Jobs · Information Technology · Michigan

Security Operations Manager / Information Technologist III/S

Michigan State University · East Lansing, MI · 2 wk ago
Information TechnologyFull-time

Position Summary

As part of the Information Security Office and reporting to the Chief Information Security Officer (CISO), the Security Operations Manager provides supervisory and technical leadership for the Security Operations (SecOps) team. This role is responsible for the day-to-day management and execution of operational cybersecurity services aligned to the NIST Cybersecurity Framework (CSF) 2.0, with emphasis on detection, response, and protection activities. The position combines hands-on technical oversight with staff supervision, operational coordination, and continuous service improvement, ensuring security operations are effective, reliable, and responsive to institutional needs.

Coordinate and oversee security monitoring, alert triage, and threat detection activities

  • Ensure consistent execution of incident response procedures, including escalation, documentation, and after-action follow-up
  • Manage operational aspects of vulnerability identification, analysis, and remediation coordination
  • Oversee daily operation and health of security technologies (e.g., SIEM, endpoint protection, network security, email security)

Directly supervise Security Operations staff, including work assignment, prioritization, and performance feedback

  • Translate assignments into clear operational tasks, procedures, and expectations for staff
  • Provide technical guidance, mentoring, and coaching to support staff development

Support onboarding, training, and skill development aligned with operational needs

  • Contribute to staffing plans, workload balancing, and coverage planning
  • Ensure all operational work is logged, prioritized, and updated in the Information Technology Service Management system

Develop, maintain and improve documented runbooks, procedures, and playbooks for security operations

  • Identify operational gaps, recurring issues, and improvement opportunities
  • Participate in service maturity discussions and help move services toward repeatable and well-defined practices

Support audits, assessments, and reviews by providing operational input and evidence

  • Work closely with other Information Security teams (Governance, Risk, and Compliance, Access Management, Security Engineering, and Incident Response) to support coordinated outcomes
  • Partner with central and federated IT units to resolve incidents and operational security issues
  • Communicate operational risks, trends, and incidents clearly to management and stakeholders

Minimum Requirements

  • Knowledge equivalent to that which normally would be acquired by completing a four-year college degree; with coursework in an information technology specialization related to the area of employment; and five to eight years of related and progressively more responsible or expansive work experience in an information technology area related to the duties to be performed, including experience overseeing large, complex or critical information technology projects; or an equivalent combination of education and experience
  • Demonstrated experience in cybersecurity operations, incident response, or security monitoring
  • Experience supervising staff or leading technical work in an operational IT environment
  • Familiarity with enterprise security tools such as SIEM, EDR/XDR, firewalls, and vulnerability scanning platforms
  • Experience improving or formalizing operational processes and documentation
  • Working knowledge of the NIST Cybersecurity Framework, particularly operational control areas
  • Ability to balance technical work, staff supervision, and service coordination
  • Relevant security certifications (e.g., CISSP, GCIH, GCED, or equivalent)

Desired Qualifications

  • Experience in a higher education or similarly distributed IT environment
  • Experience in cybersecurity operations, incident response, or security monitoring
  • Experience supervising staff or leading technical work in an operational IT environment
  • Familiarity with enterprise security tools such as SIEM, EDR/XDR, firewalls, and vulnerability scanning platforms
  • Experience improving or formalizing operational processes and documentation
  • Working knowledge of the NIST Cybersecurity Framework, particularly operational control areas
  • Ability to balance technical work, staff supervision, and service coordination
  • Relevant security certifications (e.g., CISSP, GCIH, GCED, or equivalent)

Similar jobs