Manager of Security Engineering & Operations
Indexed description
The Manager, IT Security Engineering & Operations is responsible for leading and executing the organization’s security engineering and security operations functions. This role owns the design, implementation, and operation of security controls across cloud, applications, endpoints, identity, and network environments.
This is a hands-on leadership role that combines technical execution with team leadership. The Manager is expected to actively contribute to engineering and operational activities while leading a small team, ensuring delivery of key security initiatives and day-to-day operations
This position reports to the VP of Information Security & GRC and works closely with Security & Compliance, IT Infrastructure & Operations and applications teams.
How You Will Succeed:
Security Engineering & Architecture
- Lead the design and implementation of security controls across Azure, Microsoft 365, and SaaS platforms, including Oracle Simphony
- Drive security hardening initiatives across cloud and enterprise platforms, including Microsoft 365 baseline configurations
- Define and enforce secure architecture standards in partnership with Infrastructure and Application Development teams
- Manager security operations, including monitoring, detection, and incident response
- Manage and optimize SOC/MDR services and vendor performance
- Improve detection quality, reduce false positives, and strengthen response capabilities
- Lead incident response and post-incident reviews
- Manage cloud security posture across Azure, Salesforce and Oracle
- Lead application security initiatives including code scanning, API security, and secure development practices
- Manage and optimize Web Application Firewall (WAF) capabilities
- Integrate security into CI/CD pipelines and development workflows
- Manage the vulnerability management program end-to-end
- Ensure vulnerabilities are remediated within defined SLAs
- Drive accountability across IT and application teams
- Deliver clear reporting and metrics to leadership
- Manage and optimize core security technologies, including:
- Endpoint protection (Microsoft Defender, Bitdefender)
- Identity security (Entra ID, Conditional Access, PIM)
- Microsoft 365 security
- WAF and edge protection
- SIEM/SOAR and MDR integrations
- Ensure tools are properly configured and delivering measurable value
- Partner with Security & GRC to support PCI DSS 4.0 and SOX ITGC requirements
- Ensure controls are implemented and operating effectively
- Support audits, remediation, and control validation
- Directly manage:
- Senior Information Security Engineer
- IT Security Administrator
- Set clear priorities, goals, and expectations
- Drive accountability and execution across the team
- Mentor and develop team members while remaining actively involved in delivery
- 7+ years of experience in security engineering or security operations
- Experience leading teams while remaining hands-on in technical work
- Strong experience with Azure and Microsoft 365
- Experience managing SOC/MDR services
- Hands-on experience with vulnerability management and incident response
- Experience with application security and WAF technologies
- Threat detection and incident response
- Cloud security architecture and controls
- Identity and access management
- Endpoint and email security
- Vulnerability management practices
- Knowledge of PCI DSS, SOX ITGC, and NIST CSF requirements
- Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent professional experience
- Preferred Certifications
- Certified Information Systems Security Professional (CISSP)
- Cloud security certifications such as CCSP
- Security operations or incident response certifications (e.g., GCIH)
- Ability to adapt quickly in a dynamic environment, evaluate new technologies, and apply them effectively as the security and technology roadmap evolves.
- Strong organizational and prioritization skills, with the ability to manage multiple initiatives, deadlines, and competing requests.
- Excellent analytical and problem-solving skills, with a practical, customer-focused approach to security challenges.
- Ability to communicate clearly and effectively with technical and non-technical stakeholders across IT, business, and restaurant operations.
- Hospitality industry experience will be a plus.
What You’ll Get:
- Incredible Discounts:
- Monthly Dining Allowance
- 50% Dining and Carryout
- 40% Retail Wine
- 20% Retail and Private Events
- Monthly Complimentary Wine Tasting for Two
- Medical, Prescription, Dental, Vision Insurance plus Telemedicine and Wellness Program
- Company Matching 401(k) Retirement Savings Plan
- Flexible Savings Accounts- Health and Dependent Care
- Health Savings Account
- Long-Term Disability; Voluntary Short-Term Disability
- Basic Life and AD&D Insurance (with option to purchase additional coverage)
- Paid Parental Leave
- Highly Competitive Pay plus Team Member Incentives & Rewards
- Paid Time Off
- Milestones Recognition Program
- Complimentary Gym Membership in RSC Building
- Hybrid Work Week (3 days in office, 2 days remote, depending on role)
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search