Security Operations Manager

Security Operations Manager

The Security Operations Manager is responsible for leading and managing the AUTHORITY’S Security Operations Center (SOC) and implementing the Cybersecurity Plan to ensure the protection of critical information systems and data. This role is pivotal in maintaining and improving the cybersecurity posture of the organization.

The Security Operations Manager oversees security architecture, monitoring, incident response, and integrates cutting-edge technologies and processes to safeguard the Authority’s digital environment against emerging threats.

Key Responsibilities

Management of Security Operations Center

• Oversee the day-to-day operations of the AUTHORITY’S Security Operations Center (SOC).
• Ensure the availability, reliability, and effectiveness of SOC technologies and processes.
• Develop and enforce protocols for incident detection, response, and recovery.
• Train and mentor SOC staff on cybersecurity practices, protocols, and emerging trends.

Implementation of Cybersecurity Plan

• Lead the organization-wide implementation of the Cybersecurity Plan.
• Define and enforce cybersecurity policies and standards that align with organizational goals.
• Conduct periodic reviews and updates to the Cybersecurity Plan based on evolving threats and technologies.

Monitoring and Analysis

• Utilize Security Information and Event Management (SIEM) tools for real-time monitoring, analysis, troubleshooting, and investigation of security issues.
• Perform threat intelligence gathering to predict, detect, prevent, and mitigate cybersecurity risks.
• Develop Key Performance Indicators (KPIs) to evaluate SOC effectiveness and incident management.

Collaboration and Incident Remediation

• Collaborate with Cybersecurity Analysts to remediate and mitigate security-related incidents.
• Coordinate with cross-functional teams and stakeholders during cybersecurity incidents.
• Ensure proper documentation of security incidents and lessons learned.

Evaluation of Emerging Technologies

• Research and evaluate new security technologies and tools that enhance SOC operations and the organization’s security infrastructure.
• Implement advancements to next-generation firewalls, centralized network security management tools, and other critical systems.
• Recommend security architecture improvements to support the organization’s strategic initiatives.

Required Education, Certification, and Experience

Education

• Minimum: Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or another related field.
• Preferred: Master’s degree in Cybersecurity or a related field.

Experience

• Minimum of 10 years of professional experience in security operations.
• In-depth knowledge and hands-on experience with:
  • Multi-State Information Sharing & Analysis Center (MS-ISAC).
  • Next-generation firewalls (NGFW) and centralized network security management tools.
  • SIEM platforms and related tools for cybersecurity monitoring and investigation.

Desired Skills and Knowledge

• Strong leadership and team management abilities.
• Expert understanding of cyber threat vectors, vulnerabilities, and incident response frameworks.
• Excellent problem-solving, critical thinking, and decision-making skills in high-pressure situations.
• Proactive in identifying and mitigating cybersecurity risks in complex environments.
• Knowledge of regulatory compliance standards and frameworks such as NIST, ISO 27001, or similar.

Certifications (Desirable but Highly Beneficial)

• Certified Information Systems Security Professional (CISSP).
• Certified Information Security Manager (CISM).

Working Conditions
This position may require off-hours response during critical events or incidents. The Security Operations Manager may also be responsible for participating in audits and assessments.