Senior Manager, Security Operations Center

Bloom Energy•San Jose, CA

3d•Onsite

About The Position

At Bloom Energy, our vision for a world powered by clean, reliable, and affordable energy is more than just a dream—we’re making it reality. For over two decades, we’ve been at the forefront of the global energy transition, pioneering solutions that empower critical industries to thrive in a rapidly digitizing, energy-intensive world. From revolutionizing power for AI-driven data centers to ensuring resilience for hospitals, electric grids, manufacturing facilities, and utilities, our solid oxide fuel cell (SOFC) and solid oxide electrolyzer (SOEC) technologies are redefining what’s possible by delivering energy abundance for all. With more than 30,000 fuel cell modules deployed worldwide, we are the trusted partner for Fortune 100 companies and innovators alike. Our cutting-edge solutions enable unparalleled “time-to-power” capabilities, reliability, and sustainability, ensuring our customers remain ahead in a world where soaring energy demand and intensifying energy scarcity are rapidly becoming the new norm. At Bloom, we thrive on collaboration, bold thinking, and relentless innovation. We believe that, together, we can create a brighter, more sustainable future while tackling the most pressing challenges of the 21st century. We are looking for a Senior Manager, Security Operations Center to join our team in one of today’s most exciting technologies. This role will report to our Chief Security Officer and based in San Jose, CA. This is a fully on-site, in office role 5 days a week. Bloom Energy is seeking an experienced Senior Manager, Security Operations Center (SOC) to lead Bloom Energy's cybersecurity defense program. In this role, you will oversee 24/7 SOC operations, lead a team of analysts performing detection, triage, escalation, monitoring and ensure effective coordination of incident response activities. The SOC Senior Manager develops incident response playbooks, implements monitoring and reporting procedures, and provides regular situational awareness updates to senior management to strengthen Bloom Energy's cyber defense posture.

Requirements

Bachelor's degree cybersecurity, information systems, or a related technical field and/or 12-15 years of experience in cybersecurity domain including security operations, analysis, and/or incident response.
5+ years managing Security Operations team.
Experience with SOC tools such as SIEM, SOAR, IDS/IPS, EDR, NDR, Threat Intelligence and Incident Response.
Proven ability to coordinate cross-functional teams during incident response and recovery.
Experience managing a 24/7 SOC.
Familiarity with tools such as Splunk, Recoded Future, Elastic, Tenable, and SOAR platforms.
Knowledge of MITRE ATT&CK, and NIST 800-61 (Computer Security Incident Handling Guide).
Experience implementing SOC metrics, KPIs, and automation strategies.
Leadership, communication, and presentation skills, with the ability to brief senior leadership team.

Nice To Haves

GCFA
GCIA
GICSP
Splunk or other SIEM certifications

Responsibilities

Lead all Cybersecurity Defense program.
Oversee 24/7/365 SOC operations, lead a team of cybersecurity analysts performing detection, triage, escalation, monitoring and ensure effective coordination of all incident response activities.
Own all the administration, fine tuning, and optimization of all the SOC tools engineering efforts including timely and accurate analysis of alerts - SIEM, SOAR, EUBA, Threat Intelligence, Data pipelines, Security Data Lake, and NDR.
Lead transformation of existing SOC to AI-powered SOC.
Develop detailed incident response playbooks, implements 24x7x365 monitoring and reporting procedures, and provides regular situational awareness updates to senior management to strengthen Bloom Energy's cyber defense posture.
Manage day-to-day SOC operations, staffing all shifts, ensuring continuous monitoring of Bloom energy networks and systems for security events and anomalies.
Lead SOC analysts performing event detection, triage, escalation, and coordination with incident response teams.
Develop, implement, and maintain SOC standard operating procedures (SOPs), playbooks, and escalation protocols.
Ensure timely and accurate analysis of alerts from SIEM, EDR, and network monitoring tools such as NDR.
Coordinate with cybersecurity, IT operations, NOC, GRC, and Risk Management teams to ensure an integrated defense posture and rapid response to incidents.
Oversee SOC training programs, ensuring analyst proficiency in threat detection, correlation, and response processes.
Oversee proper hand-off process between different shifts.
Rigorously conduct root-cause and trend analysis on incidents to identify systemic vulnerabilities and areas for improvement.
Prepare and regularly report SOC related metrics, KPI, KRI.
Prepare daily, weekly, monthly, and quarterly operational reports and briefings for senior management.
Advise leadership on emerging threats, attack trends, and SOC performance metrics.
Drive continuous improvement of monitoring coverage, use cases, and automation within SOC tools and workflows.

Benefits

competitive Medical, Dental, and Vision plans with a large employer contribution
a 401(k) Retirement Plan with company match
generous Mental Health Support services
Legal services
virtual Physical Therapy access
Fertility & Family Forming benefits

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume