Security Operations Manager
Location
United States
Posted
22 hours ago
Salary
$115K - $135K / year
Seniority
Lead
No structured requirement data.
Job Description
Security Operations Manager
LUX Infusion
Role Description The Security Operations Manager is responsible for leading and maturing the organization's cybersecurity operations program with a primary focus on healthcare security, identity and access management, Single Sign-On (SSO) strategy, threat detection, incident response, and regulatory compliance. This role serves as both a technical leader and people leader, providing mentorship and professional development to Security Analysts while establishing scalable security operations capabilities across the enterprise. The Security Operations Manager will oversee day-to-day security operations, security monitoring, vulnerability management, incident response, identity security initiatives, and compliance activities supporting HIPAA, HITECH, and other healthcare regulatory requirements. This position partners closely with Infrastructure, Applications, Compliance, HR, and business stakeholders to ensure the confidentiality, integrity, and availability of enterprise systems and Protected Health Information (PHI). What You’ll Do - Security Operations Leadership - Lead and manage Security Operations (SecOps) activities across infrastructure, applications, cloud platforms, and endpoints. - Develop and maintain security monitoring, threat detection, incident response, and security governance processes. - Serve as the primary escalation point for complex security incidents and investigations. - Direct security event analysis, triage, containment, eradication, and recovery activities. - Establish operational metrics, dashboards, and KPIs to measure security effectiveness. - Drive continuous improvement initiatives to enhance enterprise cybersecurity maturity. - Coordinate security activities with managed security service providers and strategic security partners. - Identity Security & SSO Program Management - Lead enterprise Identity and Access Management (IAM) strategy and implementation. - Design, implement, and maintain Single Sign-On (SSO) platforms and identity federation technologies. - Manage security controls related to Azure AD/Entra ID, MFA, conditional access, RBAC, and privileged access management. - Partner with application owners to onboard business-critical applications into SSO platforms. - Establish identity governance processes, user lifecycle management standards, and access review programs. - Conduct identity risk assessments and develop remediation plans. - Oversee authentication modernization initiatives and Zero Trust security models. - Healthcare Security & Regulatory Compliance - Ensure compliance with HIPAA, HITECH, HITRUST, NIST CSF, and healthcare cybersecurity best practices. - Lead security risk assessments and remediation planning. - Support internal and external audits. - Develop and maintain healthcare-focused security policies, standards, and procedures. - Monitor controls protecting Protected Health Information (PHI) and Electronic PHI (ePHI). - Collaborate with Compliance, Legal, and Operations teams on security and privacy matters. - Participate in breach investigations, reporting requirements, and corrective action programs. - Threat Detection & Incident Response - Oversee SIEM, EDR, vulnerability management, email security, and threat intelligence platforms. - Direct proactive threat hunting activities. - Lead cyber incident response exercises and tabletop simulations. - Manage forensic investigations and root-cause analysis efforts. - Coordinate post-incident reviews and remediation planning. - Maintain incident response playbooks and operational procedures. - Vulnerability & Risk Management - Direct vulnerability management programs across servers, endpoints, cloud environments, and applications. - Establish risk-based prioritization methodologies for remediation. - Oversee remediation tracking and reporting. - Evaluate new technologies, vendors, and cloud services for cybersecurity risk. - Conduct third-party security assessments and vendor reviews. - Team Leadership & Mentorship - Supervise, coach, and mentor Security Analysts and junior cybersecurity staff. - Develop career growth plans, training programs, and technical development pathways. - Conduct regular one-on-one meetings and performance coaching. - Provide guidance on incident investigations, technical analysis, and security operations best practices. - Foster a collaborative culture focused on continuous learning and operational excellence. - Create succession planning and cross-training opportunities within the security team. - Participate in recruiting, interviewing, onboarding, and workforce planning activities. - Security Awareness & Collaboration - Promote cybersecurity awareness throughout the organization. - Deliver technical and non-technical security presentations. - Partner with Infrastructure, Application Development, Service Desk, and Compliance teams on security initiatives. Qualifications - Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience). - 7+ years of progressive cybersecurity experience. - 3+ years of experience leading security operations or security engineering initiatives. - Experience within healthcare, specialty pharmacy, or other highly regulated industries. - Hands-on experience implementing and administering enterprise SSO and IAM platforms. - Strong experience with: - Microsoft Entra ID (Azure AD) - Single Sign-On (SAML, OIDC, OAuth) - Multi-Factor Authentication (MFA) - SIEM platforms - EDR/XDR technologies - Vulnerability Management - Security Incident Response - Experience supporting HIPAA compliance and healthcare security assessments. Qualifications Preferred - CISSP - HCISPP - CISM - GIAC Certifications - Microsoft Identity & Access Administrator Certification - HITRUST experience - Healthcare cybersecurity leadership experience Benefits - Purpose-driven work with real impact - A patient-first, clinician-led culture - Supportive, collaborative teammates - The opportunity to grow with a company building something meaningful Pay Range/Rate $115,000 — $135,000 USD Physical Demands The physical demands described here represent those required for an employee to successfully perform the essential functions of this role. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions. Other Requirements - Participate annually in required legal and ethical compliance training. - Consistently act in compliance with LUX Infusion’s legal, ethical, and compliance policies. - Adhere to all standards and procedures outlined in the LUX Infusion Compliance Manual. - Refrain from any behavior that could be considered unethical or unlawful. Expectations for All Employees All LUX Infusion team members are expected to support the organization’s mission, vision, and values by demonstrating integrity, dedication, compassion, and enthusiasm. This includes placing patients first, working collaboratively with a “stacked-hands” mindset, and maintaining a consistent focus on quality, accountability, and continuous improvement. General Information The statements above are intended to describe the general nature and level of work performed by individuals in this role. They are not intended to be an exhaustive list of all responsibilities, duties, or skills required.
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
Advisory Presales Solution Consultant - Risk & SecOps
ServiceNowAs the AI platform for business transformation, we're putting AI to work across organizations — freeing people for work that matters. Making old tech work with new tech. Reaching across departments, from the front office to the back office and every office in between. Our ambition? To become the AI defining enterprise software company of the 21st century (or "AI DESCO21C," as we like to call it). With more than 8,400+ customers, we serve approximately 90% of the Fortune 500®, and we're proud to be a Fortune 100 Best Companies to Work For® and World's Most Admired Companies™. Explore your future career with us, visit www.careers.servicenow.com From Fortune. ©2026 Fortune Media IP Limited. All rights reserved. Used under license.
Role Description As a member of our Risk & Security Solution Consulting team, you will have a major impact on our future success by supporting the Risk & Security Solution Sales Team in driving net new business. You will guide revenue for our risk products with the support and partnership of Sales, Product Management, and the executive team. This is a hands-on technical consultant who can go wide and deep on solution delivery and solution positioning, as well as the risk domain itself, during sales cycles. What you get to do in this role: - The Solution Consultant is a technical consultant with the advanced ability to develop, position and provide product-specific advisory support during sales cycles while achieving quarterly and annual sales goals for an assigned territory. - Support solution sales as a technical and domain expert of a client-facing sales team. - Lead discovery workshops to determine customers' challenges and give product demonstrations to align our solution with customer needs. - Understand customer challenges and goals and map this back to solution capabilities. - Answer product feature and technical questions from customers, channel partners and ServiceNow colleagues. - Act as the domain SME across the core areas of risk (including but not limited to Risk Management, Internal Controls, Regulatory Compliance, Policy Management, Cyber Risk, TPRM, BCM, Operational Resilience, Privacy and ESG). - Provide feedback to product management about product enhancements that can address customer needs and provide additional value. - Share and learn best practices and re-usable assets with other Solution Consultants to enhance the quality and efficiency of the team. - Identify, build-out and deliver cross product sales opportunities (solutions that cover multiple different ServiceNow solutions) that map to customer challenges and industry needs. - Stay current on competitive analysis, trending regulatory and risk developments and broader market differentiation. - Support/speak at marketing events including executive briefings, conferences, user groups, and trade shows. Qualifications - Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. - Proven (c. 6-10 years) pre-sales solution consulting or sales engineering experience with specific demonstrable knowledge of GRC and SecOps topics and solutions. - Deep domain expertise in GRC, Information Security, Security Operations, AI Governance, Third Party Risk Management, or Operational Resilience. - Executive presence and business acumen to operate as a peer with C-suite buyers. - Self-starter mentality with demonstrated ability to operate autonomously and drive outcomes independently. - Technical fluency to conduct early stage product demonstrations and understand API/integration patterns. - Proficiency with the ServiceNow platform or technical experience with cloud software solutions. - Experience working collaboratively with product management, product marketing, partners, and professional services. - Proven soft skills relating to effective presentation of content and working collaboratively in a team. - Territory management skills, including pipeline building and working with Sales counterpart to guide execution excellence. - The ability to travel, as necessary with offices in Munich, Frankfurt, Berlin, Hamburg and Dusseldorf. - Fluency in English and German essential. Company Description ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law. At ServiceNow, we lead with flexibility and trust in our distributed world of work. If you require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us for assistance.
ServiceNow Secops Consultant
Rootshell Enterprise Technologies, Inc.Rootshell Enterprise Technologies Inc. is a recognized provider of professional IT Consulting services in the US.
Role Description We are actively seeking a ServiceNow Secops Consultant for one of our clients. - ServiceNow development and administration in an enterprise environment. - Ability to configure, develop, and implement functionality within ServiceNow. - Demonstrable Service Catalog, Service Portal, and Configuration Management experience. - Ability to relate to software engineering challenges and practices. Qualifications - ServiceNow System Administrator Certification or Application Developer Certification. Company Description Rootshell Enterprise Technologies Inc. is a recognized provider of professional IT Consulting services in the US.
Director, Security Engineering – Operations
PayscalePayscale powers compensation decisions for more than 25% of the US workforce
• Direct, manage, and lead the security engineering and security operations team members; own hiring, onboarding, performance reviews, and career development plans aligned to Payscale’s Information Security Career Ladder • Set strategy and quarterly/annual objectives for both functions and translate them into a prioritized, measurable roadmap; hold regular 1:1s and team connects to maintain a high-performance, feedback-rich culture • Mentor engineers and analysts at all career levels, providing task-based directives, technical coaching, and growth-oriented feedback • Own the on-call rotation and after-hours escalation path across both functions, ensuring coverage for time-sensitive detection and response • Serve as a working leader — remaining hands-on in engineering, architecture, and incident response rather than leading solely through delegation • Own the design, implementation, and continuous hardening of security controls across corporate, cloud, and hosting environments • Build and maintain security automation and integrations — SOAR, detection-as-code, and infrastructure-as-code guardrails — to scale coverage without adding headcount • Engineer and operate the security tooling stack (EDR/XDR, SIEM, identity protection, DLP/CASB, vulnerability scanning), ensuring platforms are well-integrated and meet architectural standards • Partner with Engineering and Infrastructure to embed “secure by design” into CI/CD, cloud architecture, and product development • Drive adoption of a zero-trust methodology across identity, endpoint, network, and application layers • Lead security engineering for enterprise AI and agentic tooling adoption, building controls and guardrails for safe internal use • Drive the threat detection and incident response capability: detection engineering, playbook development, tabletop exercises, and continuous improvement of MTTA/MTTR metrics • Lead or oversee incident response events as the designated incident manager for significant or multi-team incidents, running incident command end-to-end • Own the MDR relationship, holding the provider accountable to SLAs, coverage, and response outcomes • Extend detection and response to secure enterprise AI and agentic tooling adoption • Own the vulnerability and exposure management function across all corporate and hosting environments, coordinating cross-functionally on mitigation and remediation with clear SLAs • Expand security monitoring, visibility, and coverage using existing platforms and open-source tooling • Own the security engineering and operations portion of the Information Security program roadmap, delivering operational metrics, risk-posture data, and capacity analysis • Establish and report security KPIs to technology and executive leadership on a regular cadence • Collaborate with the GRC team on ISO 27001 and SOC 2 evidence, control effectiveness, and audit readiness as it relates to security engineering and operations • Lead technical evaluations of emerging security vendors and technologies; provide buy/build/partner recommendations to technology management • Represent security engineering and operations in cross-functional product, engineering, and infrastructure initiatives, ensuring security requirements are incorporated by design
Staff Security Engineer – SecOps, Threat
6sense6sense Revenue AI™ reimagines the way revenue teams create, manage and convert pipeline into revenue.
• Execute on milestones for end-to-end SecOps & Threat initiatives in accordance with the Security roadmap • Identify and respond to complex security incidents, including system compromise, intrusion attempts, and/or denial of service attacks • Engage vendors, Infrastructure, IT, GRC, Cloud, and Application Security teams as required to validate alerts and ensure incident resolution • Research emerging threats, publicly disclosed vulnerabilities or attack vectors, and proactively push mitigating controls • Perform security forensics • Build security tools and advanced automation • Propose, plan, lead, and execute threat exercises • Mentor engineers across Information Security to drive security controls and risk remediation


