Job Details:Job Level: 7
What does a Sr. Manager of IT Security Operations do at Swire Coca - Cola?Swire Coca-Cola is seeking a Sr. Manager, IT Security - Operations to lead and mature the organization's security operations capabilities. This role is responsible for overseeing the detection, response, and remediation of cybersecurity threats while ensuring the stability and continuous improvement of core security services. The Sr. Manager will lead Security Operations, Incident Response, Vulnerability Management, Identity & Access Management and Monitoring functions, ensuring the organization can effectively identify and respond to evolving threats. This role partners closely with Security Architecture, GRC, IT Infrastructure, and business teams to ensure operational security controls are aligned with enterprise risk priorities. This position requires a strong leader with deep technical expertise, operational discipline, and the ability to translate complex security events into clear business impact for leadership. The ideal candidate will bring a balance of hands-on operational experience and strategic leadership to drive continuous improvement across the cybersecurity program.
Responsibilities- Lead and oversee Security Operations (SOC) activities, including monitoring, detection, and alert triage
- Ensure effective operation of security tools such as SIEM, EDR, NDR, and related monitoring platforms
- Continuously improve detection capabilities through tuning, use case development, and threat intelligence integration
- Establish and maintain operational runbooks and standard operating procedures
- Lead incident response activities, including investigation, containment, eradication, and recovery
- Ensure incident response processes are well-defined, tested, and continuously improved
- Oversee root cause analysis and post-incident reviews to strengthen controls
- Coordinate with legal, communications, and leadership during high-impact incidents
- Lead the vulnerability management program, including scanning, prioritization, and remediation tracking
- Partner with IT and application teams to reduce exposure and improve patching effectiveness
- Lead the design and continuous improvement of IAM capabilities, including identity lifecycle management (Joiner/Mover/Leaver), authentication, and authorization aligned with least privilege principles
- Lead, mentor, and develop cybersecurity operations team members
- Oversee the implementation, integration, and optimization of security technologies
- Ensure security tools are configured, maintained, and delivering value
- Partner with Security Architecture on tool selection and roadmap planning
- Drive automation and efficiency within security operations workflows
- Track and report on vulnerability trends and remediation metrics
- Implement and manage access control models (RBAC/ABAC), MFA, conditional access, and privileged access management (PAM) to secure enterprise identities
- Oversee identity governance processes, including access reviews, certifications, role design, and segregation of duties (SoD) controls
- Partner with cross-functional teams to integrate IAM solutions, drive automation, and report on key metrics such as provisioning timelines, access risks, and compliance status
- Develop and deliver operational metrics, dashboards, and reporting for leadership
- Track KPIs such as detection time, response time, and remediation timelines
- Provide clear, actionable reporting on threats, incidents, and operational risk posture
- Drive continuous improvement initiatives across operational processes
- Establish risk-based prioritization aligned to business impact and threat intelligence
- Partner with GRC, Security Architecture, IT, and business stakeholders
- Support cross-functional incident response coordination and tabletop exercises
- Foster a culture of accountability, continuous learning, and operational excellence
Requirements- Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, or related field required
- Certifications such as CISSP, CISM, or GIAC preferred
- 8+ years of cybersecurity experience, focused on operations, incident response, or threat management required
- 3+ years of leadership experience managing security teams or programs required
- Strong experience with SIEM, EDR, vulnerability management, and detection tools required
- Experience leading vulnerability management and remediation programs required
- Experience developing metrics, dashboards, and executive reporting required
- Deep understanding of incident response methodologies and frameworks
- Strong analytical and problem-solving skills
- Excellent communication skills translating technical issues into business impact
#LI-HH1
Come and join our Sparkling team! 
