Cyber Defense Operations Manager
About the Role
Abnormal Security is a leading cyber security organization committed to maintaining the highest standards of cybersecurity. We are seeking an experienced and dynamic Cyber Defense Operations Manager to lead our 24/7 security operations team. The ideal candidate will play a crucial role in enhancing our security posture, developing effective security event triage processes, ensuring streamlined escalation procedures, and fostering a culture of mentorship and learning.
What you will do
- Lead and supervise a team of security analysts in a 24/7 operational framework, overseeing day-to-day management of security event responses.
- Defining technical methodologies for conducting comprehensive analyses of security events and refine investigation steps for the Cyber Defense team.
- Establish clear escalation policies and procedures to facilitate efficient communication and response during security incidents.
- Apply technical expertise in Endpoint Detection and Response (EDR), Cloud Detection and Response (CDR), and SIEM technologies to enhance threat detection and response capabilities.
- Train and mentor junior security analysts, imparting knowledge on advanced cybersecurity concepts.
- Play a key role in the development and enhancement of security playbooks, ensuring they reflect the latest industry standards.
- Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience to meet job requirements and expectations.
- 5+ years of experience in the security domain, including a detailed understanding of attacker techniques
- Proven experience managing and leading a 24/7 Cyber Defense team.
- In-Depth knowledge of EDR, CDR, and SIEM technologies.
- Extensive experience with Splunk SIEM for log analysis and correlation.
- Strong understanding of cloud security, particularly in AWS environments.
- Familiarity with Kuberenetes environments and associated security controls.
- Demonstrated ability to mentor and train security analysts.
- Strong desire for teaching and mentorship.
- Excellent communications skills and the ability to collaborate across teams.
Nice to Haves
- Relevant security certifications such as CISSP, CISM, GIAC, GCIH or equivalent.
- Experience in the detection engineering field.