Job Description
Cybersecurity Operations Manager
The Cybersecurity Operations Manager is responsible for leading the organization's security operations function and serving as the primary incident response lead. This role oversees day-to-day security monitoring, detection, and response activities while providing leadership during cybersecurity incidents. The position combines hands-on technical expertise with team leadership, strategic planning, and cross-functional collaboration to strengthen the organization's overall security posture.
Responsibilities
- Lead daily security operations activities, ensuring effective monitoring, investigation, and response to security events and incidents.
- Manage and mentor security operations personnel, fostering a high-performing and collaborative team environment.
- Maintain a hands-on approach to security operations by supporting complex investigations, threat analysis, and security engineering initiatives.
- Develop and optimize security monitoring, detection, and response capabilities through process improvements and automation.
- Serve as the primary incident response lead, coordinating containment, remediation, recovery efforts, and post-incident reviews.
- Maintain incident response plans, procedures, and playbooks while facilitating regular tabletop exercises and readiness assessments.
- Collaborate with technology and business teams to integrate security best practices into operational processes and technology initiatives.
- Support infrastructure and cloud security hardening efforts through the implementation of industry-standard controls and configurations.
- Monitor emerging threats and vulnerabilities, leveraging threat intelligence to drive proactive defense and threat hunting activities.
- Oversee security awareness initiatives and employee education programs.
- Develop operational metrics and reporting to communicate security performance, risks, and recommendations to leadership.
Qualifications
- Degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience.
- CISSP, CISM, or comparable industry certification preferred.
- 7+ years of cybersecurity experience, including security operations, incident response, or cyber defense.
- 3+ years of leadership experience managing cybersecurity or security operations teams.
- Demonstrated experience leading the full incident lifecycle from detection through remediation and post-incident analysis.
- Strong understanding of security operations technologies, including SIEM, endpoint security, cloud security, threat detection, and security automation platforms.
- Experience applying security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, SOC 2, or similar standards.
- Proven ability to communicate technical risks to both technical and non-technical stakeholders.
- Strong coaching, mentorship, and team development capabilities.
- Experience developing detection content, investigation workflows, and security monitoring use cases within modern enterprise environments.
Affinity Earn
Know someone who’s great for this, or any of our open roles? Earn up to $4,000/year for each successful referral through Affinity Earn. You can also earn up to $50,000 for helping us find new clients. Learn about our referral program at https://affinity-group.ca/earn/ or browse our jobs & follow us at https://www.linkedin.com/company/affinity-staffing/jobs/
About Affinity
Affinity Group is a technology and business consulting and services company. We believe in creating long term relationships between clients and consultants that foster a mutually beneficial partnership. Affinity is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All employment is decided on the basis of qualifications, merit and business need.
For more information on Affinity, please visit www.affinity-group.ca
Job Number: 13582