SOC Analyst L2 responsible for managing and analyzing security incidents in digital transformation. Contributing directly to the protection of companies and infrastructures.
MP
Hybrid Senior Manager, Security Operations
Posted 8 hours ago
About the role
- Senior Manager leading global IT security operations to protect company data and assets at Keenova. Overseeing incident response, monitoring, and cybersecurity capabilities with strategic oversight.
Responsibilities
- Responsible for the global IT security operations of the Company which includes management and oversight of a significant third-party provider.
- Ensures 24/7 coverage for incident response, detection and recovery and is accountable for ensuring and following escalation paths and providing incident communications to appropriate Senior Leaders within the Company.
- Serves as a strategic advisor to influence outcomes and build top-performing programs collaborating with internal stakeholders and working with advanced technologies.
- Oversee day-to-day security operations execution, including incident detection, investigation, response, and recovery, with clear escalation paths and incident communications.
- Define and maintain the security operations operating model (coverage, on-call rotations, severity taxonomy, runbooks/playbooks, and stakeholder communications) to ensure repeatable execution.
- Own and regularly exercise incident response playbooks (e.g., ransomware, business email compromise, insider threat, cloud compromise), including tabletop exercises and after-action reviews.
- Lead security monitoring and detection engineering (log onboarding, alert tuning, false-positive reduction, and coverage mapping such as MITRE ATT&CK).
- Implement and govern risk-based vulnerability and exposure management (prioritization, remediation SLAs, exception/risk acceptance, and reporting to technology owners and leadership).
- Lead engineering and operational support of IT security solutions, tools, and systems (e.g., SIEM, EDR, email security, IAM-related monitoring, network security monitoring, DLP, vulnerability scanning).
- Manage performance and outcomes for security operations vendors and service providers (MDR/MSSP), including SLAs, runbooks, escalations, and continuous service improvement.
- Develop and report security operations metrics and dashboards (e.g., MTTD/MTTR, alert fidelity, vulnerability SLA performance) and present trends, risks, and improvement plans to stakeholders.
- Drive security operations automation and workflow integration (ticketing, enrichment, containment actions where appropriate) to improve consistency, scalability, and response speed.
- Perform and/or oversee security testing of applications, networks, and infrastructure (vulnerability assessments, penetration testing coordination, and validation of remediation).
- Support development and operation of data loss prevention (DLP) strategies and tooling; partner with Legal/Privacy on data handling requirements.
- Contribute to and coordinate audit and regulatory support efforts with internal and external auditors; create and manage responses to security reports, notifications, and alerts.
- Implement solutions observing compliance and control requirements (SOX, privacy laws, and applicable security standards) and drive continuous improvement of policies, procedures, and control effectiveness.
- Manage and develop information security operations staff and/or service partners through goal setting, mentoring, and career development; lead cross-functional security projects.
- Maintain a broad knowledge of current and emerging threats, technologies, architectures, and products; identify opportunities to enhance threat intelligence coverage and monitoring capabilities.
Requirements
- Bachelor’s degree or advanced degree preferred; professional security management certification preferred (e.g., CISSP, CISM, CISA, or similar).
- 10+ years of experience in cybersecurity, including 5+ years of direct experience in security operations (e.g., SIEM, IDS/IPS, network security, email security, endpoint security, vulnerability management, and incident response).
- 5+ years of management/leadership experience, including managing people, projects, budgets, vendors, and operational processes.
- Experience with SOC models and operations, including use-case development, alert tuning, and incident escalation practices.
- Experience with vendor management, including contract negotiations, service delivery oversight, and maximizing the use of third-party resources (e.g., MDR/MSSP).
- Experience in ITIL, including change management principles and practices.
- Experience with gap assessments, penetration testing approaches, and patch/vulnerability remediation coordination.
- Experience with modern security tools across key domains (SIEM, EDR, MDR, EASM, network defense, vulnerability scanning, encryption, and cloud security).
- Pharmaceutical industry experience strongly desired.
Benefits
- Competitive pay and benefits
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
SOC Analyst L3 managing and analyzing security events and incidents for Var Group. Responsible for incident management and proactive threat analysis.
Security Operations Center leader at Woven by Toyota, managing triage and response to security alerts in Japan. Collaborating with global SOCs to ensure 24/7 operations.
GSOC Analyst responsible for security operations at Paramount Studios. Developing workflows, incident response, and risk monitoring in a dynamic team environment.
Senior Cybersecurity Analyst enhancing detection and response capabilities at Insulet, focusing on threat detection and incident response.
Supervisor for Global Security Operations Center at Enbridge. Leading a dedicated 24/7 team to monitor and protect global facilities and assets.
Security Operations Analyst at Orion Health focusing on monitoring and maintaining security tools while collaborating with teams. Engaging with real - world threats and enhancing operational security processes.
Senior Global Security Analyst overseeing physical security operations at Dolby’s San Francisco headquarters. Collaborating with global partners to strengthen safety systems across Dolby locations.
Director overseeing integrated security operations, focusing on SOC management and cyber defense strategies for a fintech company in Canada.
Security Operations Engineer protecting Notion’s systems and users by investigating and responding to security events. Collaborating with a global team to enhance security processes and protocols.