Cybersecurity Manager

As a Cybersecurity Manager, you will serve as a hands‑on leader who balances operational execution with people leadership. This role is ideal for a player‑coach who has spent time in a SOC environment and is comfortable leading by example while developing analysts and improving security operations at scale.

• Own day‑to‑day cybersecurity operations across managed security services, including SOC monitoring, alert triage, escalation, and incident response.
• Serve as an active technical contributor during high‑severity incidents, complex investigations, and advanced threat scenarios.
• Lead and manage SOC analysts and cybersecurity staff, including workload management, shift coverage, performance management, and career development.
• Establish and enforce operational standards, procedures, and quality controls to ensure consistent service delivery across clients.
• Oversee incident response processes, playbooks, and communications, including coordination with internal teams, clients, and third‑party partners.
• Drive continuous improvement of detection capabilities through use case development, tuning, threat intelligence integration, and lessons learned.
• Own the engineering and tooling for SIEM, XDR, EDR, security platform optimization and roadmap planning.
• Ensure client SLAs, response timelines, and service expectations are met or exceeded.
• Review analyst investigations, validate conclusions, and provide guidance on remediation and risk prioritization.
• Translate operational data into actionable metrics, dashboards, and executive‑level reporting.
• Support client engagements by participating in briefings, incident reviews, and strategic security discussions as needed.
• Contribute to service design, operational scaling, and onboarding of new clients into managed security services.
• Identify automation activities to drive efficiencies for SOC analysts.
• Act as a trusted leader during high‑pressure situations, maintaining calm, clarity, and decisive action.

• Led or significantly contributed to a SOC, incident response team, or managed security services environment.
• Served as a technical contributor while also providing leadership, mentoring, or informal management to other analysts.
• Worked hands‑on with SIEM, XDR, EDR, and related security monitoring and detection platforms.
• Investigated real‑world security incidents, including alert analysis, root cause identification, containment, and remediation support.
• Performed or supported threat hunting and proactive detection activities.
• Built, refined, or operationalized SOC processes such as alert triage, escalation paths, playbooks, and reporting.
• Communicated security findings and risk clearly to both technical teams and non‑technical stakeholders.
• Demonstrated strong ownership, problem‑solving ability, and a desire to continuously improve people, processes, and outcomes.
• Relevant certifications such as OSCP, CEH, GPEN, CISSP, or equivalent are strongly preferred.