Security Manager

Get to Know Us

Horizon
3.ai is a fast-growing, remote cybersecurity company dedicated to the mission of enabling organizations to proactively find and fix and verify exploitable attack vectors before criminals exploit them. Our flagship product, the NodeZeroTM platform, delivers production-safe autonomous pentests and other key assessment operations that scale across the largest internal, external, cloud, and hybrid cloud environments. Node Zero has been adopted by organizations of all sizes, from small educational institutions to government agencies and Global 100 enterprises.

It is used by ITOps/Sec Ops teams, consulting pentesters, and MSSPs and MSPs.

We are a fusion of former U.S. Special Operations cyber operators, startup engineers, and formerly frustrated cybersecurity practitioners. We're committed to helping solve our common security problems: ineffective security tools, false positives resulting in alert fatigue, blind spots, "checkbox" security culture, cybersecurity skills shortage, and the long lead time and expense of hiring outside consultants. Collectively, we are a team of learn it alls, committed to a culture of respect, collaboration, ownership, and results.

We are seeking a highly motivated and experienced Security Operations Center (SOC) Manager to lead our internal SOC. We aren’t building a traditional, "stare-at-screens" SOC. As the SOC Manager, you are the architect of our defensive and offensive resilience. This is a high-impact, hybrid leadership role designed for a "builder" who thrives in the fast-paced environment of a scaling startup. You will lead a sophisticated team that doesn't just monitor alerts but actively engineers a self-healing security ecosystem.

You will bridge the gap between technical execution and strategic risk reduction. Your focus is to integrate AI/ML-enabled detection, hyperautomation, dynamic defensive controls, and continuous offensive testing into a unified operation that scales seamlessly with our business.

• Build & Lead the Horizon3 SOC: Establish and scale the core Security Operations Center. You will define functional requirements for all SOC capabilities, ensuring every tool and process is mapped to a formal operational needs statement.

• Proactive Threat Intelligence: Lead the Threat Intel function by collecting, analyzing, and disseminating actionable intelligence. You will integrate open-source (OSINT), commercial, and dark web feeds into our SIEM/SOAR to pivot from reactive alerting to proactive threat hunting and adversary tracking.

• Incident Response Leadership: Act as the primary lead for incident response actions across the Horizon3 enterprise, ensuring rapid containment and thorough remediation of any security events.

• Strategic Capability Mapping: Continuously assess cybersecurity capabilities to identify gaps in coverage and visibility. You will map these gaps to industry frameworks such as—MITRE ATT&CK, NIST CSF, CIS, and SANS Top 20—and provide data-driven recommendations for improvements.

• Drive Hyperautomation: Transition the SOC from manual intervention to an automation-first culture. You will design SOAR workflows and leverage AI/ML tools to automate triage, investigation, and remediation.

• Operationalize Offensive Security: Oversee internal penetration testing and "Purple Team" exercises. You will use these findings to continuously tune detection logic and preventative controls. You will lead the transition from manual playbooks to AI/ML-driven SOAR workflows that automate triage and response. Manual playbooks will be created and leveraged as needed as well.

• Scale the Engine: Build and mentor a high-performing team of detection engineers and analysts. You will define the hiring roadmap and operational processes that allow us to scale 10x without compromising security.

• Threat Engineering: Lead the development of custom detection signatures (Sigma, YARA) and proactive threat hunting programs focused on our SaaS infrastructure and CI/CD pipelines.

• Strategic Alignment: Translate complex security telemetry into actionable business intelligence. You will manage the budget, vendor relationships, and KPIs that demonstrate systemic risk reduction to executive leadership.

• Documentation: Create and maintain comprehensive documentation for SOC processes, SOPs, system configurations, and end-user guides.

• Automation and AI: Drive the adoption of automation and AI within IT operations to reduce manual effort, including configuring chatbots for Tier 1 and 2 support, lifecycle management for secure onboarding and offboarding sequences, automating ticket routing, securely provisioning and de-provisioning applications, and implementing predictive system maintenance alerts.

• Zero Trust & SASE: Own the management and operational health of our SASE environment. You will leverage these platforms to enforce granular access policies, provide deep SSL inspection, Data Loss Prevention (DLP), and secure our distributed workforce without a…