Security Operations Manager (Hybrid in Houston, TX)

About The Position

Requirements

• Bachelor's degree in computer science, Information Security, or related field.
• 7+ years of experience in cybersecurity, with 3+ years in a management or leadership role.
• Proven expertise in SOC operations, incident response, vulnerability management, cloud, and security.
• Strong understanding of application and product security, including secure coding and DevSecOps.
• Experience managing or coordinating with MSSP/MDR providers and external security partners.
• Familiarity with compliance frameworks such as SOC 2, ISO 27001, NIST, and GDPR.
• Excellent leadership, communication, and cross-functional collaboration skills.
• Excellent collaboration and communication skills across technical and executive audiences.
• Employment eligibility to work with Quorum Software in the United States is required as the company will not pursue visa sponsorship for this position. The successful candidate will be required to ensure they maintain and renew any visas or permits that grant employment eligibility where applicable.

Nice To Haves

• Relevant certifications such as CISSP or CISM
• Experience with security tools such as Sentinel One, Microsoft E5, Tenable, Veracode.
• Background in SaaS or software product security environments.

Responsibilities

• Lead and mentor the Corp/Ops Sec and Product/Assurance Sec teams, setting priorities, goals, and KPIs aligned with Quorum's security strategy.
• Provide hands-on guidance across SOC operations, incident response, vulnerability management, and application security.
• Foster collaboration across Security, IT, CloudOps, Product, and Engineering teams to ensure alignment of operational and product security practices.
• Promote a culture of accountability, innovation, and continuous improvement in security operations and assurance.
• Oversee SOC 24/7 operations and coordination with the MSSP to ensure effective detection, triage, and incident response.
• Drive incident response planning and execution, ensuring incidents are investigated, documented, and remediated effectively.
• Manage metrics reporting, security awareness & training, and threat intelligence integration into operational processes.
• Oversee access management and PAM, ensuring least privilege and secure identity practices across the enterprise.
• Support email and web security, endpoint protection, and attack surface management to reduce organizational exposure.
• Lead vulnerability management programs for Quorum's products, ensuring timely identification and remediation of security findings.
• Oversee application security activities, including SAST, DAST, and SCA scanning, secure code practices, and bug bounty programs.
• Coordinate penetration testing, red team exercises, and follow-up remediation.
• Manage cloud security posture management (CSPM) and collaborate with engineering teams on secure deployment of AWS and Azure environments.
• Establish and maintain product security metrics, reporting, and continuous improvement plans.
• Work with engineering to integrate security into CI/CD pipelines and software delivery.
• Collaborate with the GRC team on audit readiness, control design, and evidence collection for SOC 2, ISO 27001, and NIST CSF compliance.
• Partner with Security Architecture on design reviews, threat modeling, and risk assessment for new solutions.
• Work closely with Product Security Specialists across business units to integrate security controls and best practices throughout the product lifecycle.
• Engage with key partners and vendors, ensuring tool alignment, performance, and coverage.
• Develop and maintain operational playbooks for detection, response, and assurance activities.
• Measure and report key risk and performance indicators for leadership visibility.
• Identify automation, AI, and integration opportunities to improve efficiency and detection accuracy.
• Lead post-incident reviews and implement lessons learned into improved controls and processes.
• Stay informed on evolving threats, security technologies, and industry best practices relevant to SaaS, cloud, and product security.