Manager, Security Operations
About The Position
As the Security Operations Manager, you will lead the security monitoring and response processes and systems solution and assist in driving the strategic and technical direction of the Information Security Program at Simpson. This is a hands-on technical management role with responsibilities for daily operational security monitoring and incident response, and for assisting in end-user security awareness training and managing third-party managed services for security operations command controls (SOC). You will report to the VP, Cybersecurity & CISO, and will be a key member of the Simpson Strong-Tie Digital Cybersecurity team.
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience) required.
- 7+ years of cybersecurity experience, including at least 2 years leading a security operations or incident response function.
- Demonstrated experience coordinating with external security service providers (MDR, MSSP, or IR vendors).
- Strong working knowledge of detection, response, and automation concepts across cloud and hybrid infrastructures.
- Experience managing enterprise user awareness and phishing simulation programs.
- Excellent incident management, communication, and cross-functional leadership skills.
Nice To Haves
- Familiarity with OT/ICS environments and operational technology response practices.
- Experience with EDR and MDR-integrated ecosystems.
- Certifications such as GCIH, GCFA, CIRL, GCTI, GDAT, GMON, CISM, or CISSP preferred.
- Experience with MITRE ATT&CK, NIST CSF, and NIST 800-61 frameworks.
Responsibilities
- Incident Lifecycle Management (35%): Serve as the primary incident coordinator for cybersecurity events, ensuring structured response and recovery following NIST 800-61 and company playbooks. Manage the incident lifecycle internally — including communications, stakeholder coordination, forensics oversight, and post-incident review. Lead post-incident “lessons learned” reviews to identify control gaps and process improvements. Partner with key teams to ensure timely remediation and improved detection coverage. Maintain and continuously improve incident response playbooks, ensuring readiness across diverse threat scenarios.
- MDR Management (35%): Manage the relationship with the external MDR provider, ensuring clear SLAs, escalation paths, and reporting cadence. Validate and monitor MDR performance metrics, such as detection accuracy, false positive rates, and response time. Ensure MDR visibility of our security telemetry, detection content, alerting, and response adequately protect Simpton. Collaborate with the MDR provider to prioritize and improve MITRE ATT&CK technique coverage and detection engineering. Partner with MDR to coordinate threat hunting, threat intelligence integration, and response automation activities.
- Cybersecurity Awareness and Training Program (30%): Own the Cybersecurity Awareness and Training Program, including deployment of enterprise training modules, targeted education, and annual awareness campaigns. Design and execute phishing simulation exercises that measure and improve employee security behavior.
Benefits
- competitive compensation
- quarterly bonuses or commission
- medical, dental, vision
- retirement contributions
- employee stock purchase and bonus plans
- pay for holidays, vacation, sick days, funerals and jury duty
- years of service awards
- employee discounts
- employee referral bonuses
- charitable contribution matching
- education reimbursement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
