Calance is seeking a Security Operations Manager for a 6-12 month contract in Financial Services. This fully remote role involves managing a team of analysts in detection, monitoring, and incident response. Key responsibilities include leveraging SIEM and EDR tools, triaging alerts, and contributing to process improvements.
Key Highlights
Technical Skills Required
Benefits & Perks
Job Description
Security Operations Manager (SecOps)
Santa Ana, CA - Fully Remote
Industry: Financial Services
6 -12 month contract with strong potential to renew
Qualifications
· Hands-on experience with Microsoft Defender (EDR/XDR) and SIEM tools such as Google Chronicle.
· Familiarity with Forcepoint DLP and PhishER platforms desirable.
· Understanding of TCP/IP, Windows/Linux operating systems, and network defense fundamentals.
· Certifications preferred: Security+, CySA+, or GIAC (GCIA/GCIH).
Managing a Team of Analyst in the following areas:
Detection & Monitoring
o Monitor alerts and telemetry from Microsoft Defender, Google Chronicle, Forcepoint, & PhishER platforms.
o Triage events to determine severity, scope, and relevance.
o Correlate alerts across systems to identify patterns of malicious behavior.
o Validate detections and reduce false positives through tuning recommendations.
Incident Response & Escalation
o Perform first- and second-level analysis of potential security incidents.
o Contain or mitigate threats according to established playbooks.
o Escalate complex or high-severity cases to the Security Operations Manager or Mandiant responders.
o Support digital forensics and root cause investigations.
Process & Improvement
o Contribute to SOC documentation, including runbooks, playbooks, and response templates.
o Recommend automation or enrichment workflows using Chronicle or SOAR capabilities.
o Participate in post-incident reviews to enhance detection and response posture.