Manager, Security Operations

About The Position

Requirements

• Proven experience in Security Operations or Incident Response leadership roles.
• Strong understanding of security controls, monitoring, and incident management in regulated environments.
• Demonstrated experience supporting government or highly regulated customers.
• Excellent stakeholder management and written communication skills, particularly for audit and customer‑facing contexts.
• Ability to translate technical security issues into clear risk‑based explanations for non‑technical audiences.

Nice To Haves

• Experience supporting audits or frameworks such as ISO 27001, SOC 2, FedRAMP‑aligned environments, or similar.
• Familiarity with SOC tooling (SIEM, EDR, SOAR) and access governance processes.
• Prior experience working with Legal, Privacy, or Compliance teams during security incidents.

Responsibilities

• Act as the primary Security Operations contact for government and regulated customers, supporting security assurance discussions, audits, and contractual obligations.
• Own the operational security relationship with public sector clients, including response to security questionnaires, evidence requests, and assurance reviews.
• Ensure SOC services align with government security expectations, contractual SLAs, and regulatory requirements (e.g. FedRAMP‑adjacent controls, ISO, SOC, regional equivalents where applicable).
• Provide operational leadership across SOC functions supporting government and regulated environments, including: Monitoring and detection Incident response coordination Access governance and periodic reviews Vulnerability and risk tracking
• Ensure consistent, auditable execution of SOC processes aligned to approved runbooks and playbooks.
• Oversee escalation handling for security events impacting regulated customers, ensuring timely, accurate, and compliant communications.
• Lead or coordinate incident response activities involving government or regulated customers, including: Triage and containment oversight Executive and customer communications Post‑incident reporting and lessons learned
• Partner with Legal, GRC, and Communications teams to support regulatory notifications and customer disclosures where required.
• Own delivery of security reporting and evidence for government clients, including: Access reviews Incident summaries Control effectiveness metrics
• Ensure SOC data used for external reporting is accurate, validated, and defensible.
• Support internal and external audits relevant to government and regulated customers.
• Act as a trusted advisor to: Government customer stakeholders Internal Product and Engineering teams GRC, Legal, and Privacy partners
• Translate complex SOC operations into clear, non‑technical risk and assurance narratives for customers and leadership.
• Identify systemic risks or control gaps affecting regulated environments and drive remediation through SOC and engineering teams.
• Contribute to the evolution of SOC processes, tooling, and reporting to better support government and regulated use cases.
• Mentor SOC team members on regulatory awareness, evidence quality, and customer‑facing security operations.