Security Operations Manager

Seattle City Council

Seattle, WA

JOB DETAILS
SALARY
$62.59–$93.90 Per Hour
SKILLS
Actuals, Alliance/Partner Management, Budgeting, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, Coaching, Communication Skills, Computer Security, Contract Negotiation, Cost Control, Criminal Justice, Diversity, Environmental Impact, Establish Priorities, Federal Bureau of Investigation (FBI), Federal Laws and Regulations, Forecasting, Government Organizations, High Availability, Hunting, Incident Response, Industry/Trade Analysis, Information Technology & Information Systems, Information/Data Security (InfoSec), Intelligence Gathering, Internet Security, Leadership, Local Government, Maintain Compliance, Management of Information Systems/Technology (MIS), Mentoring, Metrics, Network Protocols, Operations Management, Operations Processes, Operations Security (OPSEC), Penetration Testing, Performance Analysis, Performance Metrics, Public Safety, Regulatory Compliance, Risk, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Security Policy, Security Protocols, Staff Development, Staff Policies, Standards Strategy, State Laws and Regulations, Stewardship, Strategic Planning, Team Lead/Manager, Technical Delivery, Technical Leadership, Telemetry, Training Program Development, Vendor/Supplier Evaluation, Vendor/Supplier Relations
LOCATION
Seattle, WA
POSTED
3 days ago

Security Operations Manager

Salary

$62.59 - $93.90 Hourly

Location

Seattle Municipal Tower, 700 5th Ave., Seattle, WA

Job Type

Civil Service Exempt, Regular, Full-time

Remote Employment

Flexible/Hybrid

Job Number

2026-00853

Department

Seattle Information Technology

Opening Date

06/30/2026

Closing Date

7/14/2026 4:00 PM Pacific

  • Description
  • Benefits
  • Questions

Position Description

The City of Seattle is seeking qualified candidates for the position of Security Operations Manager (IT Professional A) in the Seattle Information Technology's (Seattle IT) Security and Infrastructure Division.

Department Overview

The City of Seattle is a leading local government in environmental stewardship and social justice. Our dedicated workforce plays a significant role in shaping a future where all who live, work, and play in our city can thrive.

Seattle Information Technology (Seattle IT) is a trusted partner dedicated to delivering secure, reliable, and responsible technology solutions that help the City provide equitable and effective services to our communities. Our team of more than 600 IT professionals supports a full spectrum of modern enterprise services and offers dynamic career paths with opportunities for growth and development.We're committed to building a workforce that reflects the diversity of the residents we serve. We welcome people of all backgrounds, perspectives, and skills to join our team, because the more diverse we are, the stronger and more innovative our work becomes

Job Responsibilities

Come and apply your extensive skills in cybersecurity leadership at the City of Seattle! We are looking for a dedicated, experienced cybersecurity professional to manage our Security Operations team and guide our cyber defenders in their mission to protect the City's services, data, and systems. Join Seattle IT's fantastic, committed team of IT experts, and together we can achieve great things!

The Security & Infrastructure (S&I) Division within Seattle IT provides the reliable, secure, highly available infrastructure services that the City's technology delivery relies upon. Additionally, S&I provides cybersecurity services for the City's entire IT environment in alignment with the NIST Cybersecurity Framework 2.0, industry standard methodologies, and regulatory expectations. We partner with the rest of Seattle IT to ensure our systems and data are safe, and that we are ready to respond should incidents arise. The work we do directly contributes to the protection of City data and systems, and the availability of the services the city provides to the public.

The Security Operations Manager leads a team of skilled cybersecurity professionals, while driving excellence in the processes and technologies around detection, assessment, response, and resolution of cybersecurity incidents. The position reports to the S&I CISO and partners closely with the cybersecurity risk team, peer cybersecurity teams across City Departments, and peer leaders across Seattle IT to promote and mature security practices and provides effective leadership and staff development for the Security Operations team.

Technical Leadership

  • Manage and lead ongoing improvements in Seattle IT's citywide incident detection and response program, including the development and enhancement of incident response plans, processes, and tools to effectively run the program.
  • Coordinate detection engineering, SIEM/SOAR operations, EDR/XDR/NDR telemetry, forensic investigations, threat intelligence gathering and sharing, enterprise event log collection, and threat hunting activities.
  • Regularly validate the effectiveness of cybersecurity defenses and incident response readiness through measurable metrics, tabletop exercises, red/purple/blue teaming, and other approaches.
  • Lead Security Operations' contribution to the City's vulnerability management program in partnership with peer technical managers and compliance partners, providing operational metrics as needed and supporting a risk-based approach to prioritization of vulnerability remediation.
  • Proactively adapt Security Operations cyber defense capabilities in anticipation of City projects and programs, strategic direction, and industry shifts.
  • Maintain and grow strong operational relationships and processes between Security Operations and security partners across the City's public safety, utility, transportation, and operational technology environments.
  • Assume incident command or other designated roles in cybersecurity incidents as defined by the relevant incident response plan.
  • Regularly review response plans to ensure incident notification reporting requirements for relevant compliance, federal, and state entities are documented and current.
  • Negotiate vendor contracts for a strengthened security posture at an advantageous cost

Strategic Leadership

  • Develop cybersecurity strategic roadmaps that are aligned with larger Seattle IT and City strategic goals and initiatives. Advise senior leadership on issues, challenges, trends, and opportunities, and recommend how those should influence division standard processes and strategies.
  • Provide overall management and coaching of the security operations staff, including developing training programs, setting team objectives and individual expectations, aligning team members for individual and team success, assessing performance, and meeting key performance indicators.
  • Establish and cultivate strong strategic partnerships with City peers and collaborators in cybersecurity risk, privacy, infrastructure, endpoint, identity, applications, operational technology, and other relevant domains. Ensure alignment on security objectives, incident readiness, and roadmaps.
  • Continually evaluate our security vendor and managed service relationships, including managed service providers, for value, service performance, incident coordination, and alignment with strategic roadmaps and industry direction.
  • Maintain awareness of industry trends and developments in cybersecurity and adjacent domains that may impact our environment, and work with the Security Leadership to adjust approaches and roadmaps as needed.
  • Communicate effectively and professionally with all levels of the organization.
  • Lead executive briefings and incident command communications during cybersecurity events, exercises, and readiness reviews, translating technical risk into operational and policy decisions for senior City leadership.
  • Periodically support and advise sister agencies in their cybersecurity practices, protocols and incident response
  • Lead the team in incorporating the City's Race and Social Justice Initiative values and objectives into daily work, programs, and practices.
  • Engage in strategic leadership, partnership, and mutual support with the S&I divisional leadership team and Seattle IT-wide leadership/management bodies and actively represent our leadership values daily.
  • Manage the Security Operations team's annual budget, including forecasting, tracking of actuals, and identification of cost savings and efficiencies.
  • This position may be required to work outside of business hours in response to incident scenarios.

Please note this job advertisement is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Qualifications

NOTE: Equivalent combinations of education and experience will be considered for the required qualifications.

Required Qualifications:

Education:

  • Bachelor's degree or equivalent experience in a technology-related field.

Experience:

  • Seven years' combined experience in information technology, with a significant portion of that time in cybersecurity roles.
  • Five years of managerial experience leading, mentoring, and developing a technical team, with a significant portion of that time being with a cybersecurity-related team.

General knowledge, skills and experience:

  • Advanced knowledge of the various attack tactics, techniques, and practices used by threat actors, as well as networking technologies, protocols, and common security tools.
  • Demonstrated ability to develop, improve, and exercise incident response plans and procedures.
  • Significant experience with cyber incident response.

Additional Requirements

  • Ability to pass Criminal Justice Information Services (CJIS) background check within six months of hire.

Desired Qualifications:

You will be best equipped for this role if you have one or more of the following:

  • Knowledge of a breadth of technical domains, including one or more of servers, identity, cloud, database, and applications.
  • Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification.
  • Experience with red/purple/blue teaming, penetration testing, tabletop exercises, and other forms of assurance of cyber defenses and response readiness.
  • Understanding of federal, state, and regulatory compliance drivers and requirements relevant to municipal governments and utility organizations.
  • Experience leading union-represented staff.
  • Experience successfully handling vendor relationships.

Additional Information

The full salary range for this position is $62.59 - $93.90 per hour.

The targeted salary range for this individual role is up to $92.50 per hour based on experience and skills.

Why work at the City of Seattle?

The City of Seattle recognizes everyone must play a role in ending institutional and structural racism. Our behavior shapes our workplace culture, reflects our personal commitments, and how we fearlessly share our view and encourage others to do the same. We seek employees who will engage in the Race and Social Justice Initiative by working to dismantle racist policies and procedures, unlearn the way things have always been done, and provide fair and accessible processes and services.

Benefits

The City of Seattle offers a comprehensive benefits package including vacation, holiday, and sick leave as well as medical, dental, vision, life and long-term disability insurance for employees and their dependents. More information about employee benefits is available on the City's website at: https://www.seattle.gov/human-resources/benefits/employees-and-covered-family-members/most-employees-plans.

Application & Selections Process

  • A complete NeoGov/GovernmentJobs online application is required. Please include at least 10 years of relevant work history (or more, if applicable), with job duties, employment dates, number of direct reports, and reasons for leaving clearly detailed.
  • Attached resume and cover letter describing your skills and experience in relation to this position.
  • Supplemental questions responses

Your application must include both a resume and a cover letter. Applications submitted without these documents will not be considered.

Please ensure that both documents have been successfully uploaded before submitting your application.

The most competitive candidates will be invited to participate in one or more interviews.

If you have any questions or require a reasonable accommodation to complete any part of the selection process, please contact Julie Hugill at Julie.Hugill@Seattle.gov

Workplace Environment (Telework Expectation):

This position offers flexibility of a hybrid work schedule. Hybrid telework schedules have a minimum requirement of three days onsite per week, which is subject to change at any time at the Mayor's discretion. Individual schedules are based on operational needs and agreement between the employee and their supervisor.

Background Check: This hiring process involves a background check of conviction and arrest records in compliance with Seattle's Fair Chance Employment Ordinance, SMC 14.17. Applicants will be provided an opportunity to explain or correct background information.

Criminal Justice Information Services (CJIS) Check

This position performs essential functions that require CJIS-authorized access to systems, environments, logs, forensic artifacts, security telemetry, or facilities supporting criminal justice operations. Candidates must pass the Seattle Police Department Criminal Justice Information Services (CJIS) background investigation as a condition of employment, and incumbents must maintain that authorization in accordance with applicable FBI CJIS Security Policy personnel security requirements. Inability to obtain or maintain required CJIS authorization may result in the candidate or employee being unable to perform essential functions of the position.

Who may apply: This role is open to all candidates that meet the minimum qualifications. We value different view points and life experiences. Your application will be considered regardless of race, color, creed, national origin, ancestry, sex, marital status, disability, religious or political affiliation, age, sexual orientation, or gender identity. The City encourages people of all backgrounds to apply, including people of color, immigrants, refugees, women, LGBTQ+, people with disabilities, veterans, and those with diverse life experiences.

#LI-FW1

#LI-Hybrid

The City of Seattle offers a comprehensive benefits package including vacation, holiday and sick leave as well as medical, dental, vision, life and long-term disability insurance for employees and their dependents.

More information about employee benefits is available on the Citys website at:

Benefits - Human Resources | seattle.gov

01

Which of the following best describes the number of years of experience in a cybersecurity role?

  • 1-3 years
  • 4-6 years
  • 7+ years

02

How many years of experience do you have leading, mentoring, and developing a technical team?

  • 1-2 years
  • 3-4 years
  • 5+ years

03

Please select the option that best matches your education experience in a technology-related field.

  • Associates degree
  • Bachelor's degree
  • Master's degree
  • I have a degree in a non-technology field.
  • I have relevant experience in lieu of a degree.
  • I do not have a degree, nor the relevant experience required.

04

Please select the option that best matches your experience developing, improving, and exercising incident response plans and procedures?

  • I have led the creation, improvement, and execution of incident response plans in multiple security environments.
  • I have contributed to developing or updating incident response plans and have participated in tabletop or real-world exercises.
  • I have limited experience and have supported others in incident response activities.
  • I have not had direct experience but am eager to learn and develop these skills.

05

I understand that successfully obtaining CJIS certification within six months of employment is a requirement to remain in this role.

  • Yes
  • No

06

To be considered for this position you must attach both a cover letter and resume to your application. Have you attached both a cover letter and resume to your application? NOTE: Even if you have imported your resume directly into the application fields you must still attach it.

  • Yes
  • No

07

At this time, the City is only able to hire candidates who are eligible to work in the United States without visa sponsorship or those who qualify for TN visa eligibility. We are unable to support other visa types (e.g., H-1B, F-1, etc.). If selected, would you be legally authorized to work in the United States without employer sponsorship or through a valid TN visa?

  • Yes
  • No

Required Question

Employer City of Seattle

Address Seattle Municipal Tower

700 5th Avenue, Suite 5500

Seattle, Washington, 98104

Website http://www.seattle.gov/jobs

About the Company

S

Seattle City Council