Corporate Security Operations Manager
Join Onebrief: Securing the Future of Military Collaboration
At Onebrief, we're not just building software; we're empowering military staffs to achieve superhuman efficiency. Our AI-powered collaboration platform transforms complex workflows, making teams faster, smarter, and more effective in critical operations. We operate with the intensity and camaraderie of an Olympic team, driven by a shared commitment to ownership, excellence, and winning.
Founded in 2019 by experienced planners, Onebrief is an all-remote company, fostering a diverse team of veterans from across all forces and global organizations, alongside technologists from leading-edge software companies. With over $320M in funding from top-tier investors like Battery Ventures and General Catalyst, and a valuation of $2.15B, we're rapidly growing and making a profound impact where it matters most.
The Mission: Elevate Corporate Security Operations
We are seeking an exceptional Corporate Security Operations Manager to lead our Corporate Security Operations team. This is a critical, strategic role focused on elevating the security posture of our Corporate IT environment and safeguarding our commercial Onebrief infrastructure.
Reporting to our Director of Corporate IT & Security, you will be the driving force behind our detection strategy, monitoring quality, and operational maturity. You'll collaborate closely with our Corporate Security Engineering and GRC teams, balancing hands-on leadership with program-level ownership. This role is about transforming our security operations into a high-performing, measurable, and trusted function.
What You'll Drive Strategic Direction: Own the strategy and maturity roadmap for corporate monitoring, detection engineering, and operational security metrics. Define clear logging standards, detection coverage expectations, and measurable performance indicators for the team. Who You Are Thinking in terms of coverage, quality, and maturity. What We Look For in Your Background Experience: 5–8+ years in security operations, detection engineering, or incident response, including at least 2+ years leading analysts or technical security teams. Security & Privacy Responsibilities Acting as the operational owner of corporate security monitoring and detection capabilities, ensuring consistent and effective oversight of enterprise telemetry. Notice to Third Party Recruitment AgenciesPlease note that Onebrief does not accept unsolicited resumes from recruiters or employment agencies. In the absence of an executed Recruitment Services Agreement, there will be no obligation to any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without an agreement Onebrief explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, shall be deemed the property of Onebrief.
As our Corporate Security Operations Manager, you will be instrumental in ensuring our corporate environment and commercial Onebrief infrastructure are continuously monitored with unparalleled clarity and purpose. Your impact will include:
Team Leadership & Development: Lead, mentor, and develop Corporate Security Operations Analysts and the Corporate Threat Hunter & Detection Analyst. Provide coaching, establish clear performance expectations, deliver structured feedback, remove blockers, and optimize workflows to ensure the team focuses on high-impact work.
Operational Excellence: Continuously raise the bar by improving alert quality, enhancing detection coverage, refining triage workflows, and boosting operational automation. Your efforts will reduce false positives, strengthen telemetry visibility across corporate SaaS and infrastructure, and ensure all monitoring outputs are accurate and defensible.
Cross-Functional Collaboration: Partner closely with Security Engineering, IT, Compliance, and leadership. Ensure monitoring strategies effectively support configuration baselines, vulnerability management efforts, and critical regulatory commitments. Provide clear, actionable insights during incident investigations and ongoing risk discussions.
Process & Standard Creation: Establish consistent operational rhythms for reporting, detection reviews, and after-action analysis. Maintain structured documentation, metric reporting, and continuous improvement processes that systematically strengthen operational maturity.
You are a seasoned and steady security operations leader who understands that effective monitoring prioritizes clarity, consistency, and measurable outcomes over mere alert volume. You have a proven track record of leading analysts or detection engineers, building accountability, and fostering high-performing teams without creating friction. You're adept at improving processes, tuning detections, and raising operational standards while keeping your team focused on high-signal work.
Your expertise spans across:
A deep understanding of how SIEM, EDR, identity telemetry, and SaaS logs integrate to provide comprehensive enterprise visibility.
Translating complex operational metrics into meaningful, defensible insights for leadership and compliance stakeholders.
Maintaining composure under pressure, demonstrating thoughtful decision-making, and adhering to disciplined documentation and follow-through.
Valuing structure, continuous improvement, and defensible evidence. You understand how corporate monitoring supports rigorous frameworks like CMMC 2.0 and NIST 800-53, and you take pride in running an operation that is reliable, audit-ready, and aligned with organizational risk tolerance.
Platform Expertise: Hands-on experience with SIEM and EDR platforms, encompassing alert tuning, dashboard creation, and detection optimization.
Impactful Improvement: Demonstrated ability to enhance monitoring quality by significantly reducing false positives and increasing meaningful detection coverage.
Metric-Driven Leadership: Experience defining and tracking key operational metrics (e.g., MTTD, MTTR, alert fidelity, detection coverage) and presenting compelling results to leadership.
Telemetry Acumen: Strong understanding of enterprise logging across endpoints, identity providers, SaaS platforms, and cloud environments.
Regulatory Awareness: Familiarity with regulated environments (e.g., CMMC 2.0, NIST 800-53, SOC 2, or similar frameworks) and the pivotal role monitoring plays in audit defensibility.
Incident Response Support: Experience supporting incident investigations in coordination with internal stakeholders and external DFIR partners.
Process & Documentation Guru: Proven ability to build structured workflows, establish robust documentation standards, and implement repeatable operational processes.
Communication Skills: Strong communication skills, with the ability to translate technical operational data into clear, concise risk narratives for diverse audiences.
Leadership Qualities: Sound judgment, a steady leadership presence, and the ability to effectively balance day-to-day operational execution with long-term program improvement.
In this role, you will uphold the highest standards of security and privacy by:
Ensuring protection of the confidentiality, integrity, and availability of corporate systems and data through continuous monitoring and validated detection coverage.
Ensuring privacy-impacting security events are identified, documented, and escalated in coordination with Legal, Compliance, and executive leadership.
Ensuring logs, alerts, investigative artifacts, and operational metrics are accurate, access-controlled, and retained in accordance with policy and regulatory requirements.
Enforcing principles of least privilege, segregation of duties, and monitoring of privileged activity within corporate systems.
Ensuring analysts follow established data handling, evidence preservation, and documentation standards during investigations.
Participating in risk evaluation and escalation discussions, providing operational insight into detection gaps or control weaknesses.
Maintaining alignment between corporate security operations, regulatory commitments (e.g., CMMC 2.0, NIST 800-53), and organizational privacy obligations.