×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

SOC Manager

Job in Miami, Miami-Dade County, Florida, 33222, USA
Listing for: Iru
Full Time position
Listed on 2026-05-16
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

About Iru

Iru is the AI-powered security & IT platform used by the world’s fastest-growing companies to secure their users, apps, and devices. Built for the AI era, Iru unifies identity & access, endpoint security & management, and compliance automation—collapsing the stack and giving IT & security time and control back.

Iru is backed by some of the smartest investors in tech—General Catalyst, Tiger Global, Felicis, Greycroft, and First Round Capital. In July 2024, Iru raised $100 million from General Catalyst, valuing the company at $850 million. Customers include Notion, Cursor, Lovable, Replit, and Mercor, and Iru partners with industry leaders such as Service Now and AWS. Iru was named to Forbes’ America’s Best Startup Employers 2025 list for employee engagement and satisfaction.

The Opportunity:

Iru is building a next-generation Security Operations function to support a modern SaaS platform spanning Identity, Endpoint Management, EDR, and cloud-native infrastructure.

We are seeking a SOC Manager to lead and mature a hybrid SOC model, combining internal capabilities with our MDR partner (Managed SOC Provider). This role is accountable for defining how security operations run at Iru—owning governance, detection strategy, incident response, and operational excellence.

You will act as the central owner of security operations, ensuring we have strong visibility, fast response, and continuous improvement across our environment.

SOC Governance & Operating Model
  • Define and operationalize the SOC mission, scope, and service boundaries
  • Establish a clear roles, responsibilities, and escalation hierarchy
  • Build and maintain a RACI model across internal teams and Managed SOC Provider
  • Own the effectiveness and maturity of Iru’s hybrid SOC model
Operational Ownership & Execution
  • Clearly define and enforce ownership across:
    • Detection engineering
    • Threat intelligence
    • Tier 1 alert triage
    • 24/7 monitoring
    • Incident response leadership
    • Threat hunting
    • Escalation investigations
  • Establish and manage the “first call” model for security incidents at Iru
  • Serve as incident commander for high‑severity events or delegate appropriately
MDR (Managed SOC Provider) Management
  • Own the operational relationship with Managed SOC Provider
  • Ensure alignment on:
    • Alert triage quality and consistency
    • Escalation thresholds and timelines
    • Detection coverage across environments
    • Incident response coordination
  • Hold Managed SOC Provider accountable to defined SLAs and performance expectations
  • Continuously improve MDR effectiveness through feedback loops and tuning
Detection Engineering
  • Build and maintain a central detection catalog
  • Align detections to MITRE ATT&CK where applicable
  • Partner with internal teams and Managed SOC Provider to:
    • Develop new detections
    • Tune and optimize existing rules
    • Reduce false positives and noise
  • Ensure detection coverage across:
    • Identity (Iru Identity, Entra)
    • Endpoint (EM / EDR)
    • Cloud (AWS)
    • SaaS and integrations
Data & Telemetry Strategy
  • Maintain a complete inventory of all telemetry sources across:
    • Endpoint, Identity, Cloud, Network, SaaS
  • For each data source:
    • Define system owner
    • Confirm ingestion into Panther SIEM
    • Validate data quality and coverage
  • Drive onboarding of new log sources to close visibility gaps
Incident Response Framework
  • Design and maintain Iru’s incident response framework, including:
    • Incident classification and severity model
    • Evidence collection standards
    • Containment and remediation procedures
    • Recovery processes
    • Post‑incident review and lessons learned
  • Ensure consistent execution across internal teams and Managed SOC Provider
Runbooks & Playbooks
  • Develop and maintain:
    • Alert triage procedures
    • Investigation runbooks
    • Incident response playbooks
  • Ensure all runbooks are actionable, tested, and continuously improved
Threat Intelligence & Hunting
  • Integrate threat intelligence into detection and response workflows
  • Define ownership model for threat intelligence (internal vs MDR)
  • Establish proactive threat hunting capabilities
  • Evaluate and integrate external threat hunting services as needed
SOC Metrics & Reporting
  • Define and track key SOC KPIs:
    • Mean Time to Detect (MTTD)
    • Mean Time to Respond (MTTR)
    • Alert volume and trends
    • False positive rates
    • Detection coverage and gaps
  • Provi…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search