Manager, Security Operations

NasuniBoston, MA
5dHybrid
Match Resume

About The Position

Nasuni is seeking a deeply technical and operationally rigorous Manager, Security Operations to lead and evolve our enterprise cybersecurity operations program. Reporting to the Chief Information Security Officer, this role owns internal security operations across detection, response, identity security, vulnerability management, and operational defense across cloud, endpoint, and hybrid environments. You will lead a global security operations function responsible for incident response, SIEM/SOAR engineering, identity governance, endpoint and email security, and proactive threat detection. This is a hands-on, player-coach leadership role, managing a small but growing team across regions, including the US, UK and India. This role requires someone who can personally lead high-severity incidents end-to-end, while also building and improving the systems, processes, and team around them. This role includes participation in an on-call rotation and requires availability during high-severity incidents, including evenings or weekends as needed. You will act as a key escalation point in partnership with a 24x7 monitoring vendor. This role leads enterprise-wide security operations and incident response across corporate systems and cloud infrastructure (primarily AWS). The Manager defines operational security standards, drives detection quality improvements, leads automation initiatives, and serves as the primary escalation authority for high-severity incidents. This is a player-coach role with: Direct people leadership (small, distributed team) Hands-on technical ownership (incident response, detection, tooling) Responsibility for centralizing and improving visibility across multiple security tools and signals Success in this role is defined by: Measurable reduction in risk exposure Improved response times (MTTD / MTTR) Strong cross-functional coordination across regions (US, UK, India) Resilient, scalable security operations execution

Requirements

  • 6–9+ years of experience in enterprise security operations
  • 2–4+ years leading security operations teams or programs
  • Proven experience personally leading incident response end-to-end (not limited to alerting or support roles)
  • Hands-on expertise with:
  • SIEM engineering, detection tuning, and alert optimization
  • SOAR playbook development and automation
  • EDR platforms (e.g., SentinelOne) and endpoint detection/response
  • Enterprise email security controls and phishing defense
  • Identity security (Entra ID / Microsoft 365)
  • Strong experience securing cloud environments (AWS required; Azure/GCP exposure a plus)
  • Experience operating within an on-call rotation and escalation model
  • Experience working with MDR or managed security partners
  • Strong communication and decision-making skills during high-severity incidents
  • Experience using scripting, automation, or query languages (e.g., Python, KQL) to improve workflows

Nice To Haves

  • Experience centralizing or integrating multiple security tools into a unified operational view
  • Experience with vulnerability management platforms (e.g., Wiz, Rapid7)
  • Familiarity with GRC programs (SOC 2, ISO 27001) and audit support
  • Experience operating across globally distributed teams and time zones
  • CISSP or equivalent practical experience
  • Experience building or maturing a security operations function in a cloud-first environment
  • Demonstrated success improving detection quality, reducing alert fatigue, and improving MTTR
  • Experience supporting M&A integration or scaling security programs
  • Strong ability to balance hands-on technical depth with team leadership in a player-coach model
  • Experience defending against AI-enabled phishing and social engineering attacks
  • Experience leveraging automation or AI-assisted tooling to improve detection and response workflows
  • Ability to assess emerging risks in identity, email, and OAuth ecosystems driven by AI-enabled threats
  • AI fluency enhances effectiveness but does not replace foundational SecOps depth.

Responsibilities

  • Security Operations Leadership
  • Lead, mentor, and develop a high-performing, globally distributed security operations team
  • Define operational standards, secure configuration baselines, and detection strategies
  • Own the global cybersecurity on-call model, escalation procedures, and vendor interaction model
  • Drive a culture of operational accountability, automation, and detection excellence
  • Partner with GRC stakeholders to support audit and compliance requirements (SOC2, ISO, etc.)
  • Enterprise Security Operations
  • Own enterprise cybersecurity operations across endpoint, identity, email, network, and cloud platforms (AWS primarily)
  • Lead EDR operations including threat detection, investigation, containment, and response (e.g., SentinelOne)
  • Own and evolve SIEM strategy, detection engineering, and integration roadmap
  • Design and maintain SOAR automation and response playbooks
  • Define and enforce identity governance, conditional access, and privileged access controls (Entra ID / M365)
  • Evaluate and optimize security tooling, integrations, and telemetry quality
  • Incident Response & Threat Management
  • Lead and own incident response from triage through resolution as escalation authority
  • Continuously improve incident response plans, playbooks, and runbooks
  • Coordinate with MDR partners and internal stakeholders during active incidents
  • Conduct post-incident reviews and drive systemic remediation
  • Improve detection quality, reduce alert fatigue, and optimize response metrics
  • Defend against modern threats including phishing, BEC, malicious attachments, OAuth abuse, and AI-generated attack techniques
  • Vulnerability & Exposure Management
  • Own the end-to-end vulnerability lifecycle across cloud, endpoint, and infrastructure assets
  • Drive visibility and prioritization across multiple tools (e.g., Wiz, Rapid7, endpoint telemetry)
  • Lead efforts to centralize vulnerability insights across platforms and improve risk-based prioritization
  • Uphold remediation SLAs and drive cross-functional accountability
  • Lead patch validation and automation initiatives
  • Metrics, Reporting & Automation
  • Define and report cybersecurity KPIs and executive dashboards
  • Implement automation to improve investigation speed, response consistency, and reporting quality
  • Maintain operational documentation, SOPs, and architecture baselines
  • Leverage automation and AI-assisted tooling to improve detection quality and operational efficiency

Benefits

  • Best in class employee onboarding and training
  • Comprehensive health, dental and vision plans
  • Life and disability insurance
  • Retirement plan
  • Generous employee referral bonuses
  • Flexible remote work policy
  • Collaborative workspaces

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Manager

Education Level

No Education Listed

Number of Employees

251-500 employees

Job Search Resources

Similar Manager, Security Operations job opportunities

Security Operations Manager
Allied Universal
Allied Universal • Albuquerque, NM7d • $70,000 - $70,000
Security Operations Manager
Allied Universal
Allied Universal • San Jose, CA1d
Security Operations Manager
Allied Universal
Allied Universal • Claymont, DE13d • $50,000 - $55,000
Security Operations Manager
Allied Universal
Allied Universal • Albuquerque, NM5d • $70,000
Manager, Security Operations
CyrusOne
CyrusOne • Ashburn, VA8d • Hybrid
Manager, Security Operations
CyrusOne Management Services
CyrusOne Management Services • Ashburn, VA3d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service