Manager, Security Operations

This role involves managing SOC analysts, performing deep-dive incident analysis, and data correlation using the Sumo Logic Platform. You will guide analysts through triage and remediation, assess system impact, address vulnerabilities, and support threat detection. Responsibilities also include mentoring the team, enhancing skills, assisting with compliance, and continuously improving the organization's security posture through policy, process, and engineering changes.

Must Have

• Manage SOC analysts
• Perform deep-dive incident analysis and data correlation
• Guide analysts through triage and remediation
• Assess impact on critical systems
• Address vulnerabilities
• Support threat detection through machine learning
• Facilitate cross-functional collaboration
• Mentor SOC analysts and provide training
• Assist engineering with compliance and security requirements
• Develop team to handle evolving threats
• Continuously improve security posture (policy, process, engineering)
• Bachelor’s degree in computer science or equivalent
• 8+ years overall security experience
• 2+ years in AWS Security
• 2+ years leadership experience
• Proactive self-starter
• Passion for root cause analysis
• Well-versed in PCI and SOC compliance frameworks
• Experience anticipating vulnerability vectors
• In-depth knowledge of AWS services
• Knowledge of endpoint security, threat intelligence, forensics, malware reverse engineering
• Ability to grasp application functionality and cloud infrastructure
• Advanced skills in log parsing, incident investigation, response
• Solid understanding of emerging security threats
• Extensive experience with Threat Modeling (OWASP, STRIDE, PASTA, Trike)
• Enthusiastic about collaboration and mentoring
• Thorough knowledge of Incident Response procedures

Good to Have

• AWS Certified Security - Speciality
• CISSP or CISM or CCSP
• CEH or OSCP

What will your typical day be?

• You will manage SOC analysts, performing deep-dive incident analysis and data correlation using the Sumo Logic Platform, and guide analysts through triage and remediation.
• You will assess impact on critical systems, address vulnerabilities, support threat detection through machine learning, and facilitate cross-functional collaboration.
• Your role includes mentoring SOC analysts, training to enhance your skills, assisting engineering with compliance and security requirements, and developing your team to handle evolving threats.

Additionally, you will continuously improve the organization's security posture, including policy, process, and engineering changes.

Required Qualifications and Skills

• Bachelor’s degree in computer science or equivalent industry experience
• Must have 8+ years of overall security experience, including a minimum of 2 years in AWS Security, and at least 2 years of leadership experience.
• Must be a proactive self-starter.
• Have a passion for identifying the root cause of technical problems and issues.
• Must be well-versed in major compliance frameworks and certifications such as PCI and SOC, along with typical compliance requirements.
• Possess the creativity and experience to anticipate alternative vulnerability vectors and mitigate exposure.
• Have in-depth knowledge of AWS services, endpoint security, threat intelligence, forensics, and malware reverse engineering.
• Can quickly grasp the functionality of applications and the underlying cloud infrastructure to act as an incident hunter.
• Possess advanced skills in log parsing, incident investigation, and response.
• Have a solid understanding of emerging security threats and mitigation strategies.
• Have extensive experience with advanced Threat Modeling (OWASP, STRIDE, PASTA, Trike).
• Must be enthusiastic about collaborating with and mentoring the team.
• Have thorough knowledge of Incident Response procedures.

Desired Qualifications and Skills

• AWS Certified Security - Speciality
• CISSP or CISM or CCSP
• CEH or OSCP