Technical Senior Manager, Security Operations

What You'll Do

• Act as the primary technical escalation point for complex operational issues across SIEM and continuous monitoring programs, ensuring quick and effective resolutions.
• Maintain and optimize critical security systems, including SIEM platforms (e.g., Splunk, ELK, SumoLogic, Sentinel), vulnerability management and scanning tools (e.g., Nessus, Qualys, Tenable), and Anti-Virus/EDR solutions (Trend Micro Deep Security Manager, Microsoft Defender, Crowdstrike).
• Oversee continuous monitoring activities for FedRAMP and other compliance programs, including vulnerability scanning, configuration management, security control validation, and compliance artifact generation
• Monitor and improve the team's use of automation and monitoring tools to drive operational efficiency across both SIEM and vulnerability management workflows.
• Analyze and resolve system performance issues, ensuring compliance with FedRAMP, SOC, HIPAA, and other security/operational standards.
• Participate in incident response, threat hunting, and post-mortem analysis to identify root causes and prevent recurrence.
• Manage a team of engineers across SIEM operations and continuous monitoring (vulnerability management) functions, fostering a high-performing and engaged team culture.
• Mentor and support the professional growth of engineers through training, feedback, and career development planning.
• Assist with hiring, onboarding, and retention to ensure team stability and growth.
• Oversee day-to-day delivery of security services, ensuring operational consistency and high-quality outcomes for both SIEM and continuous monitoring programs.
• Track and optimize key metrics such as incident response times, vulnerability remediation rates, false positive reduction, operational efficiency, and compliance posture.
• Develop and refine processes for incident response, vulnerability remediation, continuous monitoring reporting, and compliance documentation.
• Work with cross-functional teams, including consulting teams, SREs, and professional services teams, to improve service delivery and client satisfaction.

What You'll Bring

• 7+ years of hands-on experience in technical roles, such as engineering or operations.
• Proven ability to manage operational processes and handle escalations.
• Experience balancing individual contributor work with team oversight.
• Strong technical expertise with SIEM platforms (e.g., Splunk, ELK, SumoLogic, Sentinel) and vulnerability management tools (e.g., Nessus, Qualys, Tenable).
• Deep understanding of continuous monitoring requirements for FedRAMP, including OSCAL, POA&M management, and automated security control validation.
• Proven ability to troubleshoot and resolve complex technical issues in high-pressure environments across both threat detection and vulnerability management domains.
• Hands-on experience with cloud platforms (AWS, Azure, or GCP) and their associated security practices, including cloud-native vulnerability scanning and CSPM tools.
• Solid understanding of security compliance frameworks (e.g., FedRAMP, SOC, HIPAA, NIST 800-53).
• Ability to mentor and guide team members while contributing to technical solutions.
• Strong written and verbal communication skills, particularly in documenting technical insights and creating compliance artifacts.
• Bachelor’s degree (four-year college or university) or a equivalent work experience.

Bonus Points

• Experience managing FedRAMP continuous monitoring programs, including ConMon reporting, deviation requests, and ATO maintenance activities.
• Familiarity with IT frameworks such as ITIL or TOGAF.
• Experience with automation tools (e.g., Terraform, Ansible, Python) for security operations and vulnerability remediation workflows.
• Experience with Anti-Virus and EDR tools (e.g., Trend Micro DSM, Crowdstrike, Microsoft Defender).
• Experience with Agile delivery practices or lightweight project management tools.
• Background managing both proactive security monitoring and reactive incident response programs.
• Experience working in professional services or managed services environments.
• Background in customer-facing roles, such as technical support or escalation management.
• Certifications in cloud platforms (AWS, Azure, GCP) are or security tools (e.g., Splunk, Nessus)