Jobs · Information Technology · California

Technical Manager, Information Security

Atomic Machines · Emeryville, CA · 2 wk ago
HybridInformation Technology$200k/yrFull-time

About The Role

The Technical Manager, Cybersecurity is a hands-on role responsible for managing the full lifecycle of enterprise cybersecurity tools, technologies, and detection capabilities across a complex hi-tech manufacturing environment. This role bridges strategic security direction with day-to-day technical execution — managing an external team of engineers and security vendors to deliver consistent, scalable protection across cloud, OT/ICS, endpoint, identity, and network domains.

This is a role that is the escalation point for incidents and a key voice in shaping security policy, standards, and vendor partnerships.

What You’ll Do

  • Advance the detection and response program, leading coverage across Cloud, SaaS, Endpoint, and Identity domains.
  • Implement organization-wide automation to reduce alert fatigue and accelerate response across all security tooling.
  • Mature SIEM and cloud-native logging architectures, ensuring a cost-aware telemetry pipeline spanning corporate, manufacturing, and engineering environments.
  • Define and implement scalable security controls that strengthen cloud and infrastructure security through detection, configuration standards, and automated enforcement.

Primary Responsibilities

Security Tool Management

  • Own end-to-end lifecycle management of the enterprise security toolset, including deployment, configuration, tuning, and decommissioning.
  • Configure and manage network security platforms, including next-gen firewalls, IDS/IPS, DDI, VPN, NAC, Web Filtering, CASB/SASE, SIEM, EDR/XDR, vulnerability scanners, and network traffic visibility solutions.
  • Manage SIEM operations, including data source onboarding, log normalization, correlation rule development, and alert tuning.
  • Develop and enforce network device hardening standards; serve as the senior technical escalation point for break/fix incidents across internal and vendor teams.

Team Leadership & Vendor Management

  • Lead and mentor internal technical staff and external security vendors, holding all parties accountable to SLAs, quality standards, and security outcomes.
  • Partner with MSPs, SOCs, and specialized vendors to extend team capabilities; conduct regular performance reviews and contract evaluations.
  • Interface with IT leadership and security management to develop solutions that meet evolving business and regulatory requirements.

AWS Security & Cloud Posture

  • Define and enforce cloud security best practices across all accounts and organizational units, including IAM least-privilege, resource policy governance, and SCP guardrails.
  • Lead implementation and tuning of cloud security services; maintain network security architecture, including VPC segmentation, security groups, PrivateLink, WAF, and DDoS protection services.
  • Help embed security into CI/CD pipelines, Infrastructure as Code(IaC) templates in partnership with cloud and platform engineering teams.
  • Define cloud security configuration standards (CIS Benchmarks, Security Best Practices, etc.) and enforce automated compliance.

Threat Detection & Incident Response

  • Lead threat-model–driven detection strategy across SIEM, cloud-native platforms, and adjacent tooling, ensuring coverage across cloud, SaaS, endpoint, and identity domains.
  • Serve as our senior escalation point during complex incidents, driving technical analysis, coordinating response, and guiding post-incident remediation.
  • Identify gaps in detection coverage, telemetry ingestion, and automation; mature playbooks to reduce detection and response time across security operations.

OT/ICS & Manufacturing Security

  • Conduct OT cybersecurity assessments, identifying risks and prioritizing remediation recommendations.
  • Design and support network segmentation strategies for OT/IT convergence environments, including segmented ICS networks.
  • Identify and implement appropriate remote and local access controls for manufacturing systems, collaborating with engineering and operations teams to avoid disrupting production.

Architecture & Engineering Standards

  • Own and maintain architectural standards, including reference architectures, data flow diagrams, detection pipeline operating models, and security design patterns.
  • Partner with IT infrastructure, platform, and engineering teams to embed security into cloud design, IAM strategy, and network architecture from inception.

Policy, Compliance & Governance

  • Develop and maintain security policies and procedures aligned to support regulatory requirements (NIST, SOC 2, ISO 27001).
  • Ensure audit-readiness and evidence collection for compliance assessments; produce stakeholder-ready risk articulations, including impact assessments and recommended mitigations.

What You’ll Need

  • Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related technical field. Equivalent combination of education and experience considered.
  • 8+ years of progressive cybersecurity engineering experience, with at least 2–3 years in a technical lead or people management capacity.
  • Demonstrated experience managing both internal security engineers and external vendors/MSSPs, with accountability for security outcomes and SLA adherence.
  • Hands-on expertise with enterprise SIEM platforms (Splunk, Sentinel, Chronicle, or equivalent) including detection rule authoring, data onboarding, and operational tuning.
  • Deep working knowledge of cloud security services: Security Hub, GuardDuty, CloudTrail, Config, IAM, Macie, Inspector, VPC security architecture, and SCPs.
  • Experience conducting OT/ICS cybersecurity assessments in manufacturing, industrial, or critical infrastructure environments is strongly preferred.
  • Familiarity with threat modeling frameworks (MITRE ATT&CK, STRIDE) and their application to cloud and OT environments.
  • Experience developing security automation using SOAR platforms (Palo Alto XSOAR, Splunk SOAR, Tines, or equivalent) and scripting (Python, PowerShell).
  • CISSP or CISM, AWS Certification, CompTIA Security+, GIAC, GCIA, GCIH, Palo Alto PCNSE or Splunk Certified Architect, etc.

Technical Skills

  • SIEM / Detection: Splunk ES, Microsoft Sentinel, Rapid 7, Palo Alto – rule authoring, data onboarding, correlation tuning
  • AWS Security: Security Hub, GuardDuty, CloudTrail, Config, Macie, Inspector, WAF, IAM, SCPs, VPC security architecture, AWS Organizations
  • Security Tools: Firewalls, IDS/IPS, SIEM (Rapid7/Splunk/Palo Alto), NAC (Cisco ISE/Aruba ClearPass), Vulnerability Scanners
  • Cloud IAM: AWS IAM, Okta, Azure AD/Entra ID, PAM (CyberArk/BeyondTrust) – identity governance and least privilege
  • OT/ICS Security: Dragos, Claroty, or Nozomi – OT visibility; Purdue model, IEC 62443, NERC CIP awareness

Compensation

The compensation for this position also includes equity and benefits. Salary Range: $200,000 USD - $260,000 USD

Similar jobs