Cyber Security Operations, Senior Manager jobs in United States
info-icon
This job has closed.
company-logo

recruit22 · 1 day ago

Cyber Security Operations, Senior Manager

positionPlano, TX
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff, Director/Executive
date7+ years exp

Recruit22 is seeking an experienced and strategic Senior Cyber Security Operations Manager to join our large healthcare client. This role is responsible for overseeing day-to-day security operations, managing a team of analysts, and ensuring effective detection, investigation, containment, and remediation of cyber threats impacting the enterprise.

Information Technology & Services

Responsibilities

Oversee day‐to‐day SOC operations across cloud, on‐premises, endpoint, and application environments
Provide technical direction and operational leadership to SOC analysts
Ensure all security events and incidents are managed consistently, accurately, and in alignment with organizational priorities
Lead, mentor, and coach SOC analysts to support skill development, analytical capability, and operational maturity
Assist in performance evaluations, guide career progression, and foster a culture of accountability and high performance
Establish expectations for independent analysis, strong reasoning, and effective decision‐making by team members
Direct and coordinate incident response activities, including investigation, containment, and remediation
Provide real‐time guidance to analysts during high‐severity incidents and ensure timely, well‐documented resolution
Serve as an escalation point for complex investigations or ambiguous threat scenarios requiring executive decision‐making
Evaluate and enhance detection coverage, analytic depth, and SOC visibility
Partner with threat intelligence, engineering, and architecture teams to refine detection logic and improve response capability
Ensure SOC maintains awareness of emerging threats and incorporates relevant intelligence into operations
Coordinate with IT Infrastructure, Networking, Application, Clinical, and Cybersecurity Architecture teams to support remediation activities
Collaborate closely with Compliance and HR during internal investigations requiring log analysis, evidence gathering, or technical validation
Support audit engagements, including SOC2 and regulatory requirements (e.g., HIPAA, NIST CSF), by providing evidence, insights, and technical expertise
Develop, maintain, and continuously improve SOC playbooks, incident response procedures, and operational documentation
Identify and eliminate operational bottlenecks, introducing process efficiencies based on experience and analytical insight
Oversee SOC technologies including SIEM, EDR/XDR, SOAR, threat intelligence platforms, and related detection or investigation tooling
Ensure platform configurations, alerting logic, and integrations remain optimized for accuracy, visibility, and speed
Track SOC KPIs and operational metrics to effectively communicate security posture, incident volume, and response effectiveness
Deliver concise, executive‐ready reporting on incidents, trends, risks, and opportunities for improvement
Identify opportunities to leverage AI and automation to improve SOC efficiency, reduce manual workload, and strengthen response capability
Explicit leadership of AI‐driven security solutions and responsible AI governance (frameworks, adoption, alignment with ERM/compliance)
Partner with engineering teams to integrate automation into investigation and response workflows
Participation in the on‐call rotation as needed by operational needs
Incident response and CSIRT activation may require engagement during evenings, nights, weekends, or holidays
Maintain readiness to support critical and high‐severity incidents requiring immediate leadership involvement
Participation and engagement in tabletop exercises and risk assessments
Penetration testing participation (internal/external; cloud/mobile/app) with third-party vendors
Cloud security strategy definition and execution (posture management, tenant onboarding, compliance alignment)
Authoring enablement documentation for assessments and platform integrations
Additional responsibilities may be assigned as necessary based on evolving technologies, threats, business needs, or regulatory requirements

Qualification

Security OperationsIncident ResponseThreat DetectionSOC TechnologiesCloud SecurityVulnerability ManagementScripting/AutomationAnalytical CapabilitySituational AwarenessCommunication Skills

Required

Bachelor's degree preferred in computer science, information systems, cybersecurity, or a related field
7+ years of professional experience in cybersecurity, with at least 4 years of experience in security operations
Experience leading or mentoring SOC analysts or incident responders
Strong expertise in security operations, incident response, threat detection, and investigative methodologies
Skilled with SOC technologies such as SIEM, EDR/XDR, SOAR, and threat intelligence platforms
Familiarity with cloud security principles, vulnerability management programs, and enterprise security controls
Strong communication skills with the ability to convey complex technical scenarios clearly
Ability to operate independently and make informed decisions under pressure
High level of integrity, analytical capability, and situational awareness

Preferred

Foundational scripting or automation experience preferred

Company

recruit22

twitter
company-logo
We are a forward-thinking and innovative recruitment firm. We offer strategic recruitment solutions using cutting-edge technologies and methodologies.
dateFounded in 2023
location
Naperville, Illinois, US
people-size11-50 employees
web-link
https://recruit22.com/

Funding

Current Stage
Early Stage
Company data provided by crunchbase