Deputy Security Operations Center Manager

About The Position

Requirements

• Minimum of SEVEN (7) years of SOC operations experience; to include specific experience leading SOC operations or security monitoring teams, including hands-on incident response and investigations.
• Strong familiarity with SIEM platforms, endpoint detection and response (EDR) tools, and SOAR workflow automation.
• Demonstrated ability to develop and maintain detection use cases, playbooks, and investigative procedures.
• Experience defining and reporting SOC metrics and KPIs to measure effectiveness and drive operational improvements.
• Excellent written and verbal communication skills with the ability to communicate technical details to non-technical stakeholders and executive leadership.
• Proven leadership skills: coaching, performance management, scheduling for 24/7 operations, and handling escalations under pressure.
• Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent experience in cybersecurity operations.

Nice To Haves

• Professional certifications such as CISSP, CISM, or GIAC that demonstrate advanced security knowledge.
• Experience with Splunk, Elastic, QRadar, or other major SIEM technologies and associated tuning/analytics.
• Hands-on experience with cloud-native security tools and environments (AWS, Azure, or GCP).
• Background in healthcare or regulated industries with familiarity with relevant compliance requirements (e.g., HIPAA).
• Scripting or automation skills (Python, PowerShell) to build integrations and automate repetitive operational tasks.
• Experience with threat hunting, MITRE ATT&CK framework application, and proactive detection engineering.

Responsibilities

• Lead day-to-day operations of the Security Operations Center (SOC), ensuring consistent, reliable monitoring, detection, and response to security incidents across the environment.
• Supervise, mentor, and develop SOC analysts and shift leads; manage staffing, scheduling, and escalation procedures for a 24/7 operational model.
• Coordinate incident response activities with internal teams and external partners; drive root cause analysis, post-incident reviews, and continuous improvement of playbooks and runbooks.
• Operate and tune core SOC tooling (SIEM, EDR, SOAR) to improve detection coverage, reduce false positives, and accelerate investigation times.
• Define, collect, and report on SOC performance metrics and KPIs; present operational status and trends to leadership and key stakeholders.
• Partner with threat intelligence, vulnerability management, and engineering teams to operationalize threat indicators and harden systems based on observed threats and vulnerabilities.
• Manage vendor relationships and third-party security monitoring services, ensuring SLAs and deliverables meet organizational requirements.

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend