Manager, Security Operations

Simpson Strong-Tie is a leader in engineered structural connectors, software, and solutions for the building industry. We maintain a reputation as a trusted manufacturer, partner, and corporate citizen committed to our customers and employees.

Our founder, Barc Simpson established 9 Principles of Business we live out as company values and have made Simpson Strong-Tie an inspiring place to work since 1956. Our team of talented people are dedicated to our shared mission: to provide solutions that help people design and build safer, stronger structures.

Learn about our company culture directly from our team.

YOU

As the Security Operations Manager, you will lead the security monitoring and response processes and systems solution and assist in driving the strategic and technical direction of the Information Security Program s is a hands-on technical management role with responsibilities for daily operational security monitoring and incident response, and for assisting in end-user security awareness training and managing third-party managed services for security operations command controls (SOC).

You will report to the VP, Cybersecurity & CISO, and will be a key member of the Simpson Strong-Tie Digital Cybersecurity team.

WHAT YOU'LL BE DOING (% of Time)

Incident Lifecycle Management (35%)

• Serve as the primary incident coordinator for cybersecurity events, ensuring structured response and recovery following NIST 800-61 and company playbooks.
• Manage the incident lifecycle internally - including communications, stakeholder coordination, forensics oversight, and post-incident review.
• Lead post-incident "lessons learned" reviews to identify control gaps and process improvements.
• Partner with key teams to ensure timely remediation and improved detection coverage.
• Maintain and continuously improve incident response playbooks, ensuring readiness across diverse threat scenarios.

MDR Management (35%)

• Manage the relationship with the external MDR provider, ensuring clear SLAs, escalation paths, and reporting cadence.
• Validate and monitor MDR performance metrics, such as detection accuracy, false positive rates, and response time.
• Ensure MDR visibility of our security telemetry, detection content, alerting, and response adequately protect Simpton.
• Collaborate with the MDR provider to prioritize and improve MITRE ATT&CK technique coverage and detection engineering.
• Partner with MDR to coordinate threat hunting, threat intelligence integration, and response automation activities.

Cybersecurity Awareness and Training Program (30%)

• Own the Cybersecurity Awareness and Training Program, including deployment of enterprise training modules, targeted education, and annual awareness campaigns.
• Design and execute phishing simulation exercises that measure and improve employee security behavior.

DESIRED SKILLS AND EXPERIENCE

If you can do everything listed above, you've got what it takes. Perhaps some of the following would be helpful too:

• Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience) required.
• 7+ years of cybersecurity experience, including at least 2 years leading a security operations or incident response function.
• Demonstrated experience coordinating with external security service providers (MDR, MSSP, or IR vendors).
• Strong working knowledge of detection, response, and automation concepts across cloud and hybrid infrastructures.
• Experience managing enterprise user awareness and phishing simulation programs.
• Excellent incident management, communication, and cross-functional leadership skills.
• Familiarity with OT/ICS environments and operational technology response practices.
• Experience with EDR and MDR-integrated ecosystems.
• Certifications such as GCIH, GCFA, CIRL, GCTI, GDAT, GMON, CISM, or CISSP preferred.
• Experience with MITRE ATT&CK, NIST CSF, and NIST 800-61 frameworks.

PHYSICAL REQUIREMENTS AND WORK ENVIRONMENT

The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

PHYSICAL REQUIREMENTS

While performing the duties of this job, the employee is frequently required to sit , talk and hear, and sometimes walk and stand. While performing the duties of this job, the employee may occasionally push or lift up to 25 lbs.

WORK ENVIRONMENT

This job operates in a professional office environment where standard office equipment such as computers, phones, printer/scanner, etc. are frequently used.

TRAVEL

This position requires domestic and international travel up to 25% of the time.

WORK STATUS & LOCATION

This full-time, exempt position is located in Plano, TX.

RELOCATION

Relocation is not available for this position.

PAY

$123,700 - $210,300 / year

REWARDS AT SIMPSON STRONG-TIE

We recognize and reward employees with a carefully designed and comprehensive rewards package, including…