Jobs · Information Technology · Arizona

Security Operations Center Manager

Information TechnologyFull-time

General Statement of Duties

The Security Operations Center (SOC) Manager is responsible for leading and maturing the organization’s cybersecurity monitoring and incident response capabilities. This role oversees 24/7 security operations, ensures effective detection and response to cyber threats, and drives continuous improvement of security tooling, processes, and analyst performance. The SOC Manager will lead a team of security analysts and engineers (Tier 1–3), coordinate incident response activities, and partner cross-functionally with Infrastructure, Risk, Compliance, and Executive Leadership to protect enterprise systems, data, and operations. This role provides these services across all contracted and operational markets.

Essential Functions

  • Lead the daily operations of the Security Operations Center, including oversight of 24/7 monitoring, triage, and escalation procedures.

  • Develop and manage SOC staffing models, shift schedules, and on-call rotations to ensure continuous coverage.

  • Establish, maintain, and continuously improve SOC policies, procedures, playbooks, and escalation matrices.

  • Define, monitor, and report on SOC performance metrics including Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), alert fidelity, and analyst productivity.

  • Oversee investigation and response to security incidents including malware, phishing, ransomware, insider threats, and advanced persistent threats.

  • Serve as Incident Commander during high-severity security events, ensuring coordinated response and executive communication.

  • Ensure accurate documentation, root cause analysis, and post-incident reporting for all security events.

  • Lead cyber readiness exercises and tabletop simulations to improve organizational preparedness.

  • Manage and optimize security monitoring technologies including SIEM, SOAR, EDR/XDR, IDS/IPS, and threat intelligence platforms.

  • Ensure appropriate log ingestion, correlation rule tuning, and continuous enhancement of detection capabilities.

  • Drive automation initiatives to improve response efficiency and reduce manual analyst workload.

  • Partner with IT and infrastructure teams to prioritize vulnerability remediation based on risk, exploitability, and business impact.

  • Align SOC operations with applicable regulatory and cybersecurity frameworks such as NIST CSF, ISO 27001, and industry-specific requirements.

  • Hire, mentor, and develop SOC personnel, establishing career progression paths and conducting performance evaluations.

  • Provide regular reporting to senior leadership on threat trends, risk posture, and security operations effectiveness.

  • Translate technical findings into clear business risk language for executive and board-level audiences.

  • Support internal and external audits, regulatory inquiries, and compliance reporting requirements.

Education and Certifications

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)

  • Industry Standard Technical Certifications: CISSP (preferred), CISM (preferred), CEH (required), Security+ (required)

Experience

  • 8+ years of experience in cybersecurity operations

  • 3+ years of experience managing security teams, SOC functions and multi market/client environments (MSP)

  • 3+ years of experience leading incident response in enterprise environments

  • Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar)

Requirements

  • Strong understanding of threat detection, log analysis, and network security principles

  • Strong interpersonal and communication skills, with the ability to work effectively in a team environment

  • Detail-oriented and highly organized, with the ability to manage multiple projects simultaneously

  • Familiarity with industry standards, regulations, and best practices

  • Willingness to learn and adapt to new technologies and methodologies

Knowledge

  • SIEM and log management platforms

  • EDR/XDR technologies (SentinelOne, Defender, CrowdStrike, KaseyaOne)

  • Firewall and IDS/IPS technologies

  • Cloud security monitoring (Azure, AWS, GCP)

  • Threat intelligence platforms

  • Vulnerability management tools (Nessus, Qualys)

  • SOAR automation platforms

Environmental Working Conditions

  • Standard office environment, most days at computer

  • Requires sitting and standing associated with a normal office environment

  • Manual dexterity using a calculator and computer keyboard

  • Organizational Requirements: HOPCo Mission, Vision and Values must be acknowledged and adhered to

Physical/Mental Demands

  • Requires sitting and standing associated with a normal office environment

  • Manual dexterity using a calculator and computer keyboard

  • Organizational Requirements: HOPCo Mission, Vision and Values must be acknowledged and adhered to

Similar jobs

Operations Manager

Allied UniversalMenomonee Falls, WI· 2 wk ago
Managementapply on diversifiedm-aus.icims.com

Operations Manager

Morgan Advanced MaterialsElkhart, IN· 1 mo ago
Managementapply on careers-morganplc.icims.com

Operations Manager

BrightView LandscapesBluffton, SC· 1 mo ago
Managementapply on brightviewcareers.com

OPERATIONS MANAGER

City Electric SupplyRockville, MD· 3 mo ago
Managementapply on paycomonline.net