Jobs · Information Technology · California

Senior Manager, Security Operations Center

Bloom Energy · San Jose, CA · 2 wk ago
Information Technology$179k–$257k/yrFull-time

Responsibilities

  • Oversee 24/7/365 SOC operations
  • Lead a team of cybersecurity analysts performing detection, triage, escalation, monitoring, and ensure effective coordination of all incident response activities
  • Own all the administration, fine tuning, and optimization of all SOC tools engineering efforts including timely and accurate analysis of alerts - SIEM, SOAR, EUBA, Threat Intelligence, Data pipelines, Security Data Lake, and NDR
  • Lead transformation of existing SOC to AI-powered SOC
  • Develop detailed incident response playbooks, implement 24x7x365 monitoring and reporting procedures, and provide regular situational awareness updates to senior management
  • Manage day-to-day SOC operations, staffing all shifts, ensuring continuous monitoring of Bloom Energy networks and systems for security events and anomalies
  • Lead SOC analysts performing event detection, triage, escalation, and coordination with incident response teams
  • Develop, implement, and maintain SOC standard operating procedures (SOPs), playbooks, and escalation protocols
  • Ensure timely and accurate analysis of alerts from SIEM, EDR, and network monitoring tools such as NDR
  • Cook up coordination with cybersecurity, IT operations, NOC, GRC, and Risk Management teams to ensure an integrated defense posture and rapid response to incidents
  • Oversee SOC training programs, ensuring analyst proficiency in threat detection, correlation, and response processes
  • Oversee proper hand-off process between different shifts
  • Rigorously conduct root-cause and trend analysis on incidents to identify systemic vulnerabilities and areas for improvement
  • Prepare and regularly report SOC related metrics, KPIs, KRIs
  • Prepare daily, weekly, monthly, and quarterly operational reports and briefings for senior management
  • Advise leadership on emerging threats, attack trends, and SOC performance metrics
  • Drive continuous improvement of monitoring coverage, use cases, and automation within SOC tools and workflows

Requirements

  • Bachelor's degree cybersecurity, information systems, or a related technical field and/or 12-15 years of experience in cybersecurity domain including security operations, analysis, and/or incident response
  • 5+ years managing Security Operations team
  • Experience with SOC tools such as SIEM, SOAR, IDS/IPS, EDR, NDR, Threat Intelligence and Incident Response
  • Proven ability to coordinate cross-functional teams during incident response and recovery
  • Familiarity with tools such as Splunk, Recoded Future, Elastic, Tenable, and SOAR platforms
  • Knowledge of MITRE ATT&CK, and NIST 800-61 (Computer Security Incident Handling Guide)
  • Experience implementing SOC metrics, KPIs, and automation strategies
  • Leadership, communication, and presentation skills, with the ability to brief senior leadership team

Similar jobs

Senior Manager, Security

DSV - Global Transport and LogisticsAustin, NC· 4 wk ago
Management$112k–$145k/yrapply on jobs.dsv.com