Own end-to-end security operations including SOC, monitoring, and detection capabilities
Oversee SIEM, EDR, and logging programs to ensure effective threat detection and response
Manage internal and third-party security operations providers (e.g., MSSP)
Continuously improve alert quality, detection coverage, and operational efficiency
Act as technology incident commander for security events and incidents
Lead operational response including triage, containment, eradication, and recovery
Ensure incidents are managed in accordance with established procedures and SLAs
Escalate critical and high-risk incidents to the CISO with clear analysis and recommendations
Lead post-incident reviews and drive continuous improvement actions
Own the operational lifecycle of vulnerability management including scanning, prioritization, and remediation tracking
Ensure adherence to defined remediation timelines and SLAs
Coordinate penetration testing activities and validation of remediation efforts
Provide visibility into vulnerability risk and remediation progress
Oversee logging and monitoring programs to ensure comprehensive visibility across the environment
Drive development and tuning of detection use cases and alert logic
Ensure effective integration of threat intelligence into detection and response processes
Oversee operational response to phishing and email-based threats
Ensure timely triage, analysis, and mitigation of reported phishing activity
Partner with the Manager, Information Security on phishing trends and control improvements
Ensure security controls are operating effectively across monitoring, incident response, vulnerability management, and access enforcement
Identify control gaps, breakdowns, or inefficiencies and drive remediation
Escalate systemic control issues and risks to the CISO and Technology Risk
Develop and maintain operational metrics and KPIs (e.g., MTTR, vulnerability SLAs, alert volumes)
Provide regular reporting on security operations performance and risk trends
Identify opportunities to improve automation, tooling, and processes
Lead and mentor security operations personnel
Partner with Infrastructure, Engineering, DevSecOps, and Technology teams to implement and improve controls
Support audits, regulatory assessments, and evidence requests related to security operations

Requirements

Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)
7+ years of experience in cybersecurity, with a focus on security operations, incident response, or SOC leadership
Experience managing security monitoring, SIEM, and incident response programs
Strong understanding of vulnerability management and threat detection
Experience operating in regulated environments (PCI, FFIEC, or similar)
Strong leadership, communication, and decision-making skills

Benefits

Pre-tax and post-tax retirement savings plans with a competitive company matching program
Generous paid time-off plans including vacation, personal/sick time, paid short-- term and long-term disability leaves, paid parental leave, and paid company holidays
Multiple health care plans to choose from, including dental and vision options
Flexible Spending Plans for Health Care, Dependent Care, and Health Reimbursement Accounts
Company-paid benefits such as life insurance, wellness platforms, employee assistance programs, and Health Advocate programs
Other great discounted benefits include identity theft protection, pet insurance, fitness center reimbursements, and many more!

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security operationsSOCSIEMEDRvulnerability managementincident responsepenetration testingthreat detectionalert logicautomation

Soft Skills

leadershipcommunicationdecision-makingmentoringanalysisproblem-solvingcollaborationcontinuous improvementoperational efficiencyincident management