Security Operations Center Manager

Summary

Join Aledade as the Security Operations Center (SOC) Manager and oversee the SOC's operations, ensuring proactive identification and mitigation of security incidents. Lead a team of analysts and engineers, continuously improving incident response processes and security protocols. Collaborate with cross-functional teams to align security initiatives with business objectives. Manage daily operations, long-term strategies, and the professional growth of SOC team members. Focus on incident prevention through threat hunting, automation, and process optimization. Conduct robust incident response and post-event analysis.

Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field
• Minimum of 6+ years of experience in cybersecurity
• 2+ years in a SOC leadership or management role implementing cybersecurity frameworks (MITRE ATT&CK, NIST, CIS), incident response methodologies, and threat intelligence practices
• In-depth knowledge of security operations, including SIEM, EDR, IDS/IPS, malware analysis, and vulnerability management tools
• Strong expertise in cloud security operations and monitoring for AWS, Azure and GCP platforms

Responsibilities

• Oversee daily SOC activities, ensuring timely detection and response to security incidents
• Manage, mentor, and develop the SOC team, including Tier 1, 2, and 3 analysts
• Coordinate incident response efforts and collaborate with other departments (IT, Risk, Legal, etc.) including external partners (eg: MSSPs, threat intelligence providers)
• Lead post-incident analysis to identify root causes and implement long-term corrective actions
• Continuously review and enhance SOC processes, including playbooks, response procedures, and threat hunting practices

Preferred Qualifications

• Proven ability to drive incidents to conclusions based on SLA and severity ratings
• Experience in threat hunting, forensics, or malware analysis
• Experience with working with MSSP
• Experience with creating meaningful metrics pertaining to SOC operations
• Knowledge of advanced persistent threats (APTs) and modern attack techniques
• Proficiency with security automation (SOAR), orchestration, and scripting (Python, Powershell, etc.) to enhance SOC operations
• Certifications such as CISSP, CISM, CEH, or similar are strongly preferred
• Familiarity with DevSecOps and security monitoring in CI/CD environments and containerized environments (Docker, Kubernetes)
• Proficiency in using APIs with automation to complete tasks
• Experience with HIPAA and health-tech systems like Electronic Health Records, Clinical data, etc preferred

Benefits

• Flexible work schedules and the ability to work remotely are available for many roles
• Health, dental and vision insurance paid up to 80% for employees, dependents and domestic partners
• Robust time-off plan (21 days of PTO in your first year)
• Two paid volunteer days and 11 paid holidays
• 12 weeks paid parental leave for all new parents
• Six weeks paid sabbatical after six years of service
• Educational Assistant Program and Clinical Employee Reimbursement Program
• 401(k) with up to 4% match
• Stock options