Cyber Operations Manager- Threat Operations & Splunk

Join to apply for the Cyber Operations Manager- Threat Operations & Splunk role at Optiv.

The Cyber Operations Manager for Threat Detection & Response is responsible for ensuring early and accurate detection, response, and containment of threats against clients. This technical management role requires deep security expertise, experience as a security practitioner, systems management skills, and the ability to attract and retain talent. The role involves mentoring staff and improving Security Operations services.

1. Lead 24x7 Threat Detection and Response Analysts, overseeing operations, strategic planning, and resource management.
2. Collaborate with clients on reporting, stewardship calls, and escalations.
3. Enforce policies on security, disaster recovery, and service standards.
4. Refine detection, response, and incident management processes.
5. Oversee client system security via the Advanced Fusion Center (AFC).
6. Stay updated on vendor products, expansion, and technology directions.
7. Coordinate with other managers to advance Security Operations and Optiv's offerings.
8. Improve processes and documentation.
9. Manage staffing including recruitment, supervision, development, and evaluations.
10. Foster an educational environment for staff growth.
11. Perform staff performance reviews.
12. Report security gaps and vulnerabilities to clients.
13. Prepare reports on metrics, SLAs, and KPIs.
14. Stay informed about evolving risks and industry best practices.
15. Attend security events and network with industry peers.
16. Oversee threat intelligence reporting.
17. Normalize data from various security assessments and projects.
18. Communicate with executives and other leaders about relevant activities.
19. Develop staff through training and performance management, maintaining morale.
20. Report to the Director of Security Operations.

• 12+ years in IT and Information Security
• 5+ years leading Threat Detection & Response teams
• 5+ years in cyber operations centers
• 5+ years with SIEM solutions, especially Splunk
• 3+ years in managed services
• Security or networking certifications (e.g., Security+, CISSP)
• Decision-making and problem-solving skills under pressure
• Deep understanding of SIEM and EDR solutions
• Knowledge of compliance standards (NIST, HIPAA, PCI, etc.)
• Understanding of cybersecurity laws across regions
• Experience with Security Orchestration, Automation, and Response (SOAR)
• Experience with ticketing and knowledge management systems like ServiceNow
• Familiarity with ITIL practices
• Experience with security analytics platforms like Kibana
• Experience with reporting tools like PowerBI and DOMO

• Commitment to Diversity, Equity, and Inclusion
• Work/life balance
• Training resources
• Opportunity to work on complex projects
• Volunteer opportunities through "Optiv Chips In"
• Remote work capabilities where applicable

Optiv is an equal opportunity employer, considering all qualified applicants without discrimination. We respect your privacy; see our Privacy Notice for details.

• Senior level: Mid-Senior
• Employment type: Full-time
• Industry: Computer and Network Security