Manager, Security Operations | Remote, USA

The Manager of Operations Managed Detection and Response is responsible to ensure early and accurate detection, response, and containment for threats directed against our clients. As a technical management role, the ideal candidate possesses deep security knowledge/expertise, previous experience as a security practitioner, systems management and administration experience, proven service management skills, and the ability to attract and retain talent in a challenging market. The position is closely involved in helping to mentor, develop and evaluate employee performance as well as helping with development and continuous improvement of the Security Operations services, analyze, document and report on potential security incidents identified in customer environments

• Lead and manage Security Operations Center.
• Evening hours are required for this role as part of our 24 by 7 by 365 SOC coverage.
• Primarily responsible for security event monitoring, management and response.
• Responsible for team management, overall use of resources and initiation of corrective action where required for Security Operations Center
• Ensure quality security alert triage and analysis, incident identification, assessment, reporting, communication, mitigation and monitoring related to Optiv's Managed Detection and Response service offerings.
• Build and improve integration process as needed to continue to improve service efficiency, effectiveness and client satisfaction
• Drive the responsiveness to the client(s) of the entire Cyber Operations organization
• Monitor service delivery for contractual compliance
• Review policies and highlight the challenges in managing SLAs with a focus on quality security analysis and updates to clients.
• Regularly review and revise standard operating procedures and protocols to ensure SOC continues to effectively meet operational requirements.
• Responsible for team management, overall use of resources and initiation of corrective action where required for Security Operations Center
• Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
• Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
• Routinely engage with cross functional teams to evaluate SOCs ability to meet stakeholder needs.
• Evaluate existing technical capabilities and systems and identify opportunities for improvement.
• Develop and mentor staff through open communication, training and development opportunities, and performance management processes to ensure team proficiency; build and maintain employee morale and motivation.
• Conduct after action reviews to identify lessons learned and best practices.
• Work closely Security Leadership to identify implement process changes, improvements and efficiencies and ensure solid security practices.
• Develop communication channels with technology owners and the business to evangelize the evolving threat landscape.
• Coordinate actions between clients and the appropriate service delivery departments to ensure needs are met
• Performs other duties as assigned
• Complies with all policies and standards

• Bachelor's Degree from four-year college or university Information Technology, Information Security/Assurance, Engineering or similar area of study required
• 10+ years professional IT and Information Security experience
• 5+ years professional experience in cyber operations centers
• 3+ years professional experience in managed services
• Proven ability to make decisions and perform complex problem-solving activities under pressure.
• Sharp analytical abilities and the ability to make sound decisions quickly required.
• Must have excellent written, communication and verbal skills to assist with communications with other teams and writing executive summaries based on work output.
• Deep understanding of SIEM and Endpoint vendors, solutions and architecture such as LogRhythm, QRadar, Splunk, Exabeam, CrowdStrike, SentinelOne, Microsoft ATP, etc.
• Understanding of regulatory compliance such as NIST, SOX, HIPPA, NERC CIP, PCI, etc. and their differentiators across global regions
• Understanding of Security Orchestration, Automation and Response concepts.
• Experience working with ticketing and knowledge management systems such as Service Now.
• Experience with ITIL concepts and practices.
• Experience with security analytics platforms.
• CompTIA Security+ Certification One or more certifications in Security/Networking Upon Hire preferred
• CISSP Certified Information Systems Security Professional One or more certifications in Security/Networking Upon Hire preferred
• GSEC Upon Hire preferred
• GCIA Upon Hire preferred
• GCIH Upon Hire preferred
• Certified Project Management Professional (PMP)-PMI Upon Hire preferred
• Team-oriented and possess excellent problem solving, interpersonal, verbal and written communication skills (Proficient proficiency)

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. "Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)