The Information Security Threat Detection and Response team uses advanced technologies like AI-driven threat detection and automated response platforms to monitor and respond to cybersecurity threats in real time. It acts as the hub for defense strategies, security tool integration, and rapid, data-driven decisions to protect the organization’s digital ecosystem. The Senior Manager, Threat Detection and Response will report to the Senior Director, Information Security & Operations. In this role, as a forward-thinking leader, you will be responsible for evolving our Security Operations Center (SOC). This role is critical to our mission of safeguarding patient data, maintaining compliance, and ensuring the resilience of technology systems—through both traditional security operations and the strategic use of automation and AI-based security technologies. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow – personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning.

YOUR KNOWLEDGE AND EXPERIENCE

• Requires a bachelor’s degree or equivalent experience
• Requires at least 10 years prior relevant experience, including 4 years of management experience
• Requires strong knowledge of security operations, incident response, SIEM platforms, and threat detection technologies
• Requires direct experience building and leading a high functioning 24x7 SOC operation, security incident management, and investigations & forensics function
• Familiarity with frameworks such as MITRE ATT&CK, NIST, HIPAA, and CIS Controls
• Requires exceptional communication skills with both technical teams and non-technical stakeholdersIndustry certifications such as CISSP, CISM, GIAC, or equivalent highly desired
• 
  

  LI-EB1

PHYSICAL REQUIREMENTS:

Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.

• Execute information technology strategies, plans, and priorities for a comprehensive information security program
• Create relationships within Blue Shield to understand business requirements and work with them to accomplish those requirements within the security framework
• Manage staff in the planning, design, and support the security technology stack
• Develop and maintain relationships with managers in business unit teams and the IT teams to drive security plans
• Manage and escalate roadblocks that may jeopardize security monitoring operations, infrastructure, and SLAs
• Lead and manage the 24/7 Security Operations Center (SOC), overseeing real-time monitoring, detection, and response to threats
• Integrate and optimize AI-driven threat detection tools, machine learning models, and behavioral analytics to identify anomalies across systems and data
• Develop and maintain automated playbooks for common security incidents to improve response times and reduce analyst fatigue. Continually enhance forensic and investigation capabilities to meet the needs of the organization
• Track and report on performance metrics and KPIs for security operations, automation efficiency, and AI tool effectiveness
• Serve as a security innovation leader, staying ahead of emerging technologies and integrating them into SOC strateg