Security Operations Center (SOC) Manager

Who We Are 

Legato Security is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is to build close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats. 

Position Overview 

Legato Security is seeking a dynamic and experienced Security Operation Center (SOC) Manager to lead our SOC team in delivering best-in-class security services for our clients. As the SOC Manager at Legato Security, you will oversee daily operations, ensure optimal incident response and monitoring, and drive continuous improvements to our security operations framework. The ideal candidate has extensive experience in cybersecurity, team leadership, and operational management in a fast-paced, client-focused environment. 

Specific Job Responsibilities 

• Oversee the daily operations of the 24/7 SOC, including security event monitoring, incident response, and threat intelligence and hunting activities.  
• Perform job analysis, supervision, develop processes and procedures, and implement workflows. 
• Develop and document standard operating procedures, SOC playbooks, configuration guides, and secure standards. 
• Assist SOC Analysts with learning and performing regular SOC procedures and tasks to ensure SLAs are met.  
• Ensure adherence to SLAs and KPIs for all SOC activities. 
• Assist the Director of Security Operations with developing service delivery standards, procedures, and overall SOC strategies. 
• Act as Incident Response lead/commander, when needed and serve as an escalation point for security incidents and client-related queries. 
• Work with clients to provide post-incident reviews, root cause analyses, and recommendations for improvement. 
• Oversee new hire onboarding/training in collaboration with SOC Leads. 
• Conduct regular performance reviews and identify opportunities for skill development. 
• Evaluate, recommend, and implement advanced security tools and technologies to enhance detection, investigation, and response capabilities. 
• Develop and implement SOAR/automation playbooks to increase the efficiency of the SOC. 
• Identify areas for process improvement and drive initiatives to optimize efficiency and effectiveness. 

 Qualifications 

Required Qualifications: 

• Bachelor’s degree in computer science, Information Security, or a related field, or equivalent work experience. 
• Minimum of 5-7 years of experience in cybersecurity, including experience in a SOC environment. 
• Strong leadership, management, and problem-solving skills with the ability to motivate and develop a high-performing team. 
• Strong knowledge of SIEM platforms (e.g., Sumo Logic, Google SecOps, Splunk), EDR tools, and threat intelligence frameworks. 
• Understanding of IT infrastructure, information security, and compliance controls. 
• Ability to work under pressure, handle multiple priorities, and make sound decisions in a fast-paced environment. 
• Excellent written and verbal communication skills. 
• Exceptional analytical and problem-solving skills; someone who ‘sees’ the box differently. 
• Experience developing and managing remediation plans/corrective actions. 

Preferred Qualifications: 

• CISSP, CISM, CISA, GIAC, or other recognized security certifications are preferred.  
• Prior experience with digital forensics and/or incident response is highly desired.  
• Comfortable with multiple, current operating environments.  
• Familiarity with modern exploit techniques, mitigation strategies, and counter-attack methodologies.  
• Experience in an MSSP environment is strongly preferred.  

Perks 

• Start-up company in a growth phase with opportunity for advancement based on performance 
• Start-up culture with an office in downtown Salt Lake City, UT 
• Competitive medical and dental benefits for employee and family members 
• Other company-provided benefits such as short-term disability, basic life insurance, children’s orthodontia, with additional voluntary benefits available, and 401K match 
• Flexible Paid Time Off policy 
• Professional Development opportunities specific to role