Cybersecurity Operations & Incident Response Manager

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Cybersecurity Operations & Incident Response Manager in California.

This role offers the opportunity to lead a critical, high-visibility cybersecurity function in a fast-paced, innovative environment. You will manage a 24×7 security operations capability across hybrid on-premises and cloud systems, overseeing incident response, threat detection, vulnerability management, and SOC operations. The position blends hands‑on technical expertise with strategic leadership, enabling rapid detection and remediation of security events. You will collaborate across engineering, IT, legal, and compliance teams while mentoring and developing analysts.

This is a key role for shaping the organization’s security posture, driving continuous improvement, and influencing both technology and business decisions. The role provides autonomy, visibility, and impact in a dynamic and forward‑thinking environment, with a competitive salary and full‑time commitment.

• Lead and manage a lean, highly effective Security and Threat Operations team, including hiring, coaching, and professional development
• Establish operating rhythms, standard operating procedures, and incident response workflows to ensure consistent detection, containment, and recovery
• Build and maintain the Security & Threat Operations strategy aligned with organizational risk, business objectives, and regulatory requirements
• Oversee day‑to‑day security monitoring, SIEM/SOAR operations, detection engineering, log pipelines, and alert tuning
• Serve as incident commander for high‑severity events, coordinating cross‑functional response and post‑incident reviews
• Own vulnerability management lifecycle, including discovery, triage, remediation prioritization, and risk‑based orchestration
• Manage third‑party SOC/MSSP relationships, ensuring quality, adherence to runbooks, and continuous process improvements
• Integrate threat intelligence into detection and response operations, and build purple team and threat hunting capabilities
• Report KPIs, KRIs, and security performance metrics to executive leadership and support audit and regulatory obligations

• 8+ years in Security Operations, Incident Response, Detection Engineering, or Threat Hunting, with 3+ years in leadership or program management roles
• Bachelor’s degree in Information Security, Computer Science, or related field, or equivalent practical experience
• Hands‑on expertise in hybrid environments (on‑prem AD, Entra /Azure AD, Okta, Microsoft 365, Zscaler, cloud APIs, containerized workloads)
• Strong technical skills with SIEM/SOAR, EDR, log pipelines, detection content creation, and tuning
• Proven experience as an incident commander, with forensics, containment, and executive communication skills
• Experience managing vulnerability programs, risk‑based remediation, and SOC/MSSP oversight
• Familiarity with MITRE ATT&CK, cyber kill chain, threat‑led validation, and regulatory compliance frameworks (NIST, FFIEC, GLBA)
• Excellent communication and collaboration skills, with the ability to translate technical risks into business terms
• Scripting or automation experience (Python, Type Script, or similar) to improve operational efficiency
• Prior experience in regulated industries (finance, healthcare, etc.) is strongly preferred

• Competitive salary range: $162,681 - $200,000
• Comprehensive health, dental, and vision coverage
• Retirement savings plans including 401(k) with matching
• Paid time off and flexible work arrangements
• Professional development opportunities and career growth
• Remote work with occasional travel as required for operational coverage

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role’s core requirements. Our system identifies the top‑fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!