JOB SUMMARY: We are seeking an experienced SOC Manager to lead our internal security operations team and coordinate closely with our third-party 24/7 Managed Security Services Provider (MSSP). The SOC Manager will be responsible for overseeing Tier 2/3 incident response, maintaining strong day-to-day SOC processes, mentoring a team of security analysts, and driving continuous improvements in our detection, response, and threat-hunting capabilities. This role reports to the Director of Security Operations. JOB ROLES AND RESPONSIBILITIES: 1. SOC Leadership & Management
2. Oversee the daily operations of the Security Operations Center, including all incident escalations from the MSSP’s and other security alerts and tickets.
3. Lead and mentor a small team of security analysts, fostering a culture of collaboration and continuous learning.
4. Manage SOC staffing, training, and shift schedules (if applicable), ensuring appropriate coverage for critical alerts and incidents.
5. Incident Response & Escalation
6. Serve as the primary point of contact for all security incident escalations, working with the MSSP, internal analysts, and other stakeholders to contain and remediate threats.
7. Provide technical and procedural guidance during high-severity incidents, escalating to the Director of Security Operations or other executive leadership as needed.
8. Coordinate incident response activities with cross-functional teams (e.g., Technology, Legal, Talent, Marketing and Communications) to ensure timely containment and thorough root-cause analysis.
9. SOC Processes, Playbooks, and Documentation
10. Develop, maintain, and continuously improve SOC processes, runbooks, and incident response playbooks.
11. Ensure that the SOC meets defined service-level objectives for detection, escalation, and response times.
12. Work with GRC (Governance, Risk & Compliance) to ensure alignment with regulatory requirements, internal security policies, and audit standards.
13. Collaboration with Third-Party MSSP
14. Act as the primary liaison with the external 24/7 MSSP handling Tier 1 monitoring, ensuring clear escalation paths and well-defined SLAs.
15. Conduct regular service reviews with the MSSP, analyze performance metrics, and drive improvements to reduce false positives and enhance detection accuracy.
16. Detection & Threat Hunting Enhancement
17. Partner with internal detection engineers and threat intel/hunting resources to refine alerting logic and create new detection rules for emerging threats.
18. Champion the use of data analytics, automation, and playbook orchestration (e.g., via SOAR) to improve efficiency and reduce manual workloads.
19. Facilitate purple-team exercises or threat-hunting initiatives, ensuring that lessons learned translate into updated SOC processes and detection coverage.
20. Team Development & Training
21. Recruit, onboard, and develop talented security analysts, providing regular feedback and career growth opportunities.
22. Coordinate training sessions, tabletop exercises, and ongoing education to keep the SOC team current with evolving threats and technologies.
23. Foster a positive and collaborative environment that emphasizes knowledge-sharing, innovation, and continuous improvement.
24. Reporting & Metrics
25. Track and report on SOC KPIs and metrics (e.g., mean time to detect, mean time to respond, alert volumes, incident trends) to the Director of Security Operations and executive leadership.
26. Develop dashboards or reports that highlight SOC effectiveness, coverage gaps, and recommended improvements.
27. Provide budget recommendations for new tools, training, or staff needs based on data-driven insights.
28. Select, develop, and evaluate staff to ensure the efficient operation of department.
29. Collaborate, coordinate, and communicate across disciplines and departments.
30. Ensure compliance with HIPAA regulations and requirements.
31. Demonstrate Company’s Core Competencies and values held within.
32. Please note due to the exposure of PHI sensitive data — this role is considered to be a High Risk Role.
33. The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary. JOB SCOPE:
Opportunity to shape and mature our SOC processes as part of a growing security program. A collaborative environment with cross-functional teams (GRC, Security Engineering, IAM) and executive support for cybersecurity initiatives.Ongoing professional development through industry conferences, training programs, and certifications. This is a people management job with authority for all HR actions (hiring, firing, discipline, training, etc.) COMPENSATION:
The salary range for this position is 125k-150k. Specific offers take into account a candidate’s education, experience and skills, as well as the candidate’s work location and internal equity. This position is also eligible for health insurance, 401k and bonus opportunity. Qualifications
JOB REQUIREMENTS (Education, Experience, and Training): * 5+ years of experience in cybersecurity, with at least 2+ years in a SOC or incident response leadership role.
* Demonstrated expertise in security incident handling and leading or coordinating technical response teams.
* Solid understanding of SIEM, EDR, firewall, and other security technologies, as well as common threat actor tactics (MITRE ATT&CK, etc.).
* Experience interfacing with managed detection and response (MDR) / managed security service providers (MSSPs) or external SOC partners.
* Strong knowledge of incident response frameworks, best practices, and relevant regulatory/compliance standards (e.g., HITRUST, HIPAA, SOC2, SOC1, SOX, NYDFS, etc.).
* Excellent leadership, communication, and collaboration skills–must be able to coordinate effectively with technical teams, senior management, and third-party vendors.
* Relevant certifications (e.g., CISSP, GCIH, GCFE, GCIA, GNFA, or equivalent).
* Hands-on experience with SOAR platforms and automation of security workflows.
* Familiarity with cloud platforms (AWS, Azure, GCP, OCI) and associated security tools.
* Experience conducting or guiding threat hunting and purple-team exercises.
BENEFITS
We realize that our employees are instrumental to our success, and we reward them accordingly with very competitive compensation and benefits packages, an incentive bonus program, as well as recognition and awards programs. Our work environment is friendly and supportive, and we offer flexible schedules whenever possible, as well as a wide range of live and web-based professional development and educational programs to prepare you for advancement opportunities.
Your benefits will include:
- Medical, dental and vision coverage with low deductible & copay
- Life insurance
- Short and long-term disability
- Paid Parental Leave
- 401(k) + match
- Employee Stock Purchase Plan
- Generous Paid Time Off – accrued based on years of service
- WA Candidates: the accrual rate is 4.61 hours every other week for the first two years of tenure before increasing with additional years of service
- 10 paid company holidays
- Tuition reimbursement
- Flexible Spending Account
- Employee Assistance Program
- Sick time benefits – for eligible employees, one hour of sick time for every 30 hours worked, up to a maximum accrual of 40 hours per calendar year, unless the laws of the state in which the employee is located provide for more generous sick time benefits
EEO STATEMENT
Claritev is an Equal Opportunity Employer and complies with all applicable laws and regulations. Qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability or protected veteran status. If you would like more information on your EEO rights under the law, please click here.
#LI-AS1
APPLICATION DEADLINE
We will generally accept applications for at least 15 calendar days from the posting date or as long as the job remains posted.
