Job Description

We have an exciting opportunity for a Sr Manager Security Operations & Engineering at UL Research Institutes and UL Standards & Engagement, based in our Evanston, Illinois, office.

The Senior Manager of Security Operations & Engineering leads and strengthens UL Research Institutes (ULRI) and UL Standards & Engagement (ULSE) security operations, ensuring effective prevention, detection, response, and recovery from cyber threats. This role provides strategic and operational oversight across incident response, threat detection, vulnerability management, and security tooling, while aligning efforts with enterprise risk and business goals.

A key partner to IT, Legal, and business teams, this position embeds security into core processes, translates strategy into measurable outcomes, and drives continuous improvement to maintain resilient, audit-ready, and business-aligned security operations.

What you’ll learn and achieve:

As the Sr Manager Security Operations & Engineering,  you will play a key role in the rapid growth of UL as you:

• Drive the long-term strategy, roadmap, and operational execution of Security Operations & Engineering in alignment with ULRI and ULSE goals, objectives, enterprise risk priorities, and resilience commitments.

• Lead and manage enterprise security operations, including incident response, threat detection, security monitoring, vulnerability management, and operational security engineering.

• Own the end-to-end security incident lifecycle, ensuring timely detection, triage, containment, remediation, post-incident reviews, lessons learned, and executive reporting.

• Lead the advancement of AI security monitoring, governance, and controls to protect enterprise data, secure internal and external AI use cases, and mitigate emerging AI-driven risks.

• Oversee the enterprise vulnerability and exposure management program, including scanning, risk-based prioritization, remediation coordination, metrics, and executive-level reporting.

• Drive the implementation, optimization, integration, and operational maturity of security tooling, including SIEM, EDR, MDR, CSPM, DSPM, CNAPP, vulnerability scanners, cloud security platforms, and related security technologies.

• Establish and mature security operations processes, playbooks, runbooks, standard operating procedures, and repeatable workflows to improve operational consistency, response effectiveness, and measurable outcomes.

• Partner with Identity, Infrastructure, Application, Cloud, and Architecture teams to improve security telemetry, embed security controls into enterprise environments, and strengthen visibility across systems, applications, and data.

• Continue to mature Microsoft Purview capabilities, including eDiscovery, Insider Risk Management, Data Loss Prevention, Information Protection, and related data protection controls.

• Oversee third-party MSSP security functions, vendor relationships, service provider performance, operational budgets, and annual forecasting for security operations.

• Provide executive-level visibility, briefings, metrics, KPIs, dashboards, and risk-based insights to the CISO and senior leadership, including progress against NIST CSF v2 audit findings, compliance requirements, control validation, and enterprise risk reduction objectives.

What makes you a great fit:

While no one candidate will embody every quality, the successful candidate will bring many of the following professional competencies and personal attributes:

• Ability to conduct comprehensive gap analysis across various business functions and IT systems. Skilled in identifying potential risks and vulnerabilities and developing effective risk mitigation plans and controls.

• Strong leadership and people-management skills with the ability to build, mentor, and scale security operations teams.

• Demonstrated ability to translate technical security events into clear, risk-based business impacts for executive audiences.

• Deep understanding of security operations & engineering concepts, including incident response, threat intelligence, vulnerability management, and monitoring.

• Proven experience driving operational maturity using recognized cybersecurity frameworks and best practices.

• Strong analytical and problem-solving skills with a data-driven approach to decision-making.

• Excellent written and verbal communication skills, including executive and board-level reporting.

• Ability to manage multiple priorities in a fast-paced, evolving environment.

• High degree of integrity, accountability, and professionalism.

 Professional education and experience requirements for the role include:

• Bachelor’s degree in Information Security, Computer Science, Information Technology etc. Master’s degree is preferred.

• 7 years of progressive experience in cybersecurity, with at least 3 years in a security operations leadership role.

• Knowledge and experience working in Azure and AWS security settings.

• Experience working on Cybersecurity Maturity Model Certification (CMMC) and NIST SP800-171 v2 preferred but not required

• Hands-on experience with security technologies such as SIEM, EDR, MDR, vulnerability management, and cloud security platforms.

• Demonstrated experience leading incident response and vulnerability management programs in an enterprise environment.

• Experience working in regulated or audit-driven environments is strongly preferred.

• Relevant certifications (e.g., CISSP, CISM, GIAC, or similar) preferred but not required.

Salary Range:

Pay Type: