Security Operations Center Manager

Neptune Technology Group Inc.

is a technology company serving water utilities across North America.  Since 1892, we have continually focused on the evolving needs of water utilities – revenue optimization, operational efficiencies, and improved customer service.  With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers – so they can remain focused on the business of water.

For additional information, please visit the company website at www.neptunetg.com.

Security Operations Center (SOC) Manager

Position Summary

Neptune is maturing a 24×7 cybersecurity program across a hybrid environment (on-prem, cloud, SaaS).

We need a proactive leader to own Incident Response and SOC operations, manage SIEM performance, and ensure timely reporting to our parent company.

This role is critical for reducing MTTD/MTTR, strengthening detection capabilities, and driving audit readiness.

Key Responsibilities:

Incident Response & Management


* Lead the full IR lifecycle: detection, triage (L2–L3), containment, eradication, recovery, and post-mortems


* Coordinate forensic investigations and run tabletop, blue/red/purple team exercises


* Maintain and execute documented playbooks for rapid response

Threat Detection & Monitoring


* Oversee 24×7 alerting and escalation model with MSSP and internal teams


* Implement anomaly detection and access monitoring across endpoints, networks, and cloud

SIEM & Security Logging


* Manage SIEM (Google SecOps/Chronicle) including detection engineering, log health, and tuning


* Develop repeatable SOAR playbooks and automation workflows

Identity & Access Management


* Ensure robust IAM lifecycle processes and enforce least privilege principles


* Integrate anomaly detection for identity-related threats

Threat Intelligence & Modeling


* Incorporate threat intelligence feeds into detection and response workflows


* Conduct threat modeling exercises to anticipate and mitigate risks

Security Automation & Orchestration


* Drive automation for repetitive tasks and incident workflows


* Optimize orchestration between SIEM, EDR, and SOAR platforms

Reporting & Metrics


* Own the incident reporting process to Neptune’s parent company


* Deliver actionable metrics on detection, response, and operational performance

Secure Architecture & Zero Trust


* Partner with engineering to embed secure-by-design principles


* Implement zero trust segmentation and hardening based on incident learnings

 

Relevant Platforms (experience with several is expected):


* SIEM/SecOps: e.g.

Google SecOps (Chronicle)


* EDR & Identity: e.g.

CrowdStrike, Microsoft AD/Entra


* Network Security: e.g.

FortiGate NGFW, FortiSASE


* Secure Browsing: e.g.

Prisma


* Patching & Config: e.g.

Automox


* Secrets Management: e.g.

Keeper


* Asset Management: e.g.

Axonius, Cyclops


* Email & Dat...