Vancouver seeks a Staff Cybersecurity Analyst to lead complex cybersecurity initiatives, enhance security posture, and mentor junior analysts.This role ... Show more

 • Promoted

Remote Senior SOC Analyst for Threat Detection and Incident Management

TreantlyVancouver, Metro Vancouver Regional District, CA
Remote
Full-time

Shape cybersecurity efforts as a Senior SOC Analyst, proficient in threat detection and incident response.Lead remote operations to tackle complex security challenges while mentoring junior analyst... Show more