Cybersecurity Incident Manager

Wintrust provides community and commercial banking, specialty finance and wealth management services through its 16 bank charters and nine non-bank businesses. Wintrust delivers the sophisticated solutions of a large bank while staying true to the relationship-focused, personalized service of our community banking roots. We serve clients in all 50 states with more than 200 branch banking locations in Illinois, southwestern Florida, northwestern Indiana, west Michigan and southern Wisconsin and commercial banking offices in Chicago, Denver, Milwaukee, Grand Rapids, Mich., and in key branch banking locations throughout Illinois. Our people are the heart of our business and we are proud to rank consistently as a top place to work. Wintrust is a $66 billion financial institution based in Rosemont, Illinois, and listed on the NASDAQ Global Select Market under the symbol “WTFC.”

Why join us?

• An award-winning culture! We are rated a Top Workplace by the Chicago Tribune (past 12 years) and Employee Recommended award by the Globe & Mail (past 6 years)

• Competitive pay and discretionary or incentive bonus eligible

• Comprehensive benefit package including medical, dental, vision, life, a 401k plan with a generous company match and tuition reimbursement to name a few

• Promote from within culture

Why join this team?

• This position has the opportunity to interface with and have a positive impact on multiple areas of Wintrust's business

• We hold ourselves accountable to high standards, share wins, operate ethically, and have fun

Position Overview

The Cybersecurity Incident Manager is a senior technical contributor within the Security Operations Center responsible for owning and coordinating escalated cybersecurity incidents from detection through resolution. This role ensures that high-severity threats are investigated, contained, and remediated effectively while minimizing business impact. The Cybersecurity Incident Manager serves as a subject-matter expert for incident response & forensics, provides advanced analysis support to L1/L2 analysts, and drives improvements in incident handling processes and documentation.

What You’ll Do

• Incident Response & Coordination – Lead and manage escalated cybersecurity incidents and major events, coordinating analysis, containment, remediation, and recovery across technical teams. Act as escalation point for complex incidents and serve as subject matter expert during active threat handling

• Forensics – Perform in-depth incident analysis & using SIEM, EDR/XDR, and forensic tools

• Documentation & Reporting – Document incident timelines, technical findings, decisions, and remediation steps. Produce detailed post-incident reports, contribute to post-incident reviews, and communicate actionable insights to stakeholders

• Process & Playbook Development – Maintain and improve incident response playbooks, standard operating procedures (SOPs), and runbooks. Work with SOC leadership to evolve response workflows based on lessons learned and emerging threats

• Knowledge Sharing, Mentorship, and Continuous Improvement – Provide technical guidance and mentoring to L1/L2 analysts, help refine escalation criteria and foster consistent incident handling practices. Identify gaps in detection and response capabilities. Collaborate with team to enhance alerts, automations, and defensive measures. Contribute to SOC initiatives like tabletop exercises and capability evaluations

Qualifications

• Bachelor’s degree or equivalent experience

• 5+ years of forensics and incident response experience

• Experience working with CrowdStrike tools

• Detection engineering experience

• Investigation experience

Benefits

Medical Insurance • Dental • Vision • Life insurance • Accidental death and dismemberment • Short-term and long-term Disability Insurance • Parental Leave • Employee Assistance Program (EAP) • Traditional and Roth 401(k) with company match • Flexible Spending Account (FSA) • Employee Stock Purchase Plan at 5% discount • Critical Illness Insurance • Accident Insurance • Transportation and Commuting Benefits • Banking Benefits • Pet Insurance

Compensation

The estimated salary range for this role is $130,000.00 - $160,000.00, along with eligibility to earn an annual bonus. Actual salaries may vary based on several factors, such as a candidate’s qualifications, skills and experience.

#LI-Hybrid

#LI-JB1

From our first day in business, Wintrust has been proud to serve a variety of unique communities and people from all walks of life.  To build a company that reflects the communities we serve, we believe that fostering a unique and inclusive workplace where everyone feels valued and empowered to succeed will support our ongoing success.  Wintrust Financial Corporation, including community banking and financial services subsidiaries, is an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information, and other legally protected categories.