Senior Manager, Cyber Security Operations

About The Position

Requirements

• Bachelor’s degree in Information Security, Computer Science, or related field
• 8+ years of progressive cybersecurity experience, with strong focus on security operations and engineering or equivalent experience
• Proven hands-on experience with the Microsoft security stack: Defender for Endpoint, Defender for Identity, Defender for Office 365, and Microsoft Sentinel
• Demonstrated experience with identity and access management: Microsoft Entra ID, MFA, Conditional Access, and Privileged Identity Management (PIM)
• Cloud security experience in Azure (required) and AWS (a plus); ability to monitor and respond to threats across hybrid cloud environments
• Experience leading or building security operations programs including SIEM, vulnerability management, and security automation in an enterprise environment
• Familiarity with compliance frameworks including NIST CSF, ISO 27001, SOC 2, and HIPAA
• Prior experience in a player-coach capacity — comfortable both leading a team and rolling up sleeves on technical execution
• Strong communication skills with the ability to translate technical risk into business impact for executive and non-technical audiences
• Relevant certifications preferred (CISSP, CISM, CRISC, CCSP, GCIH, etc.)

Responsibilities

• Lead and actively participate in security incident detection, investigation, and response across endpoint, identity, cloud, and SaaS environments including hands-on alert triage, log analysis, and threat intelligence review
• Lead incident response coordination with Legal, HR, Compliance, and Communications; own post-incident reviews and drive continuous improvement of response processes
• Establish and track key operational metrics (MTTD, MTTR, incident trends) and continuously tune detection rules, playbooks, and SOAR automation to reduce noise and improve signal fidelity
• Own and mature the Microsoft security ecosystem - Defender XDR, Microsoft Sentinel (SIEM/SOAR), and Purview - driving integration, automation, and unified detection and response across the environment
• Design and optimize security controls across endpoint (EDR/XDR), identity (Entra ID, MFA, Conditional Access), Azure, AWS, and SaaS applications; lead vulnerability management operations including scanning, prioritization, and remediation tracking
• Consume and operationalize threat intelligence, integrating indicators into Sentinel detection rules; develop SOAR playbooks via Logic Apps to reduce manual effort and accelerate response
• Initially operate as a hands-on individual contributor while building and mentoring a team of 2 security engineers over the next 3–4 months; provide technical guidance and escalation support on complex issues
• Ensure effective prioritization and coverage across security operations, fostering a culture of operational discipline, continuous learning, and security awareness
• Execute against the cybersecurity roadmap in alignment with business objectives; identify control gaps and implement scalable, practical improvements aligned with the organization's risk tolerance
• Partner with Legal, Compliance, and IT to support audits, risk assessments, and regulatory requirements including NIST CSF 2.0, ISO 27001, SOC 2, and HIPAA; contribute to security policy development and enforcement
• Support third-party risk management, vendor security evaluations, and security platform consolidation efforts to reduce complexity and operational cost

Benefits

• Ardelyx also offers a robust benefits package to employees, including a 401(k) plan with generous employer match, 12 weeks of paid parental leave, up to 12 weeks of living organ and bone marrow leave, equity incentive plans, health plans (medical, prescription drug, dental, and vision), life insurance and disability, flexible time off, annual Winter Holiday shut down, and at least 11 paid holidays.