Senior Manager, Threat Intelligence & Security Operations

We are seeking a Senior Manager, Threat Intelligence & Security Operations to serve as McKinstry’s senior owner of threat intelligence, threat hunting, and security operations. This critical, senior‑level position will direct the full threat lifecycle, from adversary intelligence collection and proactive threat hunting through incident response, SOC leadership, and post‑incident remediation. This role owns the question “are we ahead of the threat?” While the CISO sets vision and engages at the board and executive level, the Senior Manager, Threat Intelligence & Security Operations ensures McKinstry is operationally prepared: threat intelligence is current and actioned, the SOC is hunting and detecting with precision, incidents are managed with discipline, and the tooling and governance that underpin it all are continuously improving. This role is ideal for a seasoned threat and operations leader who combines the analytical depth of a senior threat hunter with the organizational skills of a people leader and who is ready to own one of the most consequential security functions in a growing, complex organization. In this role, you will: Own McKinstry’s threat intelligence program — ingesting, operationalizing, and briefing leadership on adversary activity relevant to our business and industry. Lead proactive threat hunting across endpoint, network, cloud, and identity environments, converting findings into durable detections. Direct and develop the Security Operations Center (SOC), holding the team accountable to high‑quality detection, triage, and response outcomes. Serve as the senior technical lead during major security incidents, coordinating response across Legal, HR, Communications, and executive leadership in real time with the CISO. Own the security tooling stack and drive continuous improvement across SIEM, EDR, SOAR, and threat intelligence platforms. Key Responsibilities Strategic Security Leadership & Executive Partnership Partner with the CISO to shape McKinstry’s threat management strategy, ensuring intelligence and operations programs are aligned to organizational risk priorities. Represent the threat and operations function in cross‑functional leadership forums, steering committees, and executive‑level discussions. Step in as the security operations lead when the CISO is unavailable, with authority to make operational and escalation decisions on behalf of the security organization. Contribute to board‑level security reporting, including updates on threat posture, incident trends, SOC performance, and detection maturity. Translate McKinstry’s business objectives and growth initiatives into threat‑informed risk assessments and security investment priorities. Core Domains of Responsibility Threat Intelligence & Adversary Profiling Build and maintain a mature threat intelligence program, ingesting and operationalizing feeds from OSINT, commercial, and government sources. Develop and maintain adversary profiles mapped to the MITRE ATT&CK framework, with prioritization based on industry relevance and organizational exposure. Deliver timely, actionable threat intelligence briefings to the CISO, Senior Leadership, and relevant technical teams. Monitor the evolving threat landscape (ransomware groups, nation‑state actors, insider threat vectors) and adjust defensive posture accordingly. Proactive Threat Hunting Design, execute, and document structured threat hunting missions across endpoint, network, cloud (Azure), and identity environments. Develop and refine hunting hypotheses grounded in threat intelligence and behavioral analytics. Collaborate with Security Engineering to convert successful hunt findings into automated detections and SIEM correlation rules. Maintain a threat hunting library with documented methodologies, data sources, and outcomes. Security Operations Center (SOC) Leadership Lead and develop the Security Operations Program and team, including hiring, coaching, performance management, and career development. Establish and enforce operational standards for alert triage, escalation, and incident handling workflows. Drive continuous reduction in mean time to detect (MTTD) and mean time to respond (MTTR) through process improvement and automation. Manage shift coverage, on‑call rotations, and ensure 24/7 operational readiness. Incident Response & Crisis Management Serve as the senior technical lead and decision‑maker during major security incidents and breach events working real time with the CISO. Own and continuously improve incident response playbooks, runbooks, and post‑incident review processes. Coordinate with the key partners and stakeholders including CISO, Legal, HR, Communications, and executive leadership during high‑severity incidents. Partner with external IR vendors and MSSP relationships as needed. Security Tooling, Governance & Engagement Own operational responsibility for the security platform stack (SIEM, EDR, SOAR, TIP, vulnerability management) and drive integration and automation initiatives. Collaborate with Senior Leadership to communicate threat risk, operational security status, and investment priorities. Support compliance, audit, and governance activities aligned to NIST, ISO 27001, SOC 2, and applicable regulatory frameworks. Contribute to the broader security roadmap in partnership with the CISO and Security Engineering teams. What You Need to Succeed at McKinstry You don’t need to check every box below. We value significant relevant experience and encourage applicants who meet several of the qualifications to also apply. All applications will be reviewed, and the most qualified candidates will be considered for the next steps. Experience 10+ years of experience in cybersecurity, with 7+ years in security operations, threat intelligence, or threat hunting roles. 7+ years in a people‑management or team‑lead capacity within a SOC, CSIRT, or threat management function. Demonstrated experience leading major incident response engagements and managing cross‑functional stakeholder communication during crises. Technical Expertise Deep knowledge of threat intelligence platforms and operationalization (e.g., MISP, Recorded Future, Anomali, or comparable TIPs). Expert‑level proficiency with MITRE ATT&CK framework applied to both threat hunting and detection engineering. Strong hands‑on experience with SIEM, EDR, SOAR platforms (e.g., Microsoft Sentinel, Microsoft Defender, Arctic Wolf, Fortinet, Netwrix). Experience with cloud security operations in hybrid environments — Azure expertise strongly preferred. Proficiency in scripting and automation for hunting and detection use cases (KQL, PowerShell, Python, or Bash). Familiarity with adversarial simulation techniques (red team TTPs, purple team exercises) to validate detection coverage. Governance & Frameworks Working knowledge of NIST CSF, ISO 27001, SOC 2, and applicable regulatory frameworks. Experience with Zero Trust architecture, XDR, Identity Security, and SASE concepts. Certifications (Preferred) CISSP, CISM, or GSOM — required or in progress. GIAC certifications (GCTI, GCIH, GREM, GDAT) highly valued. SANS FOR5xx series or equivalent threat intelligence / hunting coursework a strong plus. Leadership & Communication Proven ability to lead, develop, and retain technical security teams. Excellent executive communication skills — able to translate threat data into business risk language for C‑suite and board‑level audiences. Collaborative, cross‑functional mindset with experience influencing without authority. Some travel required to job sites, vendor meetings, conferences, or client engagements. PeopleFirst Benefits Competitive pay 401(k) with employer match and profit‑sharing plan Paid time off and holidays Comprehensive medical, prescription, dental, and vision with low or zero deductible options and low out of pocket maximums Additional Benefits Family formation benefits, including adoption and IVF assistance Up to 16 weeks paid parental leave Transgender inclusive benefits Commuter benefits Pet insurance Building Good paid community service time Learning and advancement opportunities via McKinstry University McKinstry Moves onsite gyms or reimbursement for remote workers See benefit plan documents for complete details. If you’re driven by our vision to build a thriving planet together, McKinstry is the place to build your career. The pay range for this position is $137,880 - $240,400 per year; however, base pay offered may vary depending on job‑related knowledge, skills, and experience. Base pay information is based on market location. A bonus may be provided as part of the compensation package, in addition to a full range of medical, financial, and/or other benefits, dependent on the position offered. McKinstry group of companies are equal opportunity employers. We are committed to providing equal employment opportunities to all employees and qualified applicants without regard to sex, gender identity, sexual orientation, age, race, color, creed, marital status, national origin, disability, veteran status, genetic information or any other basis protected by law. This policy applies to all terms and conditions of employment including, but not limited to employment, advancement, assignment, and training. This commitment to Equal Employment Opportunity is made equally as a social responsibility and as an economic and business necessity. McKinstry is a drug‑free workplace. Employment is contingent upon successfully passing a pre‑employment drug and alcohol test, complying with the requirements of the Immigration Reform and Control Act and a Confidentiality Agreement, in addition to successful outcomes of background and reference checks. Applicants for this role will only be considered if they possess current US Work Authorization, and do not require employer‑sponsored VISA support to begin or remain in this role. #J-18808-Ljbffr International Executive Service Corps