Entry Level Incident Manager Jobs
New grad incident manager jobs welcome recent graduates and entry level candidates with zero to two years of experience, where a strong portfolio or internship work in IT operations or service management can matter more than a long resume. Most openings are on-site, remote, and hybrid roles across Technology & Software, Retail, and E-Commerce & Online Marketplaces, with employers like Amazon, CFC, and Deloitte hiring at this level now.
Find JobsOverview
Showing 5 of 12+ Entry Level Incident Manager jobs
At American Express, our mission is to deliver the world’s best customer experience every day. At the heart of this mission is our Information Security organization, enabling exceptional experiences built on a foundation of trust, service, and security. We leverage advanced technologies and data-driven insights to stay ahead of an evolving threat landscape. We foster a culture of passion, curiosity, and courage—empowering you to innovate, grow, and help shape the future of a Fortune 100 company.
Trust. Service. Security.
American Express seeks to recruit a passionate and experienced Leader for its Incident Response team. This is a senior-level, hands-on, highly technical role performing incident response activities ranging from pre-incident preparation, active incident response, and post-incident analysis and recovery. You will be a key technical resource conducting investigations, performing advanced analysis, identifying attacker TTPs, building attack narratives, and executing response actions.
As part of our evolution toward a Next Generation Agentic SOC, this role will also help drive the adoption of AI-enabled security operations, intelligent automation, and autonomous analyst workflows. The ideal candidate combines deep incident response expertise with curiosity and practical experience in AI-assisted detection, security automation, and modern SOC engineering practices.
You are a motivated leader who will directly manage, mentor, and develop a team of SOC analysts while driving the people, processes, and technology that empower the team to investigate sophisticated threats at scale. This role requires critical thinking, innovative problem solving, technical leadership, people leadership, and effective communication across both technical and executive audiences.
- 3+ years of experience in information security, security operations, incident response, threat hunting, or cyber defense.
- Experience with host, network, and/or memory forensics.
- Experience with various network and/or host-based security tools used to detect and respond to security events (e.g., SIEM, EDR, NDR, SOAR, web proxy, IDS/IPS, cloud-native security platforms, etc.).
- Theoretical and practical security knowledge and investigation experience with Mac, Linux, Windows, and cloud environments.
- Strong understanding of incident response lifecycles, attacker methodologies, and cyber kill chain concepts.
- Experience performing analysis of complex security incidents in enterprise environments.
- Familiarity with scripting or programming languages such as Python, PowerShell, Go, or similar.
- Ability to convey complex technical concepts to audiences with varying levels of technical expertise.
- Strong analytical, investigative, documentation, and communication skills.
- Demonstrated curiosity and adaptability toward emerging AI-enabled security technologies and workflows.
- Demonstrated ability to lead, motivate, and develop technical teams in high-tempo, operationally demanding environments.
- Strong interpersonal and conflict-resolution skills, with the ability to foster a collaborative, inclusive, and psychologically safe team environment.
Preferred:
- 1+ years of experience in a people leadership, team lead, or supervisory role, including direct responsibility for coaching, mentoring, or managing technical staff.
- Experience working within a modern SOC leveraging AI-assisted analysis, security automation, and/or SOAR technologies.
- Familiarity with AI/ML concepts and practical applications within cybersecurity operations.
- Experience with prompt engineering, LLM-assisted workflows, or AI copilots for security investigations and operational efficiency.
- Understanding of AI agent architecture, orchestration frameworks, retrieval-augmented generation (RAG), vector databases, or autonomous workflow concepts.
- Experience integrating APIs, automation pipelines, or AI-enabled tooling into SOC workflows.
- Knowledge of adversarial AI threats, prompt injection risks, model misuse, or AI security governance principles.
- Experience building or operationalizing automated detection, enrichment, triage, or response capabilities.
- Knowledge and investigation experience in a global, multi-cloud environment.
- Experience with detection engineering, threat hunting, or behavioral analytics.
- Familiarity with cloud-native security technologies and telemetry sources.
- Multiple applicable certifications (GSE, GDAT, GCIA, GCIH, GCFA, GNFA, GCFE, GREM, CCSP, CISSP, CEH, etc.).
- AI-related certifications or hands-on experience with enterprise AI platforms, orchestration frameworks, or automation tooling.
- Experience managing performance cycles, conducting calibrations, and building talent development plans within a security operations or SOC environment. Experience managing geographically distributed or shift-based teams supporting 24×7 operations.
Employment eligibility to work with American Express in the United States is required as the company will not pursue visa sponsorship for these positions.
See All 12 Entry Level Incident Manager Jobs
Find roles that match your experience and apply in just a few clicks.
Find JobsEntry Level Incident Manager Job Market
Who's Hiring
- Amazon3
- CFC1
- Deloitte1
- Microsoft1
- ClickHouse1

Top Industries Hiring
- Technology & Software7
- Retail3
- E-Commerce & Online Marketplaces3
- Accounting & Auditing1
- Hospitality & Tourism1
Entry Level Incident Manager Jobs: Frequently Asked Questions
How do I get an entry level incident manager job?
Employers at this level look for familiarity with IT service management frameworks such as ITIL, hands-on experience from internships or helpdesk roles, and clear communication skills for coordinating during outages. A portfolio documenting an incident you helped resolve or a process you improved gives you a concrete edge. Certifications like ITIL Foundation signal readiness when direct work experience is limited.
Which companies hire entry level incident managers?
Companies hiring entry level incident managers right now include Amazon, CFC, and Deloitte, based on current listings on Migrate Mate as of July 2026. Hiring at this level comes from a wide range of employers, including technology firms, managed service providers, financial institutions, and large enterprises running 24/7 operations that need junior staff to support incident response teams.
Are there remote entry level incident manager jobs?
Yes, though on-site and hybrid roles remain common at the entry level. About 40% of entry level incident manager openings are remote or hybrid as of July 2026, so candidates who prefer flexibility still have real options. Remote openings tend to appear most often at technology companies and managed service providers with distributed operations.
Are these new grad incident manager jobs?
Yes, many of these openings are new grad and junior roles aimed at recent graduates entering incident management for the first time. A new grad friendly posting typically welcomes zero to two years of experience, accepts internships or academic projects as qualifying background, and does not require prior people management. Look for language like "junior," "associate," or "entry level" in the job title or description.
Which industries hire the most entry level incident managers?
Entry Level incident manager roles concentrate in Technology & Software, Retail, and E-Commerce & Online Marketplaces, based on current listings on Migrate Mate as of July 2026. Those sectors rely on continuous system availability and structured incident response processes, which creates consistent demand for junior staff who can support on-call rotations, document incidents, and assist senior managers during escalations.