Location:

4910 Tiedeman Road - Brooklyn, Ohio 44144

Position Summary

Our Cyber Threat Response team rolls up into Key’s broader Cyber Defense function within Corporate Information Security.  Cyber Defense’s mission is simple: We aim to Deter, Detect, Deny, and Disrupt adversaries through proactive threat-centric defense.

Are you a seasoned security leader ready to take on an exciting challenge? We are on the hunt for a dynamic Senior Manager to lead the Cyber Threat Response team aka “the SOC” and take it to the next level!  You will be the driving force behind the team, shaping its strategic direction and building a roadmap for SOC maturity aligned with MITRE ATT&CK/DEFEND, NIST CSF, and threat-informed defense principles. Drive continuous improvement through measurable KPIs such as MTTD, MTTR, and detection efficacy.

This Senior Cyber Defense Manager - SOC is responsible for providing real-time awareness, rapid response, and critical analysis to support decision-making to safeguard KeyBank’s people, property, and information. When necessary, the Senior Manager will support team leads and other SOC analysts by showing the ability to oversee ticket triage, incident response, event correlation and automation and other crucial security functions.

Key Responsibilities

Visionary Leadership - Ability to set a clear, inspiring vision for the team and translate it into actionable and measurable strategies, ensuring the team is equipped to monitor, detect, and respond to modern cyber threats across all domains and technologies.Strategic Planning - Develop and execute long-term measurable plans.Team Development - Hire, mentor, train!  Foster an environment of continuous learning and improvement. Your goal is to be a high-performing team.Reporting - Provide leadership with detailed reports, creating and highlighting metrics, key performance indicators, and real-world cases to show team value.Oversee 24/7 security monitoring, event triage, and incident response, ensuring efficient and effective handling of security events and that playbooks and escalation protocols are in place.Understanding Threat Actor Tactics, Techniques, & Procedures used by cyber adversaries.Deep understanding of frameworks (MITRE ATT&CK, D3FEND, Kill Chain, etc.) to enhance detection and response.Influence the integration and optimization of SOAR, SIEM, and EDR platforms. Drive automation of triage, enrichment, and response workflows to reduce analyst fatigue and improve response velocity.Collaborate with CTI and Detection Engineering teams to operationalize threat intelligence into detection logic.Champion purple teaming and adversary emulation to confirm detection coverage.Actively take part in tabletop exercises and red/blue/purple team activities.Interface with stakeholders within Cyber Defense, the broader security organization, and those outside of security such as technology, fraud and other lines of business partners.Lead by example in fostering a culture of curiosity, rigor, and continuous learning.Maintain composure, clarity, and focus in high-pressure situations.Maintain solid working knowledge of the security functions across the other Cyber Defense teams - break down silos!

Required Qualifications

Bachelor’s in Computer Science, Cybersecurity, or related field—or equivalent experience5+ years in a SOC, Incident Response, or digital forensics role.3+ years in a management role.Strong analytical, research, and verbal, and writing skills.Strong incident response capabilities including security incident analysis, root cause diagnosis, and remediation strategy implementation.Excellent stakeholder engagement and communication skills with experience presenting to leadership and both technical and non-technical audiences.Ability to work independently and escalate risks appropriately.Ability to communicate concisely, effectively and directly with executive management.Keen sense of customer centricityProven experience mentoring security analysts in demanding environments.

Preferred Certifications

Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)GIAC Certified Intrusion Analyst (GCIA)GIAC Certified Incident Handler (GCIH)Certified Information Systems Auditor (CISA)GIAC Certified Forensic Analyst (GCFA)GIAC Certified Enterprise Defender (GCED)

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $112,000 to $180,000 annually depending on location and job-related factors such as level of experience. Compensation for this role also includes eligibility for short-term incentive compensation and deferred incentive compensation subject to individual and company performance.

Please click here for a list of benefits for which this position is eligible.

Job Posting Expiration Date: 07/09/2025

KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.