[Remote] Manager, Defensive Cyber Operations
Note: The job is a remote job and is open to candidates in USA. Blackbaud is a company that powers social impact through purpose-driven technology and responsible AI. They are seeking a Manager, Defensive Cyber Operations to lead a small team focused on enhancing detection, automation, and incident response capabilities within their security operations center.ResponsibilitiesManage, mentor, and grow a small team of security engineers and analysts focused on detection, response, and automationAct as the primary technical escalation point for highâseverity incidents; lead investigations and response decisionâmakingSet and reinforce quality standards for investigations, detections, automation, documentation, and onâcall readinessEvolve and refine agentic SOC workflows that improve triage speed, consistency, and decision quality through automated enrichment, correlation, and recommended or automated response actionsIterate on existing SOC workflows, converting repeatable analyst effort into safe, reliable automation with clear guardrails, validation, and auditabilityDefine and track operational metrics such as detection coverage, alert fidelity, automation success rates, and MTTD/MTTR improvementsOwn detection engineering outcomes endâtoâend: alert logic, correlation rules, anomaly thresholds, tuning, and continuous improvementMature a detectionâasâengineering operating model, including requirements, testing, rollout, postâdeployment measurement, and documentationDesign, iterate on, and maintain SOAR playbooks for alert enrichment, containment, remediation, and case managementEnhance custom automation, integrations, and enrichment logic to reduce manual analyst effort and improve response consistencyEnsure automation remains resilient, productionâgrade, wellâdocumented, and operationally safe at scaleMature an existing breach & attack simulation capability to continuously validate detection and response effectivenessTranslate BAS findings into prioritized detection, automation, and response improvements on a repeatable cadenceAdvance insider threat detection and response capabilities, including useâcase refinement, signal quality, investigation workflows, and playbooksBalance speed, precision, and appropriate controls while improving investigative consistencySkills5+ years experience leading security operations, detection engineering, incident response, and/or security engineering teams, with direct ownership of operational outcomesStrong handsâon background in intrusion analysis using SIEM/log analytics, packet captures, and investigation toolingProven experience maturing SOAR automation and/or custom tooling to drive repeatable response actionsStrong detection engineering fundamentals, including alert fidelity, correlation, and continuous tuningExperience operating in cloudâfirst environments, with handsâon security detection or response exposure in AWS and AzureComfort operating as both technical leader and people manager in onâcall, realâtime security environmentsExperience iterating on AIâassisted or agentic SOC workflows with measurable operational impactStrong scripting experience (e.g., Python) for automation, integrations, and enrichment logicExperience with breach and attack simulation, purple team exercises, or continuous control validation programsDetection and response experience across AWS and Azure, including cloud-native logs, identity signals, and workload telemetryWorking knowledge of adversary tradecraft and defensive frameworks (e.g., MITRE ATT&CK, NISTâaligned approaches)Security+, CEH, GSEC, CISSP, GCIA, GCIH, GSOC (Equivalent or comparable security engineering, detection, or incident response certifications are welcome.)BenefitsMedical, dental, and vision insuranceRemote-flexible workforceWellness Programs401(k) program with employer matchFlexible paid time offGenerous Parental LeaveDonations for DoersPet insurance, legal and identity protectionTuition reimbursement programCompany OverviewBlackbaud is the worldâs leading provider of AI-powered solutions for social impact. It was founded in 1999, and is headquartered in Charleston, South Carolina, USA, with a workforce of 1001-5000 employees. Its website is http://www.etapestry.com.Company H1B SponsorshipBlackbaud has a track record of offering H1B sponsorships, with 1 in 2026, 5 in 2025, 4 in 2024, 3 in 2023, 15 in 2022, 4 in 2021, 15 in 2020. Please note that this does not guarantee sponsorship for this specific role.