Incident Response (IR) Solutions Manager - Remote (Anywhere in the U.S.)

GuidePoint Security's Incident Response (IR) Solutions Manager serves as the critical liaison between clients, internal response teams, and strategic partners to ensure the efficient intake, scoping, and execution of cyber incident engagements. This role blends technical understanding of incident response with business awareness, overseeing case intake, managing Statements of Work (SOWs), supporting pre-sales initiatives, and maintaining trusted relationships with insurance carriers, breach coaches, and external counsel.

Inbound Queue Support

• Serve as the first point of contact for inbound referral requests from insurance carriers, external counsel, and escalations from existing or direct clients.
• Assess urgency, provide initial incident feedback and communicate proposed next steps.
• Coordinate rapid internal assignment to IR teams.

Scoping and SOW Management

• As a result of Inbound requests, engage with clients and internal SMEs to define engagement scope, objectives, and deliverables.
• Draft, review, and manage SOWs to align with client needs, insurer, and counsel requirements.
• Ensure pricing, timelines, and deliverables are clearly defined, contracts executed, and coordinate steps towards initial kickoff.

Business Development Support

• Support efforts to develop External Counsel and Insurance Carrier relationships though webinars, on-site meetings, events, speaking opportunities, and supporting other industry or direct events.
• Identify opportunities to provide guidance and/or subject-matter expertise that help articulate IR and Threat Intelligence capabilities and differentiators.

AE Handoff Process

• Own the post-engagement account transition from delivery teams to Account Executives (AEs).
• Coordinate with AEs and leadership to identify potential strategic opportunities, where and when appropriate.
• Conduct structured internal handoff sessions to brief AE teams on scope, stakeholders, and context, for a seamless transition for clients.

Pre-Sales Support

• Support general pre-sales and scoping efforts for potential DFIR, IR Advisory, and Threat Intelligence engagements, including discussion around IR retainers, Compromise Assessments, IR Planning, Tabletops, readiness assessments, and Threat Intelligence services.
• Participate in RFP responses and client solution workshops.
• Coordinate and interface with technical teams where deep-dive discussion and supplemental scoping are required.

Case Management

• Oversee active case progress from intake to closure, ensuring timely updates, documentation, and client communication.
• Track metrics on response time, case volume, and customer satisfaction.
• Coordinate with finance for billing accuracy and engagement closeout.

Insurance and Counsel Relationship Support

• Serve as a primary relationship owner for key insurance carriers, breach coaches, and law firm partners.
• Facilitate regular touchpoints to discuss trends, feedback, and process improvements.
• Ensure adherence to preferred vendor protocols and maintain a reputation for reliability and transparency.

• 5+ years of experience in Incident Response, Cybersecurity Services, or Client Delivery Management.
• Strong understanding of cyber incident lifecycle, DFIR processes, and insurer/legal roles.
• Excellent communication and stakeholder management skills across technical and executive audiences.
• Experience drafting SOWs, managing multiple concurrent engagements, and supporting sales cycles.
• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience).

• Familiarity with cyber insurance ecosystem and breach coach workflows.
• Proven success managing IR or forensics engagements under high-pressure conditions.
• CRM or case management platform experience (Salesforce, HubSpot, ServiceNow, etc.).
• Certifications such as GCIH, GCFA, CISM, or PMP are advantageous.