Security Operations Manager

We’re seeking a Security Operations (Engineering) Manager who’s passionate about building and maintaining a world-class security program in a dynamic, global environment. You’ll lead a team of analysts and engineers, collaborate with cross-functional teams to protect our infrastructure (including multi-cloud deployments), and ensure we meet key security and compliance requirements.

What You’ll Do

• Manage a distributed group of security professionals responsible for threat hunting, detection, and remediation.
• Provide mentorship and career development opportunities, ensuring expertise in areas like cloud security, vulnerability management, DevOps, and incident response.
• Oversee day-to-day SOC activities—monitoring alerts, triaging incidents, and coordinating escalations.
• Drive continuous improvements in processes and procedures, including runbooks, playbooks, and operational standards.
• Work closely with infrastructure and DevOps teams to secure cloud deployments (e.g., containers, CI/CD pipelines, and shared services).
• Support or lead compliance efforts (e.g., ISO 27001, SOC 2, PCI, GDPR) by aligning technical controls with business requirements.
• Own the incident response lifecycle: detection, containment, investigation, remediation, and lessons learned.
• Oversee vulnerability management programs—from scanning and assessment through remediation tracking and reporting.
• Implement and maintain corporate security measures (e.g., endpoint hardening, identity and access management, policy enforcement).
• Develop and track security metrics to measure SOC effectiveness and guide strategic decisions (e.g., mean time to detect/respond, vulnerability dwell time).

 

 

About You

• 5–7+ years of combined IT and security experience in Security Operations in a lead capacity
• Proven track record overseeing or operating a SOC, handling advanced security incidents, and coordinating across various teams.

• Technical Expertise
  • Familiarity with modern infrastructure (cloud platforms, containerization, CI/CD pipelines) and security concepts (SIEM, EDR, NDR, WAF, DLP).
  • Deep understanding of threat detection, vulnerability management, incident response, and enterprise security controls.
  • Comfortable bridging the gap between engineering and security by advocating secure coding practices, automated security testing, and DevSecOps principles.
  • Hands-on experience with at least one major compliance framework (ISO 27001, SOC 2, PCI, GDPR, etc.).
  • Excellent communication skills—able to convey complex concepts to technical and non-technical stakeholders.
  • Bachelor's degree in computer science, Information Systems, or related field preferred (or equivalent experience).
  • Relevant security certifications (e.g., CISSP, GIAC, CISM) are highly desirable.
  • Willingness to work on-site, coordinate across multiple time zones, and participate in on-call rotations for high-severity incidents.

 

 

What We Offer: 

Benefits: All U.S. GLGers also have access to benefits such as:

• Comprehensive medical, dental and vision coverage effective on your first day of employment
• Flexible paid time off. No pre-determined limits on vacation time, plus 10 company holidays
• 401(k) and Roth 401(k) plans with an employer match (subject to annual limits & vesting)
• Tuition reimbursement program for eligible courses including language skills courses
• Paid parental leave, adoption and surrogacy reimbursement
• Free wellbeing support with the Calm app, Maven and EAP, and free long-term therapy & counselling assistance through Pathways
• Other work perks and benefits available based on final job location

Compensation: GLG is committed to fair and equitable compensation practices. Actual compensation is based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. Certain roles may also be eligible for incentive compensation.

The anticipated hiring base salary range for this role is:$146,600—$210,000 USD

About GLG / Gerson Lehrman Group

GLG is the world’s insight network. Our clients rely on GLG’s global team to connect with powerful insight across fields from our network of approximately 1 million experts (and the hundreds of new experts we recruit every day).

We serve thousands of the world’s best businesses, from Fortune 500 corporations to leading technology companies to professional services firms and financial institutions. We connect our clients to the world’s largest and most varied source of first-hand expertise, including executives, scientists, academics, former public-sector leaders, and the foremost subject matter specialists.

GLG’s industry-leading compliance framework allows clients to learn in a structured, auditable, and transparent way, consistent with their own internal compliance obligations and the highest professional ethical standards. Our compliance standards are a major competitive differentiator and key component of the company’s culture.

To learn more, visit www.GLGinsights.com.

Gerson Lehrman Group, Inc. (“GLG”) is an equal opportunity employer and will not discriminate against any employee or applicant on the basis of age, race, religion, color, marital status, disability, gender, national origin, sexual orientation, veteran status, or any classification protected by federal, state, or local law.