Senior Manager, Cybersecurity Operations jobs in United States
info-icon
This job has closed.
company-logo

Rocket EMS · 6 days ago

Senior Manager, Cybersecurity Operations

positionSanta Clara, CA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$195K/yr - $205K/yr
date8+ years exp

Rocket EMS is seeking a hands-on Senior Manager, Cybersecurity Operations to lead and mature their enterprise security operations program. This role involves overseeing technical direction and execution of cybersecurity operations, including SIEM and SOAR engineering, detection and response, and cloud security management.

ElectronicsManufacturing
check
H1B Sponsor Likelynote
Hiring Manager
Kelly Fine
linkedin

Responsibilities

Own and operate enterprise cybersecurity operations across on-prem, cloud, and hybrid environments
Lead Microsoft Sentinel SIEM engineering, including advanced KQL query development, analytics rules, incident workflows, and dashboards
Design and maintain SOAR automation and playbooks to accelerate investigation and response
Improve detection quality, reduce alert fatigue, and optimize MTTR/MTTD
Oversee endpoint, network, identity, email, and cloud security platforms
Act as the senior technical escalation point for complex alerts and investigations
Own operational defense against phishing, business email compromise malicious attachments, AI generated attacks and OAuth-based attacks
Define and optimize user-reported email workflows and automated remediation actions
Lead response to email-borne account takeover and social-engineering incidents
Own and continuously improve incident response plans, playbooks, and operational readiness
Lead investigations involving ransomware, insider threats, and targeted attacks
Coordinate response with MSOC partners, IT, Cloud, and Engineering teams
Conduct post-incident reviews and drive corrective actions
Lead threat hunting and detection coverage mapping using the MITRE ATT&CK framework
Lead CrowdStrike Falcon operations including detection, investigation, and response
Own Palo Alto Networks NGFW security, including firewall policy management, IPS/IDS, and threat prevention
Own the vulnerability management lifecycle from discovery through remediation
Drive patch automation, validation, and remediation SLAs with IT and Cloud teams
Ensure secure configurations and architecture across Azure, Entra ID, and Microsoft 365
Define and enforce identity security, conditional access, and privileged access controls
Evaluate, integrate, and optimize security tooling and platform integrations
Support application and cloud-native security initiatives
Lead and mentor experienced cybersecurity engineers through technical guidance and career development
Set technical direction, review designs, and provide hands-on leadership during incidents
Own the global cybersecurity on-call rotation and escalation model
Serve as the escalation point for high-severity incidents and coordinate response across teams
Build a culture of ownership, accountability, and operational excellence
Define and report operational cybersecurity KPIs and executive dashboards
Drive automation using SOAR, PowerShell, Python, and KQL
Maintain documentation including SOPs, incident playbooks, and security architecture baselines

Qualification

Microsoft SentinelSIEM engineeringSOAR automationCrowdStrike FalconPalo Alto Networks NGFWKQLPowerShellPythonIncident responseCloud securityEmail securityOn-call operationsCommunication skillsTechnical leadership

Required

8–12+ years of experience in cybersecurity operations or security engineering
3–5+ years of experience leading SecOps or cybersecurity engineering teams
Hands-on expertise with Microsoft Sentinel, including advanced KQL query development
Hands-on experience with CrowdStrike Falcon (detection, investigation, response)
Hands-on experience securing Palo Alto Networks NGFW, including firewall policy and threat prevention
Strong hands-on experience with SIEM and SOAR platforms
Deep experience leading incident response for ransomware, insider threats, and targeted attacks
Strong experience securing Hybrid Azure-centric environments
Proficiency in PowerShell, Python, and KQL for automation
Experience owning on-call rotations and escalation responsibilities
Experience working with managed SOC partners
Strong communication skills and ability to lead during high-severity incidents

Preferred

Experience with CrowdStrike Falcon MDR, Microsoft Defender (Endpoint, Identity, M365)
Experience operating enterprise email security and phishing defense platforms
Familiarity with MITRE ATT&CK, Zero Trust architecture, and modern cloud security design
Experience in regulated or high-assurance environments (manufacturing, aerospace, ITAR)
Experience supporting or operating in a CMMC Level 2–aligned environment
CISSP or equivalent hands-on security leadership experience preferred, not required
Experience building or maturing a cybersecurity operations program

Company

Rocket EMS

twittertwitter
company-logo
Rocket EMS is an electronic manufacturing company providing PCB layout design and manufacturing services.
dateFounded in 2011
location
Santa Clara, California, USA
people-size201-500 employees
web-link
http://rocketems.com

H1B Sponsorship

Rocket EMS has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (2)

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Michael Kottke
President
linkedin
Company data provided by crunchbase