Role Description American Express is seeking a highly experienced and driven Senior Manager to lead its Incident Response team on the night shift (3:00 PM – 11:00 PM PHX). - This senior leadership role demands a balance of strong people leadership and deep technical expertise across the full incident response lifecycle—from preparedness and active investigations to post-incident review. - As the primary escalation point for the night shift, you will serve as the most senior technical authority. - Guide complex investigations, conduct in-depth analysis, identify attacker tactics, techniques, and procedures (TTPs), and develop comprehensive attack narratives. - Lead and coordinate response actions while ensuring alignment with enterprise security objectives. - Strengthen team capabilities across people, process, and technology, enabling the investigation and mitigation of sophisticated threats. - Success in this position depends on critical thinking, sound judgment, innovative problem-solving, and clear, effective communication across both technical and executive audiences. Qualifications - Strong people leadership skills. - Deep technical expertise in incident response. - Experience with complex investigations and analysis. - Ability to identify attacker tactics, techniques, and procedures (TTPs). - Proven track record in developing comprehensive attack narratives. - Strong communication skills for both technical and executive audiences. Requirements - Experience leading incident response teams. - Proficiency in managing the full incident response lifecycle. - Ability to work night shift (3:00 PM – 11:00 PM PHX). - Strong problem-solving skills. - Ability to foster a culture of passion, curiosity, and courage. Benefits - Opportunity to work with talented tech teams. - Access to the latest technologies. - Commitment to back the broader engineering community through open source. - Support for personal and professional growth.

Title: Manager, Security Operations (Sentinel) Country: United States Cities: Atlanta This position is open to candidates in most major US cities; Approved locations are listed on this requisition. Candidates are welcome to work remotely or out of one of our regional offices. Travel is required. Avanade’s Security Practice supports clients in protecting, detecting, and responding to cyber threats using Microsoft’s security ecosystem. This role sits within Security Operations and focuses on delivering managed and co-managed security monitoring, detection engineering, incident response, and continuous improvement using Microsoft Sentinel as the primary SIEM and SOAR platform. The role operates in a client-facing, delivery-focused environment and collaborates closely with client security teams, Avanade delivery teams, and Microsoft partners. Role Overview The Security Operations Manager is responsible for delivering security monitoring and incident response services using Microsoft Sentinel, helping clients detect, investigate, and respond to security threats in hybrid and cloud environments. This role contributes to the design, implementation, tuning, and ongoing operation of Sentinel-based security solutions and supports clients in improving their security posture and operational maturity. The role operates in a matrixed delivery environment, working directly with clients, internal security architects, and Microsoft-aligned teams. As a client-facing role, this position is expected to demonstrate Avanade’s values, professional consulting behaviors, and a strong focus on quality and outcomes. Qualifications Education, Certifications and Experience • Bachelor’s degree in a relevant field or equivalent professional experience & certifications • 7+ years cybersecurity experience with hands-on delivery and leading workstreams & delivery teams • 2+ years consulting experience • Microsoft Security Certifications Knowledge, Skills, and Abilities Experience delivering security solutions across one or more domains: • Cyber Defense / SOC / XDR • Identity & Access Management • Data Protection & Compliance • Cloud & Infrastructure Security Proven ability to: • Lead delivery teams • Manage client expectations • Contribute to pre sales or solution shaping Strong familiarity with: • Microsoft 365 Security • Azure security services • Zero Trust principles Compensation at Avanade varies depending on a wide array of factors, which may include but are not limited to the specific office location, role, skill set, and level of experience. As required by local law, Avanade provides a reasonable range of compensation for roles that may be hired as set forth below. Avanade offers a market competitive suite of benefits including medical, dental, vision, life, and long-term disability coverage, a 401(k) plan, bonus opportunities, paid holidays, and paid time off. Role Location Annual Salary Range California $150,400 to $178,600 Cleveland $139,200 to $165,300 Colorado $139,200 to $165,300 District of Columbia $155,200 to $184,300 Illinois $150,400 to $178,600 Maryland $155,200 to $184,300 Massachusetts $155,200 to $184,300 Minnesota $150,400 to $178,600 New York $164,800 to $195,700 New Jersey $150,400 to $178,600 Washington $155,200 to $184,300 Additional Information Equal Employment Opportunity Statement All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

Role Description Everforth ECS is seeking a Security Operations Manager to work remotely. This position is contingent upon contract award. The Security Operations Manager will be the single POC providing ongoing status and progress to the NIAID CO and COR. In this role, you will be responsible for: - Cybersecurity incident resolution, including investigation and response to minimize the impact or likelihood of incidents. - Monitoring of NIAID systems and components to detect potential threats. - Project management and engineering support for the improvement and automation of security operations tools and processes. - Project support for improving and automating security operations capabilities, including: - Developing solutions and options for project milestones. - Developing project plans in a task and completion tracking tool such as Jira. - Reporting on progress in real-time using an IT Service Management tool such as ServiceNow. - Responding to and resolving security and privacy incidents and coordinating with the NIH Threat Management and Incident Response (TMIR) team and privacy coordinators according to NIH or Federal format and timelines. - Advising and assisting with SOC architecture activities for all SOC information systems initiatives supporting all SOC tools and capabilities. Salary Range: $150,000 - $190,000 Qualifications - Bachelor's degree in Cybersecurity, Computer Science, or related field. - Active Public Trust or higher security clearance. - Minimum of 10 years of experience in cybersecurity; 15 years’ experience preferred. - 8+ years’ experience leading and delivering in security operations programs and incident management for comparably sized federal agencies and security programs. - Shall have at least one of the following industry-recognized certifications: - Certified Information System Security Professional (CISSP) - Global Information Assurance Certification (GIAC) - Certified Enterprise Defender (GCED) - GIAC Certified Incident Handler (GCIH) - Certified Network Defender (CND) - Systems Security Certified Practitioner (SSCP) - Proven ability to understand threats, evaluate the impact of potential incidents, and recommend risk reduction techniques. - Demonstrated expertise in analyzing and providing clear and concise risk reports, dashboards, and other visualizations to federal risk executives, system operators, and system stakeholders. - Knowledge of and experience overseeing the administration and configuration of security tools. - Experience with enterprise-wide penetration testing remediation to comply with agency remediation standards. - Documented experience in monitoring an enterprise-wide environment for potential security incidents. - Experience in establishing and enhancing security operations capabilities and proactively identifying potential risks. - Experience in setting up, administering, and enhancing cybersecurity tools and security operations processes. - Knowledge of different operational threat environments and incident categories. - Reside within the Washington DC Metro area. - Travel within the Washington DC Metro Area, and CONUS as needed. Requirements - Cybersecurity incident resolution. - Monitoring of systems for potential threats. - Project management and engineering support. - Coordination with NIH TMIR team and privacy coordinators. - Advising on SOC architecture activities. Benefits - General Description of Benefits

Company Description It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone. Job Description What you get to do in this role: The Customer Outcomes Technical Consultant (TC) designs processes, built on ServiceNow, to achieve customers' desired outcomes. The TC provides expertise related to the processes enabled by the ServiceNow platform.• Apply ServiceNow knowledge and Security Operations domain expertise in customer engagements to provide optimum workflows.• Design efficient workflows based on ServiceNow SecOps product capabilities and leading practices, ensuring that the proposed solutions meet the customer's expectations.• Draft user stories and train customers to create their own acceptance criteria, testing strategy, and knowledge transfer while supporting customers in reviewing and approving them.• Be a contributor to leading practices and provide expertise related to the ServiceNow platform or solutions and workflows built on the platform.• Provide feedback to product development to improve the product based on experiences gained with customers.• Work with partners, in a co-delivery engagement, bringing leading practices guidance to the customer and partner team.• Play an important part of the Now Assure offering working with ServiceNow Partners.• Support the professional development of others through means of mentoring• Seen as an expert across the industry and an active contributor of leading practices.• Involved in more complex engagements, providing deeper expertise in a single workflow or scope across multiple workflows Qualifications To be successful in this role you have:• Minimum of 10 years of experience within a professional services organization or a similar client-facing, billable role.• Current experience security operations consulting engagements is preferred.• Industry domain expertise in Security Operations is preferred.• CISSP or equivalent certifications are highly preferred.• JavaScript proficiency is preferred.• Ability to fulfill technical consultant tasks as needed.• Experience driving complex issues through analysis and resolution.• Experience working collaboratively.• Ability to travel up to 50%• Ability to acquire all certifications in the "certification preferred" list within 90 days of hire. • ServiceNow certifications preferred: o ServiceNow Certified System Administrator o ServiceNow Certified Developer o ServiceNow Certified Data Foundations o ServiceNow Vulnerability Response Implementations Certification o ServiceNow Security Incident Response Certification For positions in this location, we offer a base pay of $192,400 - $336,700, plus equity (when applicable), variable/incentive compensation and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the base pay shown is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. We also offer health plans, including flexible spending accounts, a 401(k) Plan with company match, ESPP, matching donations, a flexible time away plan and family leave programs. Compensation is based on the geographic location in which the role is located and is subject to change based on work location. Additional Information Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service. Equal Opportunity Employer ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. Accommodations We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance. Export Control Regulations For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.