Senior Cybersecurity Operations Manager

- Oversee enterprise cybersecurity operations across on-premises, cloud, and hybrid environments - Direct Microsoft Sentinel SIEM engineering, including advanced KQL query development, analytics, and incident workflows - Design and sustain SOAR automation and playbooks for efficient investigations and responses - Enhance detection quality, minimize alert fatigue, and optimize mean time to resolve/detect - Supervise security measures across endpoint, network, identity, email, and cloud - Act as the senior technical escalation point for complicated alerts and investigations - Maintain operational defense against phishing and other email threats - Define and enhance user-reported email workflows and automation for remediation - Lead the response to email-related security incidents - Continuously refine incident response plans, playbooks, and operational readiness - Conduct investigations of ransomware, insider threats, and targeted attacks - Coordinate response efforts with MSOC partners and internal teams - Facilitate post-incident reviews and implement corrective actions - Spearhead threat hunting initiatives using the MITRE ATT&CK framework - Manage CrowdStrike Falcon operations, including detection and response mechanisms - Oversee Palo Alto Networks NGFW security management - Administer the vulnerability management lifecycle from identification to resolution - Ensure secure configurations across Azure, Entra ID, and Microsoft 365 - Define and enforce identity security protocols and controls - Integrate and optimize security tools and platform functionalities - Mentor cybersecurity engineers and provide technical guidance