Manager, Cybersecurity Operations

About The Position

Requirements

• Bachelor’s degree (BA/BS) in a related discipline, or 4 additional years of related experience, required
• A minimum of 6 years of experience in infosec roles that provide a background in IT areas such as software development, infrastructure, operations, and incident response, is required
• Proven experience managing a SOC and implementing vulnerability management, and DLP
• Strong knowledge of cybersecurity technologies, MDR, EDR, SIEM, SOAR, Vulnerability Management tools and best practices
• Thorough understanding of SOX, CCPA, PCI, NIST, and CIS18
• Previous experience in SaaS-heavy environments and vendor management
• Deep experience with risk management, threat modeling, and vulnerability assessment
• Can lead without authority. Ability to lead, mentor, and develop a high-performing cybersecurity team, fostering a collaborative and growth-oriented environment
• Expertise in managing high-pressure, time-sensitive incidents and making quick, informed decisions under stress
• In-depth knowledge of current and emerging cyber threats, with the ability to apply advanced detection methodologies to stay ahead of risks
• Familiarity with cloud security frameworks, controls, and best practices for securing cloud environments (e.g. AWS, Azure, Google Cloud)
• Must be able to work in a busy, crowded, and loud office with frequent distractions and interruptions
• Must be able to collaborate in-person with occasional impromptu in-person meetings
• Adaptability to typical office conditions, which may include exposure to air conditioning, heating, artificial lighting, and varying noise levels
• Ability to sit, stand, reach, twist, stretch, and work at a desk for long stretches. Must be able to occasionally move or lift office items up to 25 pounds
• Hearing must be sufficient or correctable to ensure clear understanding of spoken information, including participating in virtual meetings and phone calls. Use of hearing aids or other assistive devices is acceptable if needed.
• Ability to read and write in English is essential for processing documents, drafting reports, and following up on necessary actions. Proficiency in written communication is required to handle job-related tasks effectively.
• Vision must be adequate or correctable to perform essential job duties, such as reading documents on a computer screen and using other visual tools. Use of corrective lenses or other measures to meet visual requirements is expected if needed.
• Must be proficient in operating a computer and other office productivity tools such as printers, scanners, and collaboration software.
• Must possess strong verbal and written communication skills to interact effectively with team members, clients, and other stakeholders via email, video conferencing, and other in office communication tools.
• Change Management
• Project Management
• Business Plan Development
• Using data to make decisions
• Communication
• Critical Problem Solving
• Delegation

Nice To Haves

• A Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification, is preferred

Responsibilities

• Design workflow and processes for Security Operations Center (SOC): Manage and optimize the day-to-day operations and tools of the SOC, ensuring effective monitoring, detection, and response to security incidents. Develop and implement SOC processes and procedures to improve efficiency and effectiveness with increased focus on new capabilities and advanced threat detection.
• Incident Response: Oversee the incident response process, ensuring rapid identification, containment, eradication, and recovery from security incidents. Conduct post-incident reviews and implement lessons learned to enhance security measures. Partners with IT and GRC teams to maintain readiness, incident response plans, to include building playbooks and conducting simulations ensuring preparedness across the organization.
• Vulnerability Management: Lead the vulnerability management program, including vulnerability assessments, prioritization, and remediation strategies. Collaborate with IT and development teams to ensure timely patching and vulnerability mitigation. Establish metrics on the status of the program and inform leadership on areas for opportunity.
• Data Loss Prevention (DLP): Oversee the DLP strategy, ensuring the protection of sensitive data across all platforms and preventing unauthorized access or data exfiltration. Conduct regular audits and assessments to evaluate DLP effectiveness and compliance.
• Support the growth of the infosec team while operationalizing cybersecurity initiatives to highlight improvements in posture: Evangelize scorecards against NIST and CIS standards to track the improvement of security across programs. Foster team mentality centered around business benefits from security initiatives. Actively participate in hiring processes and onboarding of new employees and vendors. Plan, assign and support workloads for direct reports. Grow and mentor security talent. Set reasonable stretch performance goals, provide balanced, regular performance feedback, and conduct tri-annual performance reviews. Recognize and reward performance excellence. Provide leadership, direction, and training to improve information security awareness.
• Other duties as assigned