Security Operations Manager

Security Operations Manager This Security Operations Manager role is a high-impact leadership position focused on transforming and scaling enterprise security operations within a modern, cloud-first environment. You will own the end-to-end execution of SecOps capabilities, driving the evolution from reactive alert handling to automated, metrics-driven security response. The role centers on building and optimizing Security Incident Response workflows using ServiceNow SIR as the operational backbone. You will lead a blended global team model that includes internal analysts, managed service providers, and nearshore/offshore resources. Working closely with engineering and security stakeholders, you will enhance detection quality, response automation, and operational maturity across EDR and SIEM platforms. This is a builder-style leadership opportunity where you will directly influence security resilience, process efficiency, and enterprise-wide incident response performance. Your success will be measured through tangible improvements in MTTx metrics and scalable automation outcomes.Accountabilities:Own and continuously improve the enterprise Security Operations program, ensuring effective incident response, detection, and remediation across the organization.Lead a blended SecOps model across internal teams, MSPs, and offshore/nearshore resources, defining clear operating models and escalation paths.Serve as the primary owner of ServiceNow Security Incident Response (SIR), including workflows, data models, and operational procedures.Design and optimize SIR playbooks to automate triage, enrichment, containment, and response actions.Drive automation initiatives to reduce manual effort and improve MTTD, MTTR, and MTTC metrics.Oversee EDR and SIEM integrations, ensuring high-quality detection signals and effective routing into SIR workflows.Operate within Microsoft Azure security environments, including tools within Microsoft E5 such as Defender and Sentinel.Lead post-incident reviews and ensure continuous improvement of detections, processes, and response strategies.Manage, coach, and develop security operations personnel while fostering a high-performance, accountable team culture.Act as escalation point for major incidents and communicate operational risk clearly to leadership.Requirements:5+ years of experience in Security Operations, SOC, or Incident Response roles with strong hands-on operational expertise.2+ years of experience managing ServiceNow Security Incident Response (SIR), including workflow ownership and playbook development.Proven experience designing automation and orchestration workflows within SIR or similar SOAR platforms.Strong background in EDR and SIEM operations, including tools such as Microsoft Defender, CrowdStrike Falcon, or equivalent solutions.Hands-on experience with Microsoft Azure security services, including Microsoft E5 security capabilities.Demonstrated ability to track and improve MTTx metrics (MTTD, MTTR, MTTC) through process and automation improvements.Experience leading distributed security operations teams, including vendors and managed service providers.Strong incident leadership, communication, and stakeholder management skills in high-pressure environments.Strategic and builder mindset with the ability to modernize security operations through automation and process redesign.Benefits:Competitive salary range of approximately $150,000–$180,000 annually, based on experienceComprehensive medical, dental, vision, and life insurance coverageGenerous 401(k) retirement plan with company matchUnlimited flexible time off (DTO) and paid sick leave in compliance with regulationsRemote work flexibility aligned with PST business hoursWellness programs including virtual fitness, yoga, and meditation sessionsEmployee recognition programs, celebrations, and team-building eventsCareer growth opportunities in a rapidly scaling, innovation-driven organizationAdditional reimbursements and discretionary bonuses where applicable