teya - Security Operations Manager
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 6–8 years’ experience in Security Operations, SOC, or Incident Response roles • Hands-on expertise operating SIEM and EDR tools in production environments • Proven experience leading technical incident response under pressure • Strong understanding of cloud and hybrid environments (AWS preferred) • Experience driving vulnerability remediation across engineering teams • Ability to work effectively with MDR / external security providers • Strong analytical skills and clear, calm communication during incidents • Fintech, payments, or regulated environment experience • Detection engineering, threat hunting, SOAR, or AI SOC experience • Security certifications (e.g. CISSP, CISM, GIAC) • Ways of working • Extreme ownership: You take end-to-end responsibility for outcomes, not just findings or tooling output • Pragmatic and delivery-aware: You balance risk reduction with product velocity, focusing on changes that materially reduce risk • Low-ego and collaborative: You build trust with engineers, product, and operations teams, influencing through credibility and partnership • Impact-driven: You measure success through outcomes—risk reduction, adoption, and time-to-remediate—not activity • Data-informed: You use metrics and trends to guide priorities and demonstrate impact • High bar for craft: You produce clear documentation, reusable patterns, and automation that scale across teams • AI-first mindset: You actively look for opportunities to use automation and AI to improve security outcomes
Responsibilities
• Lead technical incident response for phishing, malware, ransomware, data exposure, and account compromise. • Act as the primary escalation point during high-severity incidents, coordinating investigation, containment, and recovery. • Participate in and help run the security on-call rotation, including out-of-hours response. • Own and evolve SIEM operations: log onboarding, detection tuning, alert triage, and coverage. • Build high-signal detections and proactive threat hunting, turning threat intel into actionable alerts. • Use automation, SOAR, and AI-assisted workflows to reduce manual toil and improve MTTD/MTTR. • Own endpoint security operations (EDR, DLP), partnering with IT and engineering to harden controls. • Run the full vulnerability management lifecycle, driving remediation with clear ownership and accountability. • Manage operational relationships with MDR / SOC providers, ensuring effective triage and escalation. • Use metrics and reporting to drive operational improvement and demonstrate impact.
Benefits
• Continuous learning opportunities • Supportive community proud to serve the mission • Comprehensive benefits package
No credit card. Takes 10 seconds.