This job has closed.

Deseret Mutual Benefit Administrators (DMBA) · 22 hours ago

Information Security SOC Manager

Salt Lake City,UT,US

Full-time

Hybrid

Senior Level

7+ years exp

Deseret Mutual Benefit Administrators (DMBA) is looking for an Information Security SOC Manager to join their Information Security Team. This role will oversee the security operations center and identity and access management, ensuring effective implementation and management of security protocols and compliance with regulatory frameworks.

Financial ServicesInsuranceNon Profit

Comp. & Benefits

Responsibilities

Oversee the day-to-day operations of the security operations center including baselining, performance metrics, reporting, team development, tool evaluation, and incident investigation and escalation

Oversee the day-to-day operations of the identity and access management strategy including performance metrics, reporting, team development, tool evaluation, and other identity governance initiatives

Maintain and optimize SIEM, SOAR, EDR, and vulnerability management tools

Develop, test, and refine incident response playbooks and escalation procedures

Drive threat hunting, intelligence integration, and proactive detection initiatives

Participate in the selection of new technologies and solutions to address gaps in the SOC and IAM strategy

Partner with IT and business teams to implement various security technologies in alignment with a multi-year information security framework

Oversee IAM lifecycle processes including provisioning, de-provisioning, role-based access control (RBAC), privileged access management (PAM), and multi-factor authentication (MFA)

Ensure compliance with identity governance policies and regulatory frameworks (HIPAA, HITRUST, SOC 2, NIST, ISO 27001)

Partner with HR, IT, and application owners to streamline identity processes and enforce least privilege and zero-trust principles

Manage IAM platforms (e.g., Microsoft Entra, Okta, CrowdStrike Identity Threat Protection, CyberArk, etc.) and support integration with enterprise applications

Lead various security initiatives and projects to address gaps and continuously improve security operations

Support the development of policy, risk management, and compliance requirements by applying technical expertise

Evaluate and consult with IT and business teams on new and emergent technologies to support innovation while appropriately managing risk

Review latest threat intelligence for emergent threat actors and vectors to improve and respond to imminent threats

Lead, mentor, and develop a team of SOC analysts/engineers and IAM engineers

Collaborate with compliance, risk, and IT teams to ensure security operations and identity practices meet audit and regulatory requirements

Contribute to strategic planning for security architecture, risk management, and zero-trust initiatives

Provide executive reporting on security posture, IAM metrics, and incident response readiness

Prioritize team tasks and evaluate the performance of team members, tooling, and operational efficiency

Be an active participant in building the Information security program by evaluating and suggesting new solutions and ideas and championing the information security program

Qualification

CISMCISSPInformation SecuritySecurity FrameworksIAM ManagementSIEMCloud SecurityTechnical LeadershipTeam DevelopmentBusiness CommunicationProject ManagementCollaboration

Required

4-year Bachelor's degree or Master's degree (preferred)

7-10 years of technical IT and information security experience

1-3 years of technical leadership or mentoring experience

CISM, GIAC, CISSP, OSCP, Microsoft Engineer, Microsoft Architect, AWS Security, or equivalent information security training and expertise

Strong understanding of information security best practices and security frameworks (NIST CSF, ISO 27001, ISO27005, CIS Controls, HITRUST, etc.)

Experience with HIPAA, DOL Information security best practices, international, federal, and state privacy laws

Deep knowledge of databases, common operating systems (Windows/Linux), networking, application, and cloud environments

Deep knowledge of security solutions (SIEM, SOAR, Firewall, WAF, Vulnerability Scanning, XDR, endpoint, PAM, etc.)

Experience with Microsoft 365, Palo Alto, AWS, and other common platforms and technologies

Experience with multi-year control framework implementations

Preferred

Ability to work with various IT and Business teams to address sensitive topics and risk

Strong management and business communication skills

Deep technical understanding and ability to apply it to complex technical and business solutions

Expertise in project management and prioritization

Strong collaboration and team development skills

Highly motivated team player with a desire to improve the information security program

Work in a hybrid remote work and office work environment

Benefits

Rich medical, vision and dental benefits with low premiums. One of the top health plans in Utah

Rich retirement planning: including 401(k) company match, 8% EDRC Employer Discretionary Retirement Contribution (we just give you free money for retirement), life insurance, and full service Financial Planners onsite at no cost

Generous paid leave plan that starts accruing your first day, your birthday off, additional sick leave and 12 paid holidays

Award winning wellness program with health coaching, ability to earn 3 additional days off a year, fun activities and an onsite gym.

Tuition reimbursement

Career development through company sponsored programs and over 5000 on-demand online training courses.

Hybrid work schedules available depending on position

Employee Assistance Program