Manager, Security Operations

Responsibilities

• Lead the team responsible for detecting, investigating, responding to, and learning from security events
• Manage and coach a team of security engineers while remaining hands-on with detection design, alert tuning, incident response, runbooks, operations, and security automation
• Manage relationships with security operations vendors
• Work closely with Security, Engineering, IT, Compliance, Privacy, and external partners to improve protection of patient and provider data

Requirements

• 5+ years of professional experience in security operations, detection engineering, incident response, threat hunting, cloud security, or a related security engineering role
• 2+ years of direct people management experience for security engineers, incident responders, analysts, or a security operations / detection and response team
• Hands-on proficiency building, tuning, and operating detections in a modern SIEM and managing a SOAR tool (or comparable security operations solutions)
• Demonstrated expertise leading or materially contributing to incident response, including triage, containment, stakeholder communication, and post-incident improvements
• Working knowledge of cloud service provider and SaaS security telemetry, identity logs, endpoint security signals, and common attacker behaviors

Nice-to-Haves

• Experience in healthcare or another regulated environment where incident response, privacy, and compliance requirements intersect
• Experience owning an MDR provider relationship, defining escalation quality expectations, running vendor reviews, and improving vendor-to-internal handoff workflows
• Experience applying MITRE ATT&CK, threat hunting methods, or detection engineering frameworks to prioritize coverage gaps
• Proficiency querying and analyzing security data using SQL, Python, or similar tools; familiarity with security data lakes, OCSF, Athena, Trino, Panther, or comparable platforms
• Experience building or improving security on-call, shared escalation models, incident command, tabletop exercises, or post-incident review practices
• Relevant security certifications such as OSCP, GCIH, GCIA, GCFA, or GSOC

Benefits

• 100% remote work environment (must be based in United States, currently not hiring in Hawaii)
• Comprehensive health benefits: Medical, dental, vision, life, disability, and FSA/HSA
• 401(k) plan access
• Generous time-off policies including 2 company-wide shutdown weeks each year
• Paid parental leave
• Employee Assistance Program (EAP)
• Quarterly department stipend
• Home office stipend & $50 monthly stipend for internet or cell phone expenses
• $50/month wellness stipend