Manager, Cybersecurity
Overview
As a Senior Manager, Security Operations at Litera, you will lead and mature our security operations function, protecting our global SaaS infrastructure and the sensitive data our clients entrust to us.
Key Responsibilities
Security Operations Leadership - Own and drive the global Security Operations program, including 24x7 monitoring, detection, and response capabilities
Lead, mentor, and develop a team of security analysts and engineers, fostering a culture of ownership, continuous learning, and operational excellence
Set clear goals and expectations, conduct regular performance reviews, and foster a culture of accountability, ownership, and continuous improvement
Manage team capacity, workload prioritization, and resource allocation to ensure operational effectiveness
Manage and optimize our security tooling stack, including Microsoft Defender suite, SIEM/SOAR platforms, and cloud-native security tools
Champion the effective use of AI and automation to enhance team productivity, streamline repetitive tasks, and enable analysts to focus on higher-value workThreat Detection & Incident Response - Oversee threat detection, triage, investigation, and response activities across the enterprise
Develop and refine incident response playbooks, ensuring rapid and effective response to security events
Lead incident response efforts for significant security events, coordinating cross-functional teams and executive communicationsCloud Security Operations - Manage security operations for our multi-cloud environment (Azure, AWS), including cloud security posture management using tools such as Upwind
Partner with Infrastructure and DevOps teams to ensure secure configuration and monitoring of cloud workloads and SaaS application infrastructure
Collaborate with development teams to integrate security monitoring into CI/CD pipelines and support secure SDLC practicesCorporate Infrastructure Security & Hardening - Lead the hardening of Litera's corporate infrastructure through the development and enforcement of security policies across identity, devices, and data
Own and manage conditional access policies and identity management strategies using Microsoft Entra ID, ensuring least-privilege access and strong authentication controls
Develop and maintain device configuration and endpoint hardening policies across the corporate fleet using Microsoft Intune
Lead data protection efforts including data classification frameworks and data loss prevention (DLP) policies using Microsoft Purview to safeguard sensitive client and corporate information
Partner with IT and HR teams to ensure security policies are practical, enforceable, and aligned with business operationsStrategy & Continuous Improvement - Develop and track key metrics and KPIs to measure security operations effectiveness and communicate risk posture to leadership
Leverage AI-powered security tools and capabilities (such as Microsoft Security Copilot) to accelerate threat detection, investigation, and response
Identify opportunities to apply AI and automation across security operations to improve efficiency, reduce manual effort, and scale the team's impact
Stay current on emerging threats, attack techniques, and security technologies to keep our defenses ahead of adversariesGovernance & Compliance - Develop and maintain security operations policies, standards, and procedures aligned with industry frameworks and regulatory requirements
Support audit and compliance activities by providing evidence of security controls and operational effectiveness
Qualifications
Required:
- 8+ years of experience in information security, with at least 3 years in a management role leading security operations or SOC teams
- Deep experience with security operations in cloud environments (Azure and AWS required)
- Hands-on expertise with Microsoft Defender stack (Defender for Endpoint, Defender for Cloud, Sentinel) and cloud security posture management tools
- Proven track record of building and maturing security operations programs and leading incident response efforts
- Strong understanding of threat detection methodologies, MITRE ATT&CK framework, and modern attack techniques
- Demonstrated experience with identity and access management, conditional access policies, and Zero Trust security principles
- Hands-on experience implementing endpoint hardening, DLP, email security, and phishing simulation programs
- Familiarity with SaaS application infrastructure and secure SDLC principles
- Exceptional communication skills with the ability to convey technical risks to executive and non-technical stakeholders
- Self-directed and highly motivated with a strong sense of ownership and accountability
Preferred:
- With Upwind or similar cloud-native application protection platforms (CNAPP)
- Strong experience with Microsoft Entra ID (Azure AD), Intune, Microsoft Purview, and Defender for Office 365 for identity, device, email, and data protection
- Relevant certifications such as CISSP, CISM, GIAC (GSOM, GCIH, GCIA), or Azure/AWS security certifications
- Familiarity with SOC 2, ISO 27001, or similar compliance frameworks