Disclaimer: Before you apply, please make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

 

About the Role

Do you thrive in high-pressure environments, leading a team to safeguard critical systems from ever-evolving cyber threats? Are you passionate about building a robust security posture and fostering a culture of security awareness? If so, we want you on our team!

As a SecOps Manager, you will lead a team responsible for integrating security practices into our software development and operations processes. You will collaborate with cross-functional teams to ensure the security of our applications, infrastructure, and cloud environments while promoting a culture of security within our organization.

Responsibilities:

  • Lead and mentor a team of SecOps engineers, providing guidance and support in implementing security best practices.
  • Develop and implement security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
  • Collaborate with development, operations, and security teams to integrate security into the software development lifecycle (SDLC) and CI/CD pipeline.
  • Conduct security assessments, code reviews, and penetration testing to identify and mitigate vulnerabilities.
  • Design and implement security controls for infrastructure as code (IaC), cloud environments, and containerized applications.
  • Automate security testing and compliance checks using scripting and configuration management tools.
  • Monitor and analyze security events and incidents, leading incident response efforts to minimize impact and prevent recurrence.
  • Stay informed about emerging security threats, vulnerabilities, and industry trends, providing guidance on mitigation strategies.
  • Partner with senior leadership to prioritize security initiatives and allocate resources effectively.
  • Implement automated monitoring and logging across the development and deployment pipeline to detect security incidents in real-time.
  • Utilize security information and event management (SIEM) systems, intrusion detection systems (IDS), and other security tools to monitor for suspicious activities and indicators of compromise.
  • Integrate security alerts and notifications into the CI/CD pipeline to facilitate rapid detection and response.
  • Upon detection of a security incident, initiate a thorough investigation to assess the scope and impact of the incident.
  • Analyze logs, network traffic, and system configurations to identify the root cause of the incident and determine the extent of any compromise.
  • Collaborate with development, operations, and security teams to gather relevant information and context for incident analysis.
  • Compliance Champion: Ensure adherence to industry regulations and security compliance frameworks (e.g., PCI DSS, HIPAA, SOC 2).
  • Security Advocacy & Awareness: Champion a culture of security awareness within the organization, developing and implementing security training programs for employees.

Qualifications:

  • Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
  • Minimum 7-10+ years of experience in information security with a proven track record of leading a security operations team.
  • Proven experience in DevOps, security, or software development roles, with a focus on security.
  • Strong leadership and team management skills, with experience leading cross-functional teams.
  • In-depth understanding of DevOps principles, methodologies, and tools.
  • Hands-on experience with cloud platforms (e.g., AWS, Azure, GCP), containerization technologies (e.g., Docker, Kubernetes), and infrastructure as code (IaC) tools.
  • Proficiency in scripting languages such as Python, PowerShell, or Bash.
  • Experience with security tools such as vulnerability scanners, intrusion detection systems (IDS), and security information and event management (SIEM) solutions.
  • Familiarity with compliance standards such as PCI DSS, HIPAA, and GDPR.
  • Excellent communication, collaboration, and problem-solving skills.

Preferred Qualifications:

  • Security certifications such as CISSP, CISM, or AWS Certified Security Specialty.
  • Experience with DevSecOps practices and tools (e.g., DevSecOps automation, shift-left security).
  • Knowledge of secure software development frameworks (e.g., OWASP).
  • Experience implementing security in Agile and DevOps environments.
  • Deep Experience in the following technologies:
    • DataDog
    • Cloudflare
    • Crowdstrike
    • Proofpoint
    • CyberArk EPM
    • BurpSuite
    • Amazon Security Hub, Guard Duty, Inspector
    • JumpCloud
    • Snyk
  • Experience in developing security budgets and managing security resources

 

#LI-REMOTE

Ace Your Job Interview

Read our advice on how to answer the most common interview questions.