Manager, Intelligence and Operations

About The Position

Requirements

• 10+ years of progressive experience in information security or IT security roles.
• 3+ years in a technical security leadership or management role, with responsibility for setting direction and leading teams.
• Strong background in security operations, incident response, threat detection, and monitoring.
• Demonstrated experience securing Azure and Microsoft 365 environments in regulated or enterprise contexts.
• Working knowledge of SIEM platforms (e.g., Sentinel, Splunk), EDR/NGAV, email security, and vulnerability management tools.
• Experience aligning technical security controls to regulatory frameworks (FedRAMP, NIST, CMMC).
• Excellent communication, prioritization, and cross-functional coordination skills.
• Must gain and maintain Trusted Role.
• U.S. citizenship required due to contract obligations.

Nice To Haves

• Experience leading and scaling 24/7 security operations with a mix of internal staff and third-party providers.
• Familiarity with cloud service delivery models and managed security operations.
• Experience supporting audits through operational readiness, documentation, and response coordination.
• Ability to evaluate security tooling and make risk-based recommendations without requiring deep hands-on implementation.
• Prior experience in highly regulated industries or SaaS environments serving government or critical-infrastructure customers.
• CISSP or comparable senior-level security certification

Responsibilities

• Security Operations Leadership Own the day-to-day and strategic operation of security monitoring, incident response, and threat detection across cloud and on-prem environments.
• Serve as the technical escalation and decision authority for security incidents, advising executive stakeholders and acting as a core member of the Crisis Response Team.
• Lead and mature incident response, digital forensics, and threat intelligence capabilities across Azure, Microsoft 365, and supporting infrastructure.
• Ensure 24/7 security operations coverage through effective contractor oversight, clear runbooks, and defined escalation paths.
• Cloud & Microsoft Security Focus Provide operational leadership and direction for security controls and monitoring related to Azure, Microsoft Entra ID, Defender, Sentinel, Secure Score, and Microsoft 365.
• Partner with engineering and product teams to embed security in DevSecOps.
• Advise on secure cloud architecture decisions and ensure security tooling aligns with multi-tenant and regulated service models.
• Vulnerability, Risk & Operational Assurance Direct the Vulnerability Management program, covering infrastructure, applications, and cloud configurations.
• Lead threat hunting and operational risk assessments, identifying gaps in detection, response, and visibility.
• Support audits and compliance activities by providing operational evidence, incident records, and control validation.
• Provide input and recommendations to governance and architecture teams based on operational findings and observed risk trends.
• Security Technology & Program Management Own the security tooling ecosystem, including SIEM, EDR, IDS, email security, DLP, and application control technologies.
• Develop and maintain security technology roadmaps, evaluating new tools and capabilities based on risk reduction, scalability, and cost/benefit.
• Drive standardization, documentation, and operational maturity through SOPs, playbooks, and metrics.
• People, Vendor & Stakeholder Management Coach and mentor the security engineer and contractors, setting clear expectations, priorities, and performance standards.
• Balance contractor-driven execution with internal ownership, ensuring knowledge retention and accountability.
• Partner closely with IT, Cloud Engineering, Product, Compliance, and Executive Leadership to integrate security into business initiatives.
• Communicate complex security topics clearly to both technical and non-technical stakeholders.
• Drive strategic and operational direction to the team, and maintain responsibility for ensuring the maintenance, operations, and support of complex security products.
• Provide leadership & technical expertise of Threat Intelligence, Incident Response, and Forensics activities in cloud (Azure/M365) and on-premise environments
• Ability to advise on technical solutions in alignment with compliance requirements, including FedRAMP, NIST 800-171, CMMC, UK Cyber Essentials, and ISO 27001.
• Manage and refine the security monitoring tools suite including SIEM, Endpoint protections, IDS, Detection and Response (EDR), Email Gateway, Application Whitelisting, and DLP.
• Knowledge of Azure cloud and security technologies including EntraID, Defender for Cloud, and Secure Score.
• Lead and conduct Risk assessments and routine threat hunts of the environment and develop solutions to address issues identified.
• Direct and evolve the Vulnerability Management program with experience in infrastructure, application (DAST), and code scanning (SAST/SCA/IaC) technologies.
• Provide advice and recommendations for system and device hardening, and familiarity with common baseline compliance frameworks (e.g., CIS Benchmarks)
• Develop security technology roadmaps, evaluate new products for varying system architectures, and provide cost/benefit analysis in alignment with business objectives.
• Manage the physical security and access management of the facilities
• Manage incidents, advise executive stakeholders, and serve as the technical focal point for the Crisis Response Team in response to cyber incidents.
• Coach, manage, and mentor the team members with a strong focus on refining standard operating procedures and documentation.
• Coordinate and partner closely with various parts of the business and their management to ensure security integration

Benefits

• We believe in employee development: we promote internally and provide training and educational assistance
• We provide a fun, engaged workplace, with social and community-building events
• We offer comprehensive benefits and flexible time off plans