Manager, Cybersecurity Operations

Role Overview

• Manage and optimize the day-to-day operations and tools of the SOC, ensuring effective monitoring, detection, and response to security incidents.
• Develop and implement SOC processes and procedures to improve efficiency and effectiveness with increased focus on new capabilities and advanced threat detection.
• Oversee the incident response process, ensuring rapid identification, containment, eradication, and recovery from security incidents.
• Conduct post-incident reviews and implement lessons learned to enhance security measures.
• Partners with IT and GRC teams to maintain readiness, incident response plans, to include building playbooks and conducting simulations ensuring preparedness across the organization.
• Lead the vulnerability management program, including vulnerability assessments, prioritization, and remediation strategies.
• Collaborate with IT and development teams to ensure timely patching and vulnerability mitigation.
• Establish metrics on the status of the program and inform leadership on areas for opportunity.
• Oversee the DLP strategy, ensuring the protection of sensitive data across all platforms and preventing unauthorized access or data exfiltration.
• Conduct regular audits and assessments to evaluate DLP effectiveness and compliance.
• Define and drive key results related to Artificial Intelligence adoption and governance within cybersecurity, including evaluating AI-driven security tools, understanding AI-enabled threat vectors, and ensuring secure, responsible use of AI across security operations.
• Support the growth of the infosec team while operationalizing cybersecurity initiatives to highlight improvements in posture: Evangelize scorecards against NIST and CIS standards to track the improvement of security across programs.
• Foster team mentality centered around business benefits from security initiatives.
• Actively participate in hiring processes and onboarding of new employees and vendors.
• Plan, assign and support workloads for direct reports.
• Grow and mentor security talent.
• Set reasonable stretch performance goals, provide balanced, regular performance feedback, and conduct tri-annual performance reviews.
• Recognize and reward performance excellence.
• Provide leadership, direction, and training to improve information security awareness.

Requirements

• Bachelor’s degree (BA/BS) in a related discipline, or 4 additional years of related experience, required
• A minimum of 6 years of experience in infosec roles that provide a background in IT areas such as software development, infrastructure, operations, and incident response, is required
• Understanding of Artificial Intelligence (AI) concepts, including their applications, risks, and implications within cybersecurity environments
• A Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification, is preferred
• Proven experience managing a SOC and implementing vulnerability management, and DLP
• Strong knowledge of cybersecurity technologies, MDR, EDR, SIEM, SOAR, Vulnerability Management tools and best practices
• Thorough understanding of SOX, CCPA, PCI, NIST, and CIS18
• Previous experience in SaaS-heavy environments and vendor management
• Deep experience with risk management, threat modeling, and vulnerability assessment
• Can lead without authority.
• Ability to lead, mentor, and develop a high-performing cybersecurity team, fostering a collaborative and growth-oriented environment
• Expertise in managing high-pressure, time-sensitive incidents and making quick, informed decisions under stress
• In-depth knowledge of current and emerging cyber threats, with the ability to apply advanced detection methodologies to stay ahead of risks
• Familiarity with cloud security frameworks, controls, and best practices for securing cloud environments (e.g., AWS, Azure, Google Cloud)

Tech Stack

• AWS
• Azure
• Cloud
• Cyber Security

Benefits

• Health insurance
• Paid parental leave
• Education assistance
• Flexible scheduling
• 401K