SOC Manager (IT Cyber Security Manager 2)

About The Position

Requirements

• Six years of supervision, management, or progressively related experience; OR Three years of related experience and a bachelor's degree in a related field.
• Related qualifying information systems experience in: Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps, Attack surface reduction (ASR), device timeline, evidence & response actions, Live response sessions and EDR forensics;
• Qualifying Bachelor degree in Information Technology, Computer Science, or closely related field.

Nice To Haves

• A strong foundation in cybersecurity operations, with the ability to understand, oversee, and guide threat detection, incident response, vulnerability management, and security monitoring across on-premises, cloud, and hybrid environments.
• Operational fluency with modern SOC technologies and workflows, including SIEM, EDR/XDR, log management, alerting, case management, and investigation platforms, with the ability to ask the right questions, challenge assumptions, and make informed decisions when not hands-on in the tools.
• The mindset of a cyber operations leader, able to direct investigations, validate analyst conclusions, prioritize response actions, and ensure incidents are managed effectively from triage through recovery.
• A deep understanding of how enterprise identity, endpoints, networks, cloud services, and security controls interconnect, and how attackers move across them, utilizing the MITRE Att&ck Methods.
• Proven ability to build, mentor, and sustain high-performing SOC teams, fostering trust, accountability, resilience, and calm leadership in high-pressure, 24x7 environments.
• The judgment to balance risk, impact, and operational tempo, ensuring the right resources are focused on the most critical threats and that staff are supported and not burned out.
• The ability to evaluate and improve SOC processes, playbooks, tooling, and staffing models, turning gaps and lessons learned into practical operational improvements.
• Strong communication and leadership presence, with the ability to translate technical realities into clear guidance for executives, agency partners, and incident commanders.
• Experience coordinating complex incident response efforts across multiple teams, agencies, and external partners, bringing clarity, structure, and confidence during major events.
• Extensive experience (typically 7+ years in cybersecurity, including leadership or senior operational roles within a SOC, IR, or security operations environment).
• Familiarity with security frameworks and best practices (NIST CSF, incident response lifecycle, MITRE ATT&CK) and how to apply them at an operational and programmatic level.
• Preference will be given to candidates with one or more of the following certifications: CISSP: (Certified Information Systems Security Professional), SC-200: Microsoft Security Operations Analyst, SC-100: Cybersecurity Architect, AZ-500: Azure Security Engineer, CompTIA CySA+ or Security+ , GIAC (GCIA, GCIH, GMON) for advanced threat hunting.

Benefits

• Comprehensive Health Coverage: Low-cost medical, vision, and dental plans for you and your family. Additional benefits include life insurance, short- and long-term disability, deferred compensation savings plans, and flexible spending accounts for health and childcare. Optional benefits including life insurance, disability, FSA, and more
• Generous Paid Time Off: 11 holidays, 3 personal business days, monthly sick leave and vacation leave that increases with years of service.
• Career Development: Opportunities for professional growth and advancement.
• Get There - Oregon’s easy-to-use carpool matching tool and trip planner.
• Public Service Loan Forgiveness: You may qualify for the PSLF program.
• Hybrid Work Opportunity: This position supports a hybrid work schedule. You can expect to work in the office 1 day per week, with work arrangements periodically reviewed to ensure business needs are met.