IT Security Operations Manager

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field preferred.
• CISSP, CISM, or equivalent security certifications.
• Proven experience managing SOC operations and incident response.
• 6-8 years' experience in IT/IT Security.
• 2-3 years' experience in security leadership.
• Strong knowledge of security frameworks (NIST, ISO, MITRE ATTACK).
• Excellent leadership, communication, and stakeholder management skills.
• Ability to work under pressure and manage multiple priorities.
• Skilled in SIEM, Vulnerability Management, SOAR, EDR technologies as well as the vendors that provide them.
• Strategic thinking and decision-making.
• Strong analytical and problem-solving skills.
• Ability to obtain and maintain a criminal record/fingerprint clearance from the Department of Justice and Federal Bureau of Investigation per Easterseals of Southern California and/or program requirements.
• Must pass all drug testing required by ESSC.
• This role requires availability outside of standard business hours, including evenings, weekends, or holidays, to support security incidents, emergency response activities, or critical operational events.
• Off‑hours engagement is expected to be infrequent but mandatory when business risk or system integrity requires immediate leadership involvement.

Responsibilities

• Oversees the Security Operations Center (SOC) and ensure effective monitoring and response to threats.
• Manages incident detection, triage, investigation, and remediation processes.
• Implements and maintains security tools such as SIEM, EDR, IDS/IPS, vulnerability management and threat intelligence platforms.
• Provides limited hands‑on technical support for security tooling as needed, including configuration changes, tuning, and validation during incidents, escalations, or major initiatives.
• Performs targeted configuration and troubleshooting of security platforms (e.g., SIEM, EDR, SOAR, vulnerability management tools) to support operational continuity and team effectiveness.
• Serves as an escalation point for complex technical issues where managerial oversight and practical technical expertise are required.
• Conducts regular security assessments and audits to identify and mitigate risks.
• Develops and maintains security policies, standards, and procedures.
• Leads major incident response efforts and coordinate with internal and external stakeholders.
• Develops and maintain incident response plans and playbooks.
• Conducts post-incident reviews and implement lessons learned.
• Monitors emerging threats and trends to enhance security posture.
• Drives automation and process improvements within security operations.
• Manages vendor relationships and evaluate new security technologies.
• Manages the security operations team including schedules, workloads and performance management.
• Performs other duties as assigned.