Job Description
What You Will Do:
As a Cybersecurity Manager, you will serve as a hands-on leader who balances operational execution with people leadership. This role is ideal for a player-coach who has spent time in a SOC environment and is comfortable leading by example while developing analysts and improving security operations at scale.
- Own day-to-day cybersecurity operations across managed security services, including SOC monitoring, alert triage, escalation, and incident response.
- Serve as an active technical contributor during high-severity incidents, complex investigations, and advanced threat scenarios.
- Lead and manage SOC analysts and cybersecurity staff, including workload management, shift coverage, performance management, and career development.
- Establish and enforce operational standards, procedures, and quality controls to ensure consistent service delivery across clients.
- Oversee incident response processes, playbooks, and communications, including coordination with internal teams, clients, and third-party partners.
- Drive continuous improvement of detection capabilities through use case development, tuning, threat intelligence integration, and lessons learned.
- Own the engineering and tooling for SIEM, XDR, EDR, security platform optimization and roadmap planning.
- Ensure client SLAs, response timelines, and service expectations are met or exceeded.
- Review analyst investigations, validate conclusions, and provide guidance on remediation and risk prioritization.
- Translate operational data into actionable metrics, dashboards, and executive-level reporting.
- Support client engagements by participating in briefings, incident reviews, and strategic security discussions as needed.
- Contribute to service design, operational scaling, and onboarding of new clients into managed security services.
- Identify automation activities to drive efficiencies for SOC analysts.
- Act as a trusted leader during high-pressure situations, maintaining calm, clarity, and decisive action.
Job Requirements
What You Have Done:
- Led or significantly contributed to a SOC, incident response team, or managed security services environment.
- Served as a technical contributor while also providing leadership, mentoring, or informal management to other analysts.
- Worked hands-on with SIEM, XDR, EDR, and related security monitoring and detection platforms.
- Investigated real-world security incidents, including alert analysis, root cause identification, containment, and remediation support.
- Performed or supported threat hunting and proactive detection activities.
- Built, refined, or operationalized SOC processes such as alert triage, escalation paths, playbooks, and reporting.
- Communicated security findings and risk clearly to both technical teams and non-technical stakeholders.
- Demonstrated strong ownership, problem-solving ability, and a desire to continuously improve people, processes, and outcomes.
- Relevant certifications such as OSCP, CEH, GPEN, CISSP, or equivalent are strongly preferred.
What You Will Do:
As a Cybersecurity Manager, you will serve as a hands-on leader who balances operational execution with people leadership. This role is ideal for a player-coach who has spent time in a SOC environment and is comfortable leading by example while developing analysts and improving security operations at scale.
- Own day-to-day cybersecurity operations across managed security services, including SOC monitoring, alert triage, escalation, and incident response.
- Serve as an active technical contributor during high-severity incidents, complex investigations, and advanced threat scenarios.
- Lead and manage SOC analysts and cybersecurity staff, including workload management, shift coverage, performance management, and career development.
- Establish and enforce operational standards, procedures, and quality controls to ensure consistent service delivery across clients.
- Oversee incident response processes, playbooks, and communications, including coordination with internal teams, clients, and third-party partners.
- Drive continuous improvement of detection capabilities through use case development, tuning, threat intelligence integration, and lessons learned.
- Own the engineering and tooling for SIEM, XDR, EDR, security platform optimization and roadmap planning.
- Ensure client SLAs, response timelines, and service expectations are met or exceeded.
- Review analyst investigations, validate conclusions, and provide guidance on remediation and risk prioritization.
- Translate operational data into actionable metrics, dashboards, and executive-level reporting.
- Support client engagements by participating in briefings, incident reviews, and strategic security discussions as needed.
- Contribute to service design, operational scaling, and onboarding of new clients into managed security services.
- Identify automation activities to drive efficiencies for SOC analysts.
- Act as a trusted leader during high-pressure situations, maintaining calm, clarity, and decisive action.
Job Requirements
What You Have Done:
- Led or significantly contributed to a SOC, incident response team, or managed security services environment.
- Served as a technical contributor while also providing leadership, mentoring, or informal management to other analysts.
- Worked hands-on with SIEM, XDR, EDR, and related security monitoring and detection platforms.
- Investigated real-world security incidents, including alert analysis, root cause identification, containment, and remediation support.
- Performed or supported threat hunting and proactive detection activities.
- Built, refined, or operationalized SOC processes such as alert triage, escalation paths, playbooks, and reporting.
- Communicated security findings and risk clearly to both technical teams and non-technical stakeholders.
- Demonstrated strong ownership, problem-solving ability, and a desire to continuously improve people, processes, and outcomes.
- Relevant certifications such as OSCP, CEH, GPEN, CISSP, or equivalent are strongly preferred.