# Technical Manager, Information Security

**Company:** [Atomicmachines](https://hotfix.jobs/companies/atomicmachines)
**Location:** Emeryville, CA, Santa Clara, CA, California
**Role:** Security Engineering
**Salary:** $200k – $260k/yr
**Experience:** 8+ years
**Skills:** Splunk, Microsoft Sentinel, Aws Security Hub, Aws Guardduty, Aws Cloudtrail, Aws Config, Aws Iam, Aws Macie, Aws Inspector, Next-Gen Firewalls, Ids/Ips, Edr/Xdr, Vulnerability Scanners, Okta
**Posted:** 2026-04-22

> Hands-on technical manager overseeing cybersecurity tools, detection/response programs, cloud/OT security, and vendor teams in a manufacturing environment. Requires 8+ years experience, SIEM expertise, AWS security knowledge, and leadership skills.

## Job Description

## What You’ll Do

### Primary Responsibilities

**Security Tool Management**
- Own end-to-end lifecycle management of the enterprise security toolset, including deployment, configuration, tuning, and decommissioning.
- Configure and manage network security platforms, including next-gen firewalls, IDS/IPS, DDI, VPN, NAC, Web Filtering, CASB/SASE, SIEM, EDR/XDR, vulnerability scanners, and network traffic visibility solutions.
- Manage SIEM operations, including data source onboarding, log normalization, correlation rule development, and alert tuning.
- Develop and enforce network device hardening standards; serve as the senior technical escalation point for break/fix incidents across internal and vendor teams.

**Team Leadership & Vendor Management**
- Lead and mentor internal technical staff and external security vendors, holding all parties accountable to SLAs, quality standards, and security outcomes.
- Partner with MSPs, SOCs, and specialized vendors to extend team capabilities; conduct regular performance reviews and contract evaluations.
- Interface with IT leadership and security management to develop solutions that meet evolving business and regulatory requirements.

**AWS Security & Cloud Posture**
- Define and enforce cloud security best practices across all accounts and organizational units, including IAM least-privilege, resource policy governance, and SCP guardrails.
- Lead implementation and tuning of cloud security services; maintain network security architecture, including VPC segmentation, security groups, PrivateLink, WAF, and DDoS protection services.
- Help embed security into CI/CD pipelines, Infrastructure as Code(IaC) templates in partnership with cloud and platform engineering teams.
- Define cloud security configuration standards (CIS Benchmarks, Security Best Practices, etc.) and enforce automated compliance.

**Threat Detection & Incident Response**
- Lead threat-model–driven detection strategy across SIEM, cloud-native platforms, and adjacent tooling, ensuring coverage across cloud, SaaS, endpoint, and identity domains.
- Serve as our senior escalation point during complex incidents, driving technical analysis, coordinating response, and guiding post-incident remediation.
- Identify gaps in detection coverage, telemetry ingestion, and automation; mature playbooks to reduce detection and response time across security operations.

**OT/ICS & Manufacturing Security**
- Conduct OT cybersecurity assessments, identifying risks and prioritizing remediation recommendations.
- Design and support network segmentation strategies for OT/IT convergence environments, including segmented ICS networks.
- Identify and implement appropriate remote and local access controls for manufacturing systems, collaborating with engineering and operations teams to avoid disrupting production.

**Architecture & Engineering Standards**
- Own and maintain architectural standards, including reference architectures, data flow diagrams, detection pipeline operating models, and security design patterns.
- Partner with IT infrastructure, platform, and engineering teams to embed security into cloud design, IAM strategy, and network architecture from inception.

**Policy, Compliance & Governance**
- Develop and maintain security policies and procedures aligned to support regulatory requirements (NIST, SOC 2, ISO 27001).
- Ensure audit-readiness and evidence collection for compliance assessments; produce stakeholder-ready risk articulations, including impact assessments and recommended mitigations.

## What You’ll Need
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related technical field. Equivalent combination of education and experience considered.
- 8+ years of progressive cybersecurity engineering experience, with at least 2–3 years in a technical lead or people management capacity.
- Demonstrated experience managing both internal security engineers and external vendors/MSSPs, with accountability for security outcomes and SLA adherence.
- Hands-on expertise with enterprise SIEM platforms (Splunk, Sentinel, Chronicle, or equivalent) including detection rule authoring, data onboarding, and operational tuning.
- Deep working knowledge of cloud security services: Security Hub, GuardDuty, CloudTrail, Config, IAM, Macie, Inspector, VPC security architecture, and SCPs.
- Experience conducting OT/ICS cybersecurity assessments in manufacturing, industrial, or critical infrastructure environments is strongly preferred.
- Familiarity with threat modeling frameworks (MITRE ATT&CK, STRIDE) and their application to cloud and OT environments.
- Experience developing security automation using SOAR platforms (Palo Alto XSOAR, Splunk SOAR, Tines, or equivalent) and scripting (Python, PowerShell).
- CISSP or CISM, AWS Certification, CompTIA Security+, GIAC, GCIA, GCIH, Palo Alto PCNSE or Splunk Certified Architect, etc.

**Technical Skills:**
- SIEM / Detection: Splunk ES, Microsoft Sentinel, Rapid 7, Palo Alto – rule authoring, data onboarding, correlation tuning
- AWS Security: Security Hub, GuardDuty, CloudTrail, Config, Macie, Inspector, WAF, IAM, SCPs, VPC security architecture, AWS Organizations
- Security Tools: Firewalls, IDS/IPS, SIEM (Rapid7/Splunk/Palo Alto), NAC (Cisco ISE/Aruba ClearPass), Vulnerability Scanners
- Cloud IAM: AWS IAM, Okta, Azure AD/Entra ID, PAM (CyberArk/BeyondTrust) – identity governance and least privilege
- OT/ICS Security: Dragos, Claroty, or Nozomi – OT visibility; Purdue model, IEC 62443, NERC CIP

## Similar roles

- [Senior Software Engineer](https://hotfix.jobs/jobs/2ad28874-4486-42ff-949a-ec54985c2762) - Snowflake - Bellevue, WA - $200k – $288k/yr
- [Senior Software Engineer, Security Foundations](https://hotfix.jobs/jobs/8c688ac7-38e0-46a2-b2ba-354f76225dd9) - Snowflake - Bellevue, WA - $200k – $288k/yr
- [Threat Detection Researcher](https://hotfix.jobs/jobs/60492183-92a6-41ba-871a-dbb16f8bec0a) - Wiz - New York, NY - $200k – $250k/yr
- [Senior Software Engineer](https://hotfix.jobs/jobs/433780b4-d2fd-4bcc-9ee2-fcd1bd108c8b) - Snowflake - Bellevue, WA - $200k – $288k/yr
- [Senior Security Engineer](https://hotfix.jobs/jobs/fa234775-f608-479b-915b-0824104827f0) - Novig - New York, NY - $200k – $250k/yr

**Apply:** https://hotfix.jobs/jobs/57a0b9e7-4f13-41b2-8506-e52a6c8bc140
**Canonical:** https://hotfix.jobs/jobs/57a0b9e7-4f13-41b2-8506-e52a6c8bc140