Security Operations Manager

Job Summary:

We are seeking an experienced Security Operations Manager to manage the day-to-day security operation for protecting of our hybrid cloud environment, covering public cloud (AWS/Azure/GCP), private cloud, data centers, and on-premises systems. This role will oversee the execution of enterprise firewall policies, proxy security, SOC operations, VPN management, and network security across all environments, ensuring a unified security posture.  

Key Responsibilities:  

 1. Hybrid Cloud & Network Security Management
- Manage next-generation firewalls (e.g. NGA/P, Palo Alto, Fortinet, Cisco Firepower) across on-premises, cloud, and hybrid environments.  
- Manage cloud-native security tools (e.g. AWS GuardDuty, Azure Sentinel, GCP Security Command Center).  
- Implement and enforce secure web gateway (SWG) and proxy policies (e.g. Zscaler, Netskope, Blue Coat).  
- Design and optimize hybrid VPN solutions (e.g. site-to-site, client VPN, Zero Trust Network Access).  
- Ensure network segmentation, micro-segmentation, and Zero Trust principles across all environments.  

2. Security Operations Center (SOC) Leadership
- Collaborate with 24/7 SOC operations with a focus on multi-cloud and on-premises threat detection.  
- Support threat-hunting playbooks for cloud and data center environments.  
- Lead incident response (IR) for cross-environment security breaches (cloud misconfigurations, on-premises intrusions).  

 3. Cloud & Data Center Security  
- Implement cloud security posture management (CSPM) and infrastructure-as-code (IaC) security scanning.  
- Harden private cloud (VMware, OpenStack) and on-premises data center security.  
- Manage privileged access security (PAM) for hybrid environments.  
- Conduct cloud penetration testing and vulnerability assessments.  

 4. Compliance & Governance  
- Ensure compliance e.g. ISO 27001, NIST CSF, CIS Benchmarks, and cloud-specific frameworks (AWS Well-Architected, Azure CAF).  
- Maintain security policies for hybrid environments (data residency, encryption, IAM controls).  
- Lead internal/external audits (SOC 2, PCI DSS, HIPAA, GDPR).  

-Support the execution of security procedures for managing risks, vulnerabilities, threats, access, data security, supplier compliance and lifecycle security.

 5. Team & Vendor Management  
- Lead a cross-functional security team (SOC analysts, cloud security engineers, network security specialists).  
- Manage MSSP relationships and third-party security vendors.  
- Provide training and mentorship on cloud and hybrid security best practices.  

Required Qualifications:  
- 7+ years in security operations, with 5+ years in hybrid cloud/on-premises security.  
- Good expertise in:  
 - Public cloud security (AWS, Azure, GCP)  
 - Firewall, proxy, VPN, and network security  
 - SIEM/SOAR and SOC operations  
 - Data center and on-premises security hardening  
- Certifications: CISSP, CCSP, AWS/Azure Security, PCNSE, CCNP Security.  
- Experience with Kubernetes security, DevSecOps, and IaC (Terraform, Ansible).  

Work Environment:  
- Hybrid work model (on-site for critical infrastructure, remote for SOC oversight).  
- Participation in on-call rotation for security incidents.  
- Collaboration with different stakeholders including application, infrastructure, business and compliance teams.