Job Descriptions

Use this tool to access job descriptions for your next hire. Search by skills or job titles and download the job description to help you get started. Tip: You can use this tool to help ensure your own resume is up-to-date with the latest job requirements.

You may search job titles by skills within selected career category
Information System Security Officer (ISSO)
Chief Information Security Officer (CISO)
Information Security (IS) Auditor
Security Architect
Security Automation Engineer
Secure Software Assessor
Information Systems Security Developer
Operational Technology Systems Analyst
Security Engineer
Supply Chain Security Analyst
Security Testing and Evaluation Specialist
Identity Management & Authentication Support Specialist
Encryption / Key Management Support Specialist
Data Privacy Specialist
Cybersecurity Operations Technician
Cybersecurity Incident Responder
Cybersecurity Malware Specialist
Digital Forensics Analyst
Cybersecurity Operations Analyst
Vulnerability Assessment Analyst
Information Systems Security Manager - Cybersecurity Operations Threat Hunter
Cybersecurity Operational Technology Incident Responder
Penetration Tester
Data Scientist (AI)
Machine Learning Engineer
Computer Vision Engineer
Automation Process Engineer
IT Service Manager
Systems Engineer
Full Stack Developer
Front End Developer
User Interface Designer
User Experience Designer
Software Engineer
Systems Analyst
Data Engineer
Data Scientist (Tech)
Data Analyst
Project Manager
Technical Recruiter
Product Manager
Social Media Manager
Business Analyst
Policy Analyst
Learning and Development Specialist
Architectural Designer
IT Author / Technical Writer
Cognitive Copywriter
Clinical Researcher / Coordinator
Legal Compliance Officer
IT Auditor
Deep Learning Engineer
Robotics Process Analyst
IT Program Manager
IT Procurement Officer
Network and Systems Administrator
Web Developer
Systems Architect
Online/Digital Learning Developer
Human Resources Analyst
Medical Coder/Programmer
Tech Sales and Customer Service
Business Intelligence Analyst
Graphic and Animation Designer
Digital Marketing / Communications

Information Systems Security Manager - Cybersecurity Operations



Job Description

Other titles include:

  • Cyber Security Operations Manager (CSOC)
  • Security Operations (SOC) Manager
  • Cybersecurity Manager
  • Information Systems Security Manager (Cybersecurity Operations)

Note: This role is most commonly found in large or medium-sized organizations.

Reporting relationship

To be completed by the user of this job description as appropriate.

Job purpose / summary

Plans, organizes, directs, controls and evaluates the activities of the cybersecurity operations centre within an organization. Employed throughout the public and private sectors.

Duties and responsibilities

  • Lead and manage SOC personnel including hiring, training, staff development, performance management and conducting annual performance reviews
  • Maintain currency in cybersecurity threat landscape and security technologies
  • Develop and implement an integrated SOC program that meets legislative and organizational requirements
  • Develop and publish SOC governance mechanisms (policies, procedures and guidance)
  • Develop and implement a measurement and quality assurance program
  • Monitor and report on SOC program effectiveness to senior management
  • Monitor and manage relationships with security services and technologies providers
  • Provide strategic assessments on threat landscape, SOC technology trends, and emerging security technologies
  • Seek and interpret threat intelligence based on organizational risks
  • Manage cybersecurity events and incidents within the SOC
  • Provide reports, briefings and risk-based recommendations on routine and non-routine cybersecurity events and incidents including responding to organizational crises (e.g. business systems shut-downs).
  • Lead and facilitate lessons learned, post-mortem and best practices activities on cybersecurity events and incidents
  • Develop and oversee implementation of action plans in support of continuous improvement of cybersecurity posture

Tools and Technologies

  • Incident management processes and procedures
  • Defensive systems including firewalls, anti-virus software and systems, intrusion detection and protection systems, scanners and alarms
  • Security event and incident management systems and/or incident reporting systems and networks,
  • Authentication software and systems,
  • Vulnerability management processes and vulnerability assessment systems including penetration testing if used
  • Security services provided if applicable


Underpinning this occupation are those competencies demonstrated for an activity manager as well as the Information Systems Security Manager within the US NICE Cybersecurity Workforce Framework. Specifically, this work requires:

Basic level of application of the following KSAs:

  • Preventative technical, operational and management controls available and organizational responsibilities for those controls

Advanced level of application of the following KSAs

  • Organizational threats and vulnerabilities including:
    • Cybersecurity threat landscape and adapting SOC processes to meet the evolving threat
    • Vulnerability management requirements and the range of potential mitigations available when a vulnerability management protocol does not exist
  • Defensive systems management including:
    • Firewalls, anti-virus, intrusion detection and protection systems
    • Required manual and automated settings
    • Monitoring, testing and maintenance requirements
  • Developing, implementing, and managing:
    • Incident management processes and policies
    • Incident management responsibilities
    • Incident monitoring and reporting practices in accordance with legislative requirements and organizational policies
    • Post-incident analyses and reports
    • Organizational lessons learned in support of continuous improvement
  • Supplier management (if IT or security services are outsourced):
    • Roles and responsibilities of security controls of supplied services
    • Roles and responsibilities of supplier in incident management and reporting
    • Incident monitoring, assessment and reporting requirements during the life-cycle of the contract
    • Organizational responsibilities in response to a compromise/breach on the part of the supplier
    • Managing supplier communications and relations during a crisis
  • Advising on security requirements, policies, plans and activities
  • Drafting and providing briefings and reports to different audience levels (users, managers, executives)
  • Maintaining broader security situational awareness
  • Self-awareness regarding knowledge, skills and abilities required to respond to business, threat and technical changes.
  • Continuous learning to support currency in knowledge of emerging threats, technological innovations in security, and the changing cybersecurity landscape.

Direct reports (if appropriate)

To be completed by the user of this job description as appropriate


Education. Bachelor’s degree in computer science or related discipline or College diploma in IT field or equivalent training and experience. 


To be completed by the user of this job description as appropriate

Other relevant qualifications.

To be completed by the user of this job description as appropriate

Key Attributes.

To be completed by the user of this job description as appropriate


Significant (5-10 years) experience in IT domain with 3-5 years’ experience in cybersecurity operations or related domain.

Cybersecurity operations training with industry-level certification in related field (e.g. network security, incident handling, threat detection and mitigation, digital forensics).

Security operations team management training or equivalent development and experience.

Training on organization relevant tools and technology that support cybersecurity operations

Typically follows 5 to 10 years in related roles in IT operations or cybersecurity operations or similar employment. This role supports increasing management level responsibilities based on a solid technical foundation in cybersecurity operations or a related work role (e.g. vulnerability assessment & management, digital forensics, cybersecurity analysis).

Working conditions (if required)

If the job requires a person to work in special working conditions this should be stated in the job description. Special working conditions cover a range of circumstances from regular evening and weekend work, shift work, working outdoors, working with challenging clients, and so forth.

Physical requirements (if appropriate)

If the job is physically demanding, this should be stated in the job description. A physically demanding job is one where the incumbent is required to stand for extended periods of time, lift heavy objects on a regular basis, do repetitive tasks with few breaks, and so forth.