Security Operations Manager

Job Summary:

We are seeking an experienced Security Operations Manager to manage the day-to-day security operation for protecting of our hybrid cloud environment, covering public cloud (AWS/Azure/GCP), private cloud, data centers, and on-premises systems. This role will oversee the execution of enterprise firewall policies, proxy security, SOC operations, VPN management, and network security across all environments, ensuring a unified security posture.  

Key Responsibilities:  

 1. Hybrid Cloud & Network Security Management
– Manage next-generation firewalls (e.g. NGA/P, Palo Alto, Fortinet, Cisco Firepower) across on-premises, cloud, and hybrid environments.  
– Manage cloud-native security tools (e.g. AWS GuardDuty, Azure Sentinel, GCP Security Command Center).  
– Implement and enforce secure web gateway (SWG) and proxy policies (e.g. Zscaler, Netskope, Blue Coat).  
– Design and optimize hybrid VPN solutions (e.g. site-to-site, client VPN, Zero Trust Network Access).  
– Ensure network segmentation, micro-segmentation, and Zero Trust principles across all environments.  

2. Security Operations Center (SOC) Leadership
– Collaborate with 24/7 SOC operations with a focus on multi-cloud and on-premises threat detection.  
– Support threat-hunting playbooks for cloud and data center environments.  
– Lead incident response (IR) for cross-environment security breaches (cloud misconfigurations, on-premises intrusions).  

 3. Cloud & Data Center Security  
– Implement cloud security posture management (CSPM) and infrastructure-as-code (IaC) security scanning.  
– Harden private cloud (VMware, OpenStack) and on-premises data center security.  
– Manage privileged access security (PAM) for hybrid environments.  
– Conduct cloud penetration testing and vulnerability assessments.  

 4. Compliance & Governance  
– Ensure compliance e.g. ISO 27001, NIST CSF, CIS Benchmarks, and cloud-specific frameworks (AWS Well-Architected, Azure CAF).  
– Maintain security policies for hybrid environments (data residency, encryption, IAM controls).  
– Lead internal/external audits (SOC 2, PCI DSS, HIPAA, GDPR).  

-Support the execution of security procedures for managing risks, vulnerabilities, threats, access, data security, supplier compliance and lifecycle security.

 5. Team & Vendor Management  
– Lead a cross-functional security team (SOC analysts, cloud security engineers, network security specialists).  
– Manage MSSP relationships and third-party security vendors.  
– Provide training and mentorship on cloud and hybrid security best practices.  

Required Qualifications:  
– 7+ years in security operations, with 5+ years in hybrid cloud/on-premises security.  
– Good expertise in:  
 – Public cloud security (AWS, Azure, GCP)  
 – Firewall, proxy, VPN, and network security  
 – SIEM/SOAR and SOC operations  
 – Data center and on-premises security hardening  
– Certifications: CISSP, CCSP, AWS/Azure Security, PCNSE, CCNP Security.  
– Experience with Kubernetes security, DevSecOps, and IaC (Terraform, Ansible).  

Work Environment:  
– Hybrid work model (on-site for critical infrastructure, remote for SOC oversight).  
– Participation in on-call rotation for security incidents.  
– Collaboration with different stakeholders including application, infrastructure, business and compliance teams.