Jobgether
Cybersecurity Operations & Incident Response Manager
Jobgether, Florida, New York, United States
Cybersecurity Operations & Incident Response Manager
This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Cybersecurity Operations & Incident Response Manager in Florida.
This role offers the opportunity to lead a critical, high‑visibility cybersecurity function in a fast‑paced, innovative environment. You will manage a 24×7 security operations capability across hybrid on‑premises and cloud systems, overseeing incident response, threat detection, vulnerability management, and SOC operations. The position blends hands‑on technical expertise with strategic leadership, enabling rapid detection and remediation of security events. You will collaborate across engineering, IT, legal, and compliance teams while mentoring and developing analysts. This is a key role for shaping the organization’s security posture, driving continuous improvement, and influencing both technology and business decisions.
Accountabilities
Lead and manage a lean, highly effective Security and Threat Operations team, including hiring, coaching, and professional development
Establish operating rhythms, standard operating procedures, and incident response workflows to ensure consistent detection, containment, and recovery
Build and maintain the Security & Threat Operations strategy aligned with organizational risk, business objectives, and regulatory requirements
Oversee day‑to‑day security monitoring, SIEM/SOAR operations, detection engineering, log pipelines, and alert tuning
Serve as incident commander for high‑severity events, coordinating cross‑functional response and post‑incident reviews
Own vulnerability management lifecycle, including discovery, triage, remediation prioritization, and risk‑based orchestration
Manage third‑party SOC/MSSP relationships, ensuring quality, adherence to runbooks, and continuous process improvements
Integrate threat intelligence into detection and response operations, and build purple team and threat hunting capabilities
Report KPIs, KRIs, and security performance metrics to executive leadership and support audit and regulatory obligations
Requirements
8+ years in Security Operations, Incident Response, Detection Engineering, or Threat Hunting, with 3+ years in leadership or program management roles
Bachelor’s degree in Information Security, Computer Science, or related field, or equivalent practical experience
Hands‑on expertise in hybrid environments (on‑prem AD, Entra ID/Azure AD, Okta, Microsoft 365, Zscaler, cloud APIs, containerized workloads)
Strong technical skills with SIEM/SOAR, EDR, log pipelines, detection content creation, and tuning
Proven experience as an incident commander, with forensics, containment, and executive communication skills
Experience managing vulnerability programs, risk‑based remediation, and SOC/MSSP oversight
Familiarity with MITRE ATT&CK, cyber kill chain, threat‑led validation, and regulatory compliance frameworks (NIST, FFIEC, GLBA)
Excellent communication and collaboration skills, with the ability to translate technical risks into business terms
Scripting or automation experience (Python, TypeScript, or similar) to improve operational efficiency
Prior experience in regulated industries (finance, healthcare, etc.) is strongly preferred
Benefits
Competitive salary range: $162,681 - $200,000
Comprehensive health, dental, and vision coverage
Retirement savings plans including 401(k) with matching
Paid time off and flexible work arrangements
Professional development opportunities and career growth
Remote work with occasional travel as required for operational coverage
#J-18808-Ljbffr
This role offers the opportunity to lead a critical, high‑visibility cybersecurity function in a fast‑paced, innovative environment. You will manage a 24×7 security operations capability across hybrid on‑premises and cloud systems, overseeing incident response, threat detection, vulnerability management, and SOC operations. The position blends hands‑on technical expertise with strategic leadership, enabling rapid detection and remediation of security events. You will collaborate across engineering, IT, legal, and compliance teams while mentoring and developing analysts. This is a key role for shaping the organization’s security posture, driving continuous improvement, and influencing both technology and business decisions.
Accountabilities
Lead and manage a lean, highly effective Security and Threat Operations team, including hiring, coaching, and professional development
Establish operating rhythms, standard operating procedures, and incident response workflows to ensure consistent detection, containment, and recovery
Build and maintain the Security & Threat Operations strategy aligned with organizational risk, business objectives, and regulatory requirements
Oversee day‑to‑day security monitoring, SIEM/SOAR operations, detection engineering, log pipelines, and alert tuning
Serve as incident commander for high‑severity events, coordinating cross‑functional response and post‑incident reviews
Own vulnerability management lifecycle, including discovery, triage, remediation prioritization, and risk‑based orchestration
Manage third‑party SOC/MSSP relationships, ensuring quality, adherence to runbooks, and continuous process improvements
Integrate threat intelligence into detection and response operations, and build purple team and threat hunting capabilities
Report KPIs, KRIs, and security performance metrics to executive leadership and support audit and regulatory obligations
Requirements
8+ years in Security Operations, Incident Response, Detection Engineering, or Threat Hunting, with 3+ years in leadership or program management roles
Bachelor’s degree in Information Security, Computer Science, or related field, or equivalent practical experience
Hands‑on expertise in hybrid environments (on‑prem AD, Entra ID/Azure AD, Okta, Microsoft 365, Zscaler, cloud APIs, containerized workloads)
Strong technical skills with SIEM/SOAR, EDR, log pipelines, detection content creation, and tuning
Proven experience as an incident commander, with forensics, containment, and executive communication skills
Experience managing vulnerability programs, risk‑based remediation, and SOC/MSSP oversight
Familiarity with MITRE ATT&CK, cyber kill chain, threat‑led validation, and regulatory compliance frameworks (NIST, FFIEC, GLBA)
Excellent communication and collaboration skills, with the ability to translate technical risks into business terms
Scripting or automation experience (Python, TypeScript, or similar) to improve operational efficiency
Prior experience in regulated industries (finance, healthcare, etc.) is strongly preferred
Benefits
Competitive salary range: $162,681 - $200,000
Comprehensive health, dental, and vision coverage
Retirement savings plans including 401(k) with matching
Paid time off and flexible work arrangements
Professional development opportunities and career growth
Remote work with occasional travel as required for operational coverage
#J-18808-Ljbffr