SailPoint is the leader in identity security for the cloud enterprise. Our identity security solutions secure and enable thousands of companies worldwide, giving our customers unmatched visibility into the entirety of their digital workforce, ensuring workers have the right access to do their job - no more, no less.
SailPoint's Cybersecurity organization is seeking a Security Operations Center Manager with a passion for cybersecurity and protecting the organization. The successful candidate will lead our security operations center and an existing team of analysts who are charged with keeping our enterprise secure.
We're seeking a leader with proven technical capabilities who is willing to split their time between hands on keyboard and achieving results through others. Our new SOC manager will embrace the opportunity to work across diverse platforms with a variety of tools and will play a key role as we continually improve our capabilities over time. They'll work through all dimensions of cybersecurity - people, process, and technology - to achieve our objectives.
Our new SOC manager will join a new but capable team of both emerging and established talent. They'll have the opportunity to shape our future through process and technology optimization, capability acquisition and development, and maturation of our existing activities. They'll already be comfortable with the 4 I's at SailPoint (individual, Impact, Innovation, and Integrity) even if they're new to the concept. They will embrace new challenges and will be a positive contributor to an already positive work culture and environment.
This is a challenging and impactful role where you will have the opportunity to work with both internal and external stakeholders and be directly responsible for delivering a comprehensive Security Operations program.
Responsibilities:

• Lead an in-house team of analysts throughout the detection, response and recovery lifecycle for the SailPoint enterprise. Provide technical leadership and well as professional development and career guidance and support.
• Partner closely with Architecture/Engineering, Product Development and others to define and maintain an effective Security Operations technology stack.
• Lead the team's effort to discover and remediate threats quickly and effectively.
• Build relationships across organizational boundaries to ensure the smooth functioning of critical activities during moments of crisis.
• Build and manage an excellent team of analysts and support them throughout their tenure as SailPoint crew members. Foster a culture of innovation and inclusivity.
• Responsible for the strategic direction for security operations in coordination with the objectives of peer business units and teams.
• Develop and refine supporting processes for all SOC activities, including standard operating procedures and playbooks.
• Communicate clearly, concisely, and timely to a variety of stakeholders on both urgent and routine matters.
• Identify, track, and report on relevant metrics to measure the efficiency and effectiveness of the IT Security program.
• Serves as the senior escalation point for incidents and investigations.
• Be available for occasional escalations after hours and on-call pager duty.

Requirements:

• Due to the nature of this role's responsibilities and FedRAMP access requirements, U.S. citizenship and U.S. residency is a requirement.
• 7+ years of work experience in security operations, including at least 3 years in leadership roles.
• Excellent project management skills, accomplishing complex tasks and objectives through collaboration with and management of others.
• A thorough understanding of complex enterprise systems. Use knowledge of the current IT environment and industry trends to identify issues.
• Top notch written and verbal communication skills in communications with subordinates, peers, and leadership.
• Analytical expertise, close attention to detail, critical thinking, logic, and a solution orientation and to learn and adapt quickly.
• Experience creating and maintaining a staffing strategy, efficient assignment/service management, and monthly metrics/reporting.
• Complex decision-making skills, with an ability to clearly convey the relative costs and benefits of potential actions and a recommendation.
• Possess experience and successful results leveraging multiple of the following technologies:
  • Network Security Monitoring (Palo Alto, Fidelis, NetWitness, Cisco, WireShark, Snort, Security Onion, etc.)
  • Endpoint Detection and Response (Cortex XDR, Crowdstrike, Cylance, Carbon Black, etc.)
  • SIEMs (Splunk, SumoLogic, Devo, InsightIDR, QRadar, etc.)
  • Security Orchestration, Automation, and Response (Demisto/Cortex XSOAR, Phantom, Siemplify, etc.)
  • Cloud Service Provider IaaS and PaaS (AWS, Azure or GCP)
  • Service Management & Ticketing (Jira, ServiceNow, Zendesk or similar)
  • Vulnerability Scanning (Tenable, Qualys, Nessus, Nexpose, etc.)
  • Investigation and Research Tools (Virus Total, Shodan, etc.)
  • Email Security (ProofPoint, FortiMail, Barracuda, etc.)
• Experience innovating to find creative solutions that balance the needs of the business with the needs of security.

Preferred:

• Bachelor's degree in Computer Science, IT Security, Information Systems, Engineering, or related field
• Relevant certifications
• Experience with compliance and regulatory frameworks such as FedRAMP, ISO27001, SOC2, SOX, GDPR.
• Experience in managing or leading a SOC or MSSP environment
• Project Management training/certification

This role reports directly to the Senior Director of Cybersecurity Operations and can be remote or based in Austin, TX.
SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.