Manager, IT - SOC

Ivalua•Pittsburgh, PA

18h•Hybrid

About The Position

Our IT department, international in scope (EMEA, AMER, APAC) and in full growth, is made up of over sixty IT & Cybersecurity professionals in charge of the deployment and operations of the Ivalua Cloud, which hosts the environments for our clients around the world. It is also responsible for internal IT infrastructures, IT applications and data, IT support for our users as well as the Security monitoring & IT security handling. In this context of growth, we are looking for a skilled SOC Manager based in Pittsburgh to expand our team capability and embrace the era of AI. The Manager, IT SOC is responsible for leading and developing a global Security Operations Center team, ensuring 24/7 security monitoring, effective incident response, and proactive vulnerability management across the organization. This role provides technical leadership, operational governance, and strategic direction to protect the company’s infrastructure, cloud environments, applications, and data from cyber threats. You will report to the Global IT Director and will manage a distributed team of SOC analysts based in the United States, France, and India, ensuring consistent processes, tooling, and service levels across regions.

Requirements

SIEM platforms (Splunk, Microsoft Sentinel, QRadar, Elastic, etc.)
EDR/XDR solutions (Microsoft Defender, CrowdStrike, SentinelOne, etc.)
Cloud security (Azure, AWS, GCP security monitoring and logging)
Vulnerability management tools (Qualys, Tenable, Rapid7, etc.).
Knowledge of NIST, MITRE ATT&CK, ISO 27001, SOC2, CIS benchmarks, and ITIL/IT operations processes
Excellent understanding of networking, operating systems, and application security fundamentals
Bachelor’s degree in relevant field preferred with a minimum of 7 years of relevant professional experience, OR Master’s degree in relevant field with a minimum of 5 years relevant professional experience, OR Equivalent combination of education and experience
Relevant certifications such as GIAC, OSCP, HTB are preferred. 7–12+ years in cybersecurity, with 3–5+ years in SOC or security operations leadership.
Proven experience managing distributed/global security teams.
Strong background in incident response, security monitoring, and vulnerability management.
U.S. Citizen / Permanent Resident. No sponsorship required
Strong leadership and people management skills
Structured, process-driven, and comfortable with crisis management, problem solving aptitude
Team player, good communication skills and confortable working in multicultural, global teams and across time zones.
Strong reporting & good documentation writing skill.

Nice To Haves

Knowledge of cloud concepts and platforms, especially Azure.
Experience in an international company & team.
Experience in monitoring regulated environments (Fedramp, IRAP)

Responsibilities

Lead and manage the global SOC team (6 analysts across multiple time zones, relying also on our 24/7 global IT Service center in India).
Ensure continuous monitoring of security events using SIEM, EDR/XDR, NDR, and cloud security tools.
Define, maintain, and optimize SOC processes, playbooks, and runbooks.
Ensure detection use cases are continuously improved to reduce false positives and increase detection coverage.
Manage SOC KPIs and SLAs (MTTD, MTTR, alert volume, incident closure rates).
Oversee security incident handling from triage to containment, eradication, and recovery.
Act as escalation point for major security incidents and coordinate with IT, Infosec, Business, Legal, and Communications teams.
Lead post-incident reviews (lessons learned, root cause analysis) and implement remediation plans.
Coordinate with external partners (MDR providers, forensics firms, law enforcement if required).
Collaborate closely with Infosec on the vulnerability management lifecycle: scanning, prioritization, remediation tracking, and reporting.
Work with infrastructure, cloud, and application teams to ensure timely patching and risk mitigation.
Define vulnerability SLAs based on risk and business criticality.
Help Infosec to provide risk-based reporting to technology and business stakeholders.
Contribute to security policies, standards, and operating procedures.
Support audits, regulatory requirements, and frameworks (e.g., ISO 27001, NIST, SOC2, PCI DSS, GDPR, HIPAA, FEDRAMP, IRAP).
Maintain documentation and evidence for security operations controls.
Own SOC tooling strategy (SIEM, SOAR,, vulnerability scanners, cloud security tools, etc.) and contribute to the other IT security solutions (EDR/XDR, Network & Cloud Security, Identity protection, etc.). Evaluate and implement new security technologies and integrations.
Drive automation and orchestration to improve SOC efficiency and reduce manual workload.
Contribute actively to the security logging quality (new technologies, review existing log sources and help to get them optimized and cleaned-up).
Manage and mentor SOC analysts across regions and time zones.
Define shift models, on-call rotations, and coverage strategy.
Conduct performance reviews, training plans, and career development.
Foster collaboration between US, France, and India teams to ensure consistent operations and engage actively with the overall IT & Infosec community
Produce executive-level security operations reports and dashboards.
Communicate risks, incidents, and trends to senior leadership (CISO, IT leadership, risk committees).
Provide guidance to engineering and business teams on security best practices.

Benefits

Hybrid working model (3 days in the office per week)
Snacks and weekly lunches in the office
Regular social events, competitive outings, team running events, and musical activities
medical, dental, vision, retirement (with company match)

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume