Job Description
Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities – revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers – so they can remain focused on the business of water. For additional information, please visit the company website at
Security Operations Center (SOC) Manager Position Summary Neptune is maturing a 24×7 cybersecurity program across a hybrid environment (on-prem, cloud, SaaS). We need a proactive leader to
own Incident Response and SOC operations , manage SIEM performance, and ensure timely reporting to our parent company. This role is critical for reducing MTTD/MTTR, strengthening detection capabilities, and driving audit readiness.
Key Responsibilities: Incident Response & Management - Lead the full IR lifecycle: detection, triage (L2–L3), containment, eradication, recovery, and post-mortems
- Coordinate forensic investigations and run tabletop, blue/red/purple team exercises
- Maintain and execute documented playbooks for rapid response
Threat Detection & Monitoring - Oversee 24×7 alerting and escalation model with MSSP and internal teams
- Implement anomaly detection and access monitoring across endpoints, networks, and cloud
SIEM & Security Logging - Manage SIEM (Google SecOps/Chronicle) including detection engineering, log health, and tuning
- Develop repeatable SOAR playbooks and automation workflows
Identity & Access Management - Ensure robust IAM lifecycle processes and enforce least privilege principles
- Integrate anomaly detection for identity-related threats
Threat Intelligence & Modeling - Incorporate threat intelligence feeds into detection and response workflows
- Conduct threat modeling exercises to anticipate and mitigate risks
Security Automation & Orchestration - Drive automation for repetitive tasks and incident workflows
- Optimize orchestration between SIEM, EDR, and SOAR platforms
Reporting & Metrics - Own the incident reporting process to Neptune’s parent company
- Deliver actionable metrics on detection, response, and operational performance
Secure Architecture & Zero Trust - Partner with engineering to embed secure-by-design principles
- Implement zero trust segmentation and hardening based on incident learnings
Relevant Platforms (experience with several is expected): - SIEM/SecOps: e.g. Google SecOps (Chronicle)
- EDR & Identity: e.g. CrowdStrike, Microsoft AD/Entra
- Network Security: e.g. FortiGate NGFW, FortiSASE
- Secure Browsing: e.g. Prisma
- Patching & Config: e.g. Automox
- Secrets Management: e.g. Keeper
- Asset Management: e.g. Axonius, Cyclops
- Email & Data Security: e.g. Mimecast, Microsoft Purview
Minimum Qualifications: - Bachelor’s degree (or international equivalent)
- 5+ years in Security Operations, including 3+ years leading IR/SecOps teams
- Hands-on experience with incident response, SIEM management, and threat hunting
- Strong understanding of NIST, ISO, SOC 2, MITRE ATT&CK, and zero trust principles
- Excellent communicator with experience in cross-functional coordination and executive reporting
Preferred Qualifications: - CISSP or equivalent certification
- Cloud security experience (AWS, Azure, GCP)
- IAM lifecycle management
- Audit and compliance experience (SOC 2, SOX, etc.)
Travel Requirements: Typically requires overnight travel less than 10% of the time.
Location: Tallassee, AL, Duluth, GA
#HP1
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights notice from the Department of Labor.
Job Tags
Night shift,