Bugcrowd logo
Bugcrowd

See Security Differently™

Manager, Security Operations

Security OperationsSecurity OperationsFull TimeRemoteSeniorTeam 201-500Since 2012H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

3 days ago

Salary

$129.3K - $161.6K / year

Seniority

Senior

Bachelor Degree5 yrs expEnglishCloud

Job Description

Manager, Security Operations

Bugcrowd

• Lead, coach, and develop a team of Security Consultants through regular feedback, career development, and performance management • Serve as a subject matter expert in at least one security specialty (web, network, cloud, or mobile) and provide technical guidance to internal and external stakeholders • Demonstrate expertise across all vulnerability submission types and support complex escalations and appeals, partnering with other business units as needed • Drive operational excellence by measuring team performance, identifying opportunities for automation, and implementing process improvements • Plan, prioritize, and manage team workloads while adapting to changing business needs and customer priorities • Mentor team members and contribute to the growth of the broader security organization through knowledge sharing and technical leadership • Build strong cross-functional partnerships to improve workflows and deliver high-quality customer outcomes • Lead effective meetings, clearly communicate priorities, and ensure timely execution of action items • Act as a trusted advisor to leadership and customers by providing sound technical judgment and operational insight • Stay current on security industry standards, emerging threats, and best practices to continuously improve team capabilities.

Job Requirements

  • 5+ years of experience in Security Operations, Application Security, Incident Response, Vulnerability Management, or a related field
  • Previous experience leading, supervising, or mentoring technical teams
  • Strong understanding of common vulnerability classes, including the OWASP Top 10
  • Experience with incident response, vulnerability triage, and validation
  • Excellent analytical, problem-solving, organizational, and decision-making skills
  • Exceptional written and verbal communication skills with the ability to influence technical and non-technical stakeholders.

Benefits

  • Health insurance
  • 401(k) matching
  • Flexible work hours
  • Paid time off
  • Discretionary bonus program

Related Categories

Related Job Pages

More Security Operations Jobs

Full TimeRemoteTeam 1,001-5,000Since 2004H1B Sponsor

• Lead and mentor a team of junior and mid-level SOC analysts, fostering professional growth and technical proficiency. • Drive resolution for high-priority and critical security incidents, acting as the primary technical point of escalation. • Oversee and strategize proactive threat-hunting operations and detection engineering workflows. • Monitor and triage security alerts. • Build, test, and refine detections to enhance threat identification across Mac, Linux, and Windows systems. • Conduct in-depth analysis of security incidents, including malware, phishing, and advanced persistent threats, leveraging SIEM and EDR capabilities. • Perform proactive threat hunting using the SIEM and EDR features. • Investigate and respond to incidents swiftly, following established incident response protocols. • Document findings clearly and provide actionable remediation recommendations. • Collaborate with cross-functional teams to strengthen security controls and mitigate vulnerabilities. • Stay current on emerging threats, vulnerabilities, and industry trends through self-directed learning. • Participate in on-call rotation for 24x7x365 SOC coverage, demonstrating reliability and accountability. • Escalate confirmed or suspicious incidents and cases to the Incident Response team.

India

Role Description This role is a critical function responsible for the ongoing transformation of the organization’s Security Operations & Incident Response program. With a focus on maintaining resilience and protecting the global enterprise from cybersecurity threats, the team operates an advanced security operations and incident response program focused on the identification, analysis, and eradication of cybersecurity threats and incidents across the global enterprise. In support of the rapid growth of this critical program, we are looking for an experienced, passionate, and highly organized engineer who will drive operational delivery excellence and continuous advancement across processes and technologies. Primary Responsibilities - Expert-level support for deep dive investigations, including digital forensics (memory, network, and malware analysis). - Author and refine IR playbooks and operational guidelines to ensure the team remains agile in an evolving threat landscape. - Develop and maintain threat models, incorporating findings from penetration tests into detection strategies. - Design, implement, and refine complex detection rules and automated remediation workflows to identify adversarial behavior. - Utilize threat intelligence and the MITRE ATT&CK framework to identify gaps in visibility and proactively mitigate emerging risks. - Maintain comprehensive documentation of detection strategies, active investigations, and incident timelines. - Work with the SIEM team to continuously tune SIEM rules to maximize detection fidelity while minimizing alert fatigue. - Review and tune threat intelligence systems, including brand protection and dark web monitoring. - Proficiency in scripting and query building using Python, XQL, PowerShell, or Bash, and experience with automation and/or orchestration (SOAR) tools. - Support IR leadership as backup on IR-related activities. Qualifications - Bachelor’s degree and 5+ years of relevant experience in incident response and SOC tooling. - In-depth knowledge of SIEM/SOAR platforms (e.g., Microsoft Sentinel, Palo Alto Cortex XSIAM/XSOAR) and incident response processes in hybrid cloud environments (GCP, Azure). - Experience leading incident response as incident commander, performing root cause analysis and continuous optimization for SOC tools and processes. - Familiarity with scripting languages (Python, PowerShell, Bash, XQL) is highly preferred. - Understanding of regulatory compliance and frameworks such as MITRE ATT&CK, NIST, or ISO. - Ability to prioritize tasks effectively, manage multiple priorities, and work both independently and as part of a team. - Strong communication skills, with the ability to translate sophisticated technical issues or concepts to non-technical audiences in a clear and concise manner that focuses on business value.

United States + 1 moreAll locations: United States | Canada
Serco Plc logo

Cyber Security Operations & CTI Lead

Serco Plc

At Serco, you'll join a global organisation delivering essential public services that improve the lives of millions of people. Our values of Trust, Care, Innovation, and Pride guide everything we do. Committed to creating an inclusive workplace. Encourages applications from Aboriginal and Torres Strait Islander peoples, LGBTQIA+ communities, veterans, and people with disabilities.

Full TimeRemoteTeam 10,001

Role Description Serco is building out its in-house cyber security capability, and this is a rare opportunity to shape it from the ground up. Around 18 months ago we made a long-term commitment to bringing more security expertise in-house — this new role is a key part of that plan. You'll provide senior technical leadership across Security Operations and Threat Intelligence, ensuring threats are identified, analysed, and translated into action. This is a hands-on technical role: monitoring, threat hunting, detection engineering, and incident response — strengthening how Serco detects and responds to evolving cyber threats. We're a small team with large ambitions, globalising this service, and you'll play a central role in shaping its future. - Provide technical leadership across Security Operations — alert triage, investigation, and escalation — and act as senior escalation point for complex investigations - Design, build, and evolve a new Cyber Threat Intelligence capability, integrating it into SOC workflows, detection logic, and incident response - Analyse and track threat actors and campaigns, mapping adversary TTPs to MITRE ATT&CK and translating intelligence into detection improvements - Develop, tune, and optimise detection rules based on threat intelligence and incident learnings - Lead hypothesis-driven threat hunting, feeding outcomes back into detection engineering - Lead cyber incidents end-to-end, producing high-quality incident reports with root cause analysis and lessons learned - Author and maintain incident response playbooks and SOC/CTI processes - Task-manage a team of analysts day-to-day, with around four direct reports as the function grows - Participate in an on-call rota supporting incident escalations Qualifications - 7+ years' experience in cyber security roles, in-house or within an MSSP - Strong experience within a SOC environment, including incident response end-to-end - Proven experience building or integrating a Cyber Threat Intelligence function - Strong knowledge of SIEM, EDR, and SOAR tooling, and the MITRE ATT&CK framework - Demonstrated detection engineering and intelligence-led threat hunting experience - Clear communication skills, technical and non-technical, and the ability to operate under pressure during incidents - Eligibility for BPSS clearance Requirements - Desirable: CISSP - Relevant SANS certifications (e.g. SEC503, FOR572) - Relevant Microsoft certifications (e.g. SC200) - Blue Team Level 2 (BTL2) Benefits - Company car - Private healthcare - Bonus scheme of up to 30% - Flexible working considered - Pension – 6% - Chance to contribute to innovation in the public services - A company passionate about diversity and inclusion - Serco discounts which include cinema, merlin entertainment and online shopping discounts, and discounts on mobile phone plans and leisure centre memberships - A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Simply Health Cash Plans, and more - A wealth of career development training to suit your future aspirations - A safe and supportive culture

United Kingdom
£77K - £90K / year
CACI International Inc logo

SecOps Analyst

CACI International Inc

Expertise and Technology for National Security

Full TimeRemoteTeam 10,001+Since 1962H1B No Sponsor

• Monitor and analyze security events and alerts using Elastic Security SIEM • Conduct vulnerability scans with Tenable SC and assess cloud workloads via Tenable Cloud Security • Manage and enforce endpoint security policies using Trellix ePO or Microsoft Defender for Endpoint (MDE) • Monitor network security activity across Palo Alto Next-Generation Firewalls • Analyze secure access traffic through Zscaler Private Access and Internet Access • Detect, document, and escalate security incidents following established response procedures • Develop continuous monitoring reports and contribute to security posture dashboards • Track and present security KPIs to program leadership

Illinois
$75.2K - $158.1K / year