Manager, Security Operations
Kitchener-Waterloo, Ontario, Canada
Ready to make an impact? Arctic Wolf is looking for a Manager, Security Operations to join our pack.
Arctic Wolf, the leader in security operations, is a fast-growing company in an exciting and fast-growing industry—Cybersecurity. How fast are we growing? Well, Arctic Wolf ranks #25 on the Deloitte Fast Technology 500 for North America in 2019! We have doubled headcount, customers, and revenue for five years running.
We are also cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds and ideas to make our teams even stronger. In fact, we are considered among the 2020 Best Places to Work by bizjournals.com.
At Arctic Wolf, we believe in corporate responsibility. Our offices across North America participate in volunteer programs throughout their communities, and we earned distinction from TravelWise for our efforts in promoting sustainable transportation.
About the Role:
The Manager of Security Operations is responsible for hiring and training all team SOC Triage Security Engineers and Security Analysts. The team delivers 24x7x365 detection, response, and customer engagement for our Managed Detection & Managed Risk service. This leader will own processes, SLA metrics and reporting, execution of the processes, measuring leading indicators of SLA attainment issues (along with immediate action to curb any SLA misses), and trending of all. This is in addition to performance management and development to the individual contributors and Team Leaders within the organization. The Security Operations Manager is responsible for effective communication between the Concierge Organization, Customers and Partners, Research and Development, and the Customer Success and Product Management organization.
The Manager of Security Operations is responsible for a functional process and the performance of the iSOC. This may take the form of Incident Triage, Ticket Triage, or any other functional role that is required to deliver exceptional value to customers. This team member will partner with Product Management to drive enhancements and evolution of the function they own and improvements within the platform that the team uses.
The Triage Engineers and Security Analysts are responsible for investigation and incident response capabilities for all customers. The Manager of Security Operations is capable to lead the team through the process and execute effectively when customer breaches require immediate investigation.
This role reports into the Director of the Security Operations and will have Team Leads reporting directly into them and/or technical individual contributors. Development of Team Leads as an extension of the day-to-day operations and execution of the Triage function will be paramount.
This role will require occasional travel between our Security Operations Centres as team members and peers are split across our various locations.
- Operate the world’s leading 24x7 Security Operations Center. While this role is considered business hours, the support for the team; which may take form in after hours from time to time is expected.
- Be a subject matter expert on event monitoring, triage, and response capabilities.
- Lead daily operations for a dedicated team of Technical Security Engineers performing managed Detection & Response services.
- Manage a 10+ member team of Security Analysts and Triage Engineers who are accountable for the execution of detection, response, and customer requests. The team members vary from 2 years to 25+ years experience.
- Develop, enhance, and operationalize processes to better execute customer expectations.
- Develop, measure, analyze, and maintain the internal and external service metrics for Service Operation, providing timely reports to leadership teams.
- Leverage metrics to make better informed decisions on how to improve the capability and functionality of the organization.
- Drive people management responsibilities for their organization
- Provide escalation support for both customer management challenges, security incidents, and ticket triage functions.
- Lead, coordinate, and train others on effective management of security incidents and operational responses for customers.
- Lead post-incident analysis and documentation to ensure accurate root causes of incidents are identified, appropriate preventive actions are realized and tracked, and reduce likelihood of future cybersecurity events across all customers.
- Effectively work with the R&D organization to improve detection capabilities proactively, from best practices, and lessons learned from post-mortems of customer experiences and feedback.
- Ensure that the organization stays current with new and emerging threats, security risks, and potential impacts to the business
- Seek innovative approaches to security incident response programs
- Assist with various audit of internal compliance to cybersecurity policies
- Interact with senior organizational leaders as required to facilitate the effective handling of incidents or delivery of triage
- Communicate exceptionally well with business and technical audiences
- Work with Product Management, R&D and the larger Security Services teams to ensure the Triage service has all tool and metrics to effectively deliver the triage service to customers.
- Ability to lead remote team members, as not all team members will be in the local office
Required Skills and Experience:
- A degree in Cybersecurity or equivalent and 5+ years experience working and managing within a SOC or support or customer facing function.
- 2+ years experience leading teams
- Passion for developing high performance teams
- Cybersecurity practical experience in the identified function (incident or ticket triage)
- Passion for Cybersecurity. Continually learning new attack vectors, new threats, and security framework expertise.
- Strong and demonstrated ability to define effective security processes. Ability to identify opportunities in current processes and take action to roll out necessary changes.
- Knowledge of industry adopted frameworks and methodologies (MITRE ATT&CK, CIS, NIST, ISO, PCI-DSS, etc)
- BS or Diploma in Computer Science, 4 years in a security role, or university degree in a Computer Security program desirable
- Ability to lead a technology-focused and driven SecOps team, to balance and prioritize across a fast-paced, growth-oriented global environment and to manage the team’s coverage and growth.
- Proven ability to rapidly analyze complex technical security threats and incident information to be able to communicate business-impacting risk to non-technical audiences.
- Ability to work independently, manage projects, and exercise judgement in reaching solutions.
- Demonstrated success in delivering analysis via a creative approach with the mindset of an adversary.
- Strong verbal and written communication required. Must be able to articulate written information to customers.
- You will be required to attend training, seminars, conferences, and webinars relevant to job role to enhance current knowledge base and skill set in order to improve job performance and efficiency.
- Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information.
- Background checks are required for this position
- Other industry certifications such as Bachelors or Masters Degrees in IT/Computer Science, Cybersecurity, CISSP, etc
Working at Arctic Wolf:
Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data— we get to work in an industry that is fundamental to the greater good.
All wolves receive compelling compensation and benefits packages, including:
- Equity for all employees
- Paid parental leave
- Training and career development programs
If you're excited about this role, but do not meet all of the qualifications listed above, we encourage you to apply anyway. We review all applications and still may consider you the right person for the role or have another open position where you’re the perfect fit.
Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law.
Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment that ensures equal access and participation for people with disabilities. Please let us know if you require any accommodations by emailing email@example.com.
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open SOC Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open Principal Security Engineer Jobs
- Open Information Security Architect Jobs
- Open IT Security Engineer Jobs
- Open Information Security Officer Jobs
- Open Staff Security Engineer Jobs
- Open Vulnerability Analyst Jobs
- Open Personnel Security Officer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Analyst Jobs
- Open IAM Engineer Jobs
- Open Software Security Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Senior Incident Response Analyst Jobs
- Open DevOps Security Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Privacy Manager Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Cybersecurity Analyst Jobs
- Open NIST-related jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open CEH-related jobs
- Open Open Source-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open Splunk-related jobs
- Open Machine Learning-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Encryption-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open TCP/IP-related jobs
- Open DevSecOps-related jobs
- Open PowerShell-related jobs
- Open Unix-related jobs
- Open DNS-related jobs