Senior Manager, Threat Intelligence & Security Operations

We are seeking a Senior Manager, Threat Intelligence & Security Operations to serve as McKinstry’s senior owner of threat intelligence, threat hunting, and security operations. This critical, senior‑level position will direct the full threat lifecycle, from adversary intelligence collection and proactive threat hunting through incident response, SOC leadership, and post‑incident remediation.

This role owns the question “are we ahead of the threat?” While the CISO sets vision and engages at the board and executive level, the Senior Manager, Threat Intelligence & Security Operations ensures McKinstry is operationally prepared: threat intelligence is current and actioned, the SOC is hunting and detecting with precision, incidents are managed with discipline, and the tooling and governance that underpin it all are continuously improving.

This role is ideal for a seasoned threat and operations leader who combines the analytical depth of a senior threat hunter with the organizational skills of a people leader and who is ready to own one of the most consequential security functions in a growing, complex organization.

• Own McKinstry’s threat intelligence program — ingesting, operationalizing, and briefing leadership on adversary activity relevant to our business and industry.
• Lead proactive threat hunting across endpoint, network, cloud, and identity environments, converting findings into durable detections.
• Direct and develop the Security Operations Center (SOC), holding the team accountable to high‑quality detection, triage, and response outcomes.
• Serve as the senior technical lead during major security incidents, coordinating response across Legal, HR, Communications, and executive leadership in real time with the CISO.
• Own the security tooling stack and drive continuous improvement across SIEM, EDR, SOAR, and threat intelligence platforms.

• Partner with the CISO to shape McKinstry’s threat management strategy, ensuring intelligence and operations programs are aligned to organizational risk priorities.
• Represent the threat and operations function in cross‑functional leadership forums, steering committees, and executive‑level discussions.
• Step in as the security operations lead when the CISO is unavailable, with authority to make operational and escalation decisions on behalf of the security organization.
• Contribute to board‑level security reporting, including updates on threat posture, incident trends, SOC performance, and detection maturity.
• Translate McKinstry’s business objectives and growth initiatives into threat‑informed risk assessments and security investment priorities.

• Build and maintain a mature threat intelligence program, ingesting and operationalizing feeds from OSINT, commercial, and government sources.
• Develop and maintain adversary profiles mapped to the MITRE ATT&CK framework, with prioritization based on industry relevance and organizational exposure.
• Deliver timely, actionable threat intelligence briefings to the CISO, Senior Leadership, and relevant technical teams.
• Monitor the evolving threat landscape (ransomware groups, nation‑state actors, insider threat vectors) and adjust defensive posture accordingly.

• Design, execute, and document structured threat hunting missions across endpoint, network, cloud (Azure), and identity environments.
• Develop and refine hunting hypotheses grounded in threat intelligence and behavioral analytics.
• Collaborate with Security Engineering to convert successful hunt findings into automated detections and SIEM correlation rules.
• Maintain a threat hunting library with documented methodologies, data sources, and outcomes.

• Lead and develop the Security Operations Program and team, including hiring, coaching, performance management, and career development.
• Establish and enforce operational standards for alert triage, escalation, and incident handling workflows.
• Drive continuous reduction in mean time to detect (MTTD) and mean time to…