First Horizon National Corporation

Security Operations Manager

Finance & Insurance
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 10+ years in cybersecurity across multiple domains
  • 3-5+ years leading multi-disciplinary security teams
  • Proven ability to reduce attack surface and improve detection speed
  • Deep understanding of application security and threat detection
  • Comfortable presenting to and influencing executives
  • Experience in large banks preferred, adaptable to smaller environments

Responsibilities

  • Manage a multi-discipline security team focusing on threat detection and vulnerability management
  • Act as escalation point for major cyber issues
  • Oversee SAST, DAST, and manual testing programs
  • Drive integration of security practices in development pipelines
  • Own and improve detection-focused security outcomes
  • Ensure comprehensive penetration testing coverage and actionable findings
  • Integrate AppSec and vulnerability data for risk-based prioritization

Benefits

  • Medical with wellness incentives, dental, and vision
  • HSA with company match
  • Maternity and parental leave
  • Tuition reimbursement
  • Mentor program
  • 401(k) with 6% match
Full Job Description
No Sponsorship will be provided for this role.

Location: On Site at location listed in posting

Weekly Schedule: Monday- Friday, 9am-5pm

The Security Operations Manager leads a multi-discipline security team covering application security, threat detection, vulnerability management, red/purple team activities, and security automation, with a heavy emphasis on detection, readiness, and real-world risk reduction.

The role is at the intersection of secure development, threat detection, and operational maturity within a large, multi-cloud online banking environment. Large-bank experience is preferred.

What the Manager Owns
  • People leadership for a multi-discipline cyber team (6 to 12 direct reports)
  • Threat detection
  • Penetration testing readiness and follow-through
  • Red / blue / purple team integration
  • Reducing enterprise attack surface

Key Responsibilities

Leadership & Team Management
  • Manage and develop a team of security professionals across vulnerability management, threat detection & threat intelligence, red/purple team disciplines, and security automation
  • Act as the escalation point for high-risk or high-impact cyber issues

Application Security
  • Oversee SAST, DAST, SCA, manual testing, and penetration testing programs
  • Drive shift-left AppSec - IDE scanning, CI/CD integration, and secure coding practices
  • Reduce testing cycles and downstream findings by improving early detection
  • Operate tool-agnostic (e.g., Veracode, Invicti, Burp)
  • Ensure AppSec supports modern cloud-native and DevOps environments
  • Build trusted relationships with Shadow IT owners, and progressively align with security tooling, testing, and IT security practices.

Threat Detection & Purple Teaming
  • Own detection-focused security outcomes, not just vulnerability reporting
  • Work closely with SOC and IR teams to improve detection signals
  • Use pen-test and red-team insights to strengthen blue-team defenses
  • Apply purple-team thinking to close gaps between offense and defense

Penetration Testing & Offensive Readiness
  • Ensure strong internal and third-party penetration testing coverage
  • Validate that findings are meaningful, prioritized, and remediated
  • Use offensive testing to drive real defensive improvements

Vulnerability & Configuration Risk Reduction
  • Oversee vulnerability and configuration management programs
  • Maintain hardening standards, baselines, and remediation tracking
  • Reduce enterprise attack surface across cloud, applications, and infrastructure
  • Integrate AppSec, pen-test, and vulnerability data into risk-based prioritization

Environment & Scope
  • Multi-cloud environment
  • High-availability online banking systems
  • Highly regulated financial services setting
  • Heavy collaboration with engineering, cloud, risk, and executive leaders

Required Experience
  • 10+ years in cybersecurity spanning AppSec, threat detection, incident response, and vulnerability management
  • 3-5+ years leading multi-disciplinary security teams
  • Demonstrated success reducing attack surface and improving detection speed
  • Strong understanding of application security; threat detection & response; penetration testing & adversary simulation; and CI/CD and cloud-native environments
  • Comfortable presenting to and influencing executives
  • Large-bank experience preferred, with the adaptability to thrive in a smaller-bank environment

Benefit Highlights
• Medical with wellness incentives, dental, and vision
• HSA with company match
• Maternity and parental leave
• Tuition reimbursement
• Mentor program
• 401(k) with 6% match
• More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits

About First Horizon National Corporation

First Horizon National Corporation is a bank holding company headquartered in Memphis, Tennessee. First Horizon National Corporation operates as a financial services company, providing banking services, wealth management, and capital markets services. First Horizon National Corporation operates through its subsidiary, First Horizon Bank, which has locations in Tennessee, North Carolina, South Carolina, Virginia, Mississippi, Georgia, and Florida. First Horizon National Corporation is committed to providing high-quality financial services to its customers and to supporting the communities in which it operates.
Learn more about First Horizon National Corporation
Size
7,676 employees
Market Cap
$13.1 billion
Industry
Net Income
$845 million
5 Year Trend
+21.4%
NASDAQ

Similar Jobs

More Jobs at First Horizon National Corporation

More Finance & Insurance Jobs

Find similar Security Operations Manager jobs: