Description
Schedule :Monday - Friday (40 hrs/wk)8:00 AM - 5:00 PM
Department: IT General - 210
Primary Purpose :
The SOC Manager at ARUP Laboratories leads the Enterprise Security Operations Center (SOC), overseeing the SOC, SOC Analysts and Operations, Incident Response (IR), Cybersecurity Security Event and Incident Monitoring (SEIM) Engineering, Threat Intelligence, and Threat Hunting. This role is responsible for overseeing day-to-day SOC operations and developing and executing a comprehensive SOC implementation plan aligned with ARUP's Cybersecurity Strategy and regulatory requirements. The SOC Manager reports to the ARUP Chief Information Security Officer (CISO).
Disclosure Statement:
Please note that, depending on the candidate pool, department needs, and other relevant factors, we may also consider candidates who meet the requirements for the Supervisor role in addition to those applying for the Manager position. We encourage all applicants to review the Supervisor requirements, which are also listed in this posting to determine if you qualify for consideration under either set of criteria.
SOC Supervisor Minimum Requirements
Bachelor's degree in Cybersecurity, Information Technology, or related field
5+ years of experience in cybersecurity, with at least 2 years in a SOC leadership role
Strong understanding of security frameworks (e.g., NIST, MITRE ATT&CK)
Experience with SIEM platforms (e.g., Splunk, QRadar, Sentinel, ELK,)
Experience with EDR solutions (e.g., Defender, Crowdstrike)
Excellent communication, analytical, and problem-solving skills.
Deep knowledge of NIST, ISO/IEC 27001, HITRUST frameworks.
Preferred Qualifications
Relevant certifications (e.g., CISSP, CISM, CEH, CND, GCIA, GCIH)
Experience in healthcare or laboratory environments preferred
About ARUP :
ARUP Laboratories is a national clinical and anatomic pathology reference laboratory and an enterprise of the University of Utah and its Department of Pathology. Based in Salt Lake City, Utah.
ARUP proudly hires top talent to create a work environment of diversity, professional growth and continuous development. Our workforce is committed to the important service we provide to over one million patients each month. We always strive for excellence and have a strong desire to have involvement with the advances in medicine and the role laboratory services plays within each patient's life. We never forget that there is a patient behind every specimen we receive.
We are looking for individuals who want to contribute to ARUP's culture of accountability, integrity, service, and excellence. Consider joining our dynamic team.
Essential Functions :
Lead and mentor SOC analysts across multiple shifts.
Develop training programs and career paths for SOC staff.
Manage staffing, scheduling, and performance evaluations.
Supervise multidisciplinary teams and provide technical guidance.
Plan and assign tasks, evaluate performance, and manage personnel actions.
Promote training and development aligned with organizational needs.
Coordinate cross functional projects and ensure integration with enterprise systems
Oversee real time monitoring of security events and alerts.
Coordinate and lead incident response efforts.
Ensure proper documentation and post incident reviews.
Lead incident response efforts and forensic investigations.
Utilize cybersecurity tools for real time alert analysis and system administration across ARUP platforms.
Integrate threat intelligence feeds into SOC operations.
Analyze emerging threats and recommend mitigation strategies.
Collaborate with threat hunting and red team functions.
Manage threat intelligence analysts and support capability development decisions.
Maintain and optimize SIEM, SOAR, IDS/IPS, endpoint protection, and other SOC tools.
Evaluate and recommend new technologies to enhance SOC capabilities.
Oversee SOC infrastructure, sensor tuning, custom signature creation, and tool development.
Develop and maintain SOC playbooks, runbooks, and procedures.
Ensure compliance with regulatory requirements (e.g., GDPR, HIPAA, PCIDSS).
Support audits and risk assessments.
Provide regular reports on SOC performance, incident trends, and threat landscape.
Present findings and recommendations to senior leadership.
Operate within industry, and organizational directives.
Exercise broad latitude in setting priorities and interpreting policy.
Lead peer working groups and represent the organization in strategic planning forums.
Manage diverse specialties including cybersecurity, IT architecture, and intelligence.
Adapt to evolving mission requirements and organizational structures.
Direct long duration, precedent setting assignments with cross functional teams.
Engage with senior leaders across the organization and external partners.
Resolve conflicts and negotiate solutions across departments and teams.
Maintain relationships with key partners in cybersecurity, compliance, and IT operations.
Other duties as assigned.
Physical and Other Requirements :
Stooping: Bending body downward and forward by bending spine at the waist.
Reaching: Extending hand(s) and arm(s) in any direction.
Mobility: The person in this position needs to occasionally move between work sites and inside the office to access file cabinets, office machinery, etc.
Communication: The person in this position will work in a highly collaborative environment which requires frequent, clear, and professional communication with others.
PPE: Biohazard laboratory environment that requires use of personal protective equipment in accordance with CDC and OSHA regulations and company policies.
ARUP Policies and Procedures: To conduct self in compliance with all ARUP Policies and Procedures.
Sedentary Work: Exerting up to 10 pounds of force occasionally and/or negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects.
Fine Motor Control: Picking, pinching, typing or otherwise working on computer equipment.
Vision: Having close, far, and peripheral visual acuity to perform a variety of tasks such as making general observations of depth and distance.
Qualifications
Education
Required
Bachelor's Degree or better in Cybersecurity
Experience
Required
Bachelor's degree in Cybersecurity, Information Technology, or related field
Seven plus (7+) years of experience in cybersecurity, with at least two (2) years in a SOC leadership role
Strong understanding of security frameworks (e.g., NIST, MITRE ATT&CK)
Experience with SIEM platforms (e.g., Splunk, QRadar, Sentinel, ELK,)
Experience with EDR solutions (e.g., Defender, Crowdstrike)
Excellent communication, analytical, and problem-solving skills
Deep knowledge of NIST, ISO/IEC 27001, HITRUST frameworks
Preferred
Relevant certifications (e.g., CISSP, CISM, CEH, CND, GCIA, GCIH)
Experience in healthcare or laboratory environments
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.
