Security Operations Manager
Job Details
- Languages
- Upper-Intermediate (B2) level English or higher
- Experience
- 10+ years of professional experience in Information Security
Requirements
- 10+ years of professional experience in Information Security.
- At least 3 years of experience leading security teams with direct people management responsibilities.
- Proven expertise managing Security Operations Center (SOC) functions, incident response, and improving operational metrics such as MTTD and MTTR.
- Strong experience designing and maintaining detection logic across SIEM, EDR, cloud security platforms, and developing effective response runbooks.
- Deep understanding of modern attack techniques, including account takeover, credential theft, privilege escalation, and data exfiltration, with familiarity using frameworks such as MITRE ATT&CK.
- Experience managing vulnerability prioritization using CVSS, asset criticality, and business impact assessments.
- Hands-on experience with enterprise SIEM solutions such as Splunk, Microsoft Sentinel, Chronicle, or Elastic, as well as SOAR platforms.
- Good understanding of cloud security monitoring across AWS, Azure, or Google Cloud Platform.
- Knowledge of Identity and Access Management (IAM), Privileged Access Management (PAM), Single Sign-On (SSO), and identity-focused attack vectors.
- Ability to define, monitor, and communicate cybersecurity KPIs and operational metrics to both technical and executive audiences.
- Upper-Intermediate (B2) level English or higher.
Responsibilities
- Lead and oversee security operations, including Security Operations Center (SOC) activities, detection engineering, incident response, and exposure management.
- Ensure efficient alert triage, escalation procedures, incident coordination, and rapid containment of security threats.
- Prioritize vulnerabilities and security exposures based on business impact, exploitability, and asset criticality to reduce organizational risk.
- Maintain operational dashboards, response playbooks, runbooks, remediation tracking, and key cybersecurity performance metrics.
- Collaborate with cross-functional stakeholders, including IT, Platform Engineering, Identity & Access Management, Product, Governance, Risk & Compliance, Legal, and business teams during security incidents and remediation efforts.
- Build, mentor, and develop the Cyber Defense team through hiring, onboarding, coaching, and talent retention initiatives.
- Continuously improve detection capabilities, response procedures, and security controls using threat intelligence and lessons learned from incidents.
- Report on security operations performance, incident trends, and overall cyber risk posture to leadership and key stakeholders.