Pure Storage

Senior Security Operations Manager

Pure Storage

full-time

Posted on:

Origin:  • 🇺🇸 United States • California

Visit company website
AI Apply
Apply

Salary

💰 $176,000 - $265,000 per year

Job Level

Senior

Tech Stack

AssemblyAWSAzureCloudCyber SecurityGoogle Cloud PlatformLinuxMacOSPythonSplunk

About the role

  • Lead and evolve Pure Storage’s Security Operations (SecOps) function for Attack Surface Management (ASM)
  • Integrate discovery, detection, secrets monitoring, and posture governance into a single, outcome-driven capability
  • Provide a real-time, risk-prioritized view of internal and external exposures and reduce them measurably over time
  • Lead front-line exposure reduction (TLS misconfigs, orphaned assets, misused credentials, SaaS misconfigurations, risky behavior) using detection, Zero Trust, and automation at scale
  • Oversee ASM tooling stack (Tenable, runZero, CrowdStrike, Obsidian, Zscaler, ArmorCode) and integrate ASM data into Splunk, SOAR, and detection pipelines
  • Partner with IR, GRC, IAM, Resilience, Infra, AppSec, and SaaS owners to prioritize and support remediation
  • Own asset lifecycle governance, secrets hygiene, posture maintenance across SaaS apps, and Zero Trust enforcement
  • Define and track KPIs (asset coverage, MTTD, MTTC, secrets MTTR, posture drift) and create dashboards and executive reporting
  • Participate in control health checks, tabletop scenarios, and red/purple team reviews; influence product and infrastructure through posture-driven findings

Requirements

  • 10+ years in cybersecurity, with 5+ years in technical leadership or people management roles
  • Demonstrated experience leading high-performing teams across security engineering, posture, and operations
  • Deep expertise operating security stack (EDR e.g., CrowdStrike; Vulnerability Management e.g., Tenable.io; Asset Discovery e.g., runZero; SSPM e.g., Obsidian; SIEM e.g., Splunk; SOAR e.g., Cortex XSOAR/Tines; Zero Trust & DLP/CASB e.g., Zscaler)
  • Hands-on experience remediating risks across Linux, Windows, macOS, and cloud-native platforms (AWS, Azure, GCP)
  • Strong scripting and automation skills (Python, Bash, PowerShell)
  • Familiarity with MITRE ATT&CK, CIS Top 18, NIST 800-53 and mapping posture to controls
  • Experience driving accountability across Infra, Cloud, Product Security, IAM, GRC, and IR
  • Excellent communicator able to convert security telemetry into executive and engineering insights
  • Preferred: experience in SaaS-first/cloud-native companies, compliance mapping (SOC 2, PCI, HIPAA), and certifications (CISSP, GCIH, OSCP, AWS Security Specialty)
  • Preferred: experience integrating ASM and telemetry into SOAR/automated IR workflows; exposure to modern security data modeling and dashboarding (ArmorCode, Splunk)