Security Operations Manager
Job Description
No Sponsorship will be provided for this role.
Location: On Site at location listed in posting
Weekly Schedule: Monday- Friday, 9am-5pm
The Security Operations Manager leads a multi-discipline security team covering application security, threat detection, vulnerability management, red/purple team activities, and security automation, with a heavy emphasis on detection, readiness, and real-world risk reduction.
The role is at the intersection of secure development, threat detection, and operational maturity within a large, multi-cloud online banking environment. Large-bank experience is preferred.
What the Manager Owns
- People leadership for a multi-discipline cyber team (6 to 12 direct reports)
- Threat detection
- Penetration testing readiness and follow-through
- Red / blue / purple team integration
- Reducing enterprise attack surface
Key Responsibilities
Leadership & Team Management
- Manage and develop a team of security professionals across vulnerability management, threat detection & threat intelligence, red/purple team disciplines, and security automation
- Act as the escalation point for high-risk or high-impact cyber issues
Application Security
- Oversee SAST, DAST, SCA, manual testing, and penetration testing programs
- Drive shift-left AppSec - IDE scanning, CI/CD integration, and secure coding practices
- Reduce testing cycles and downstream findings by improving early detection
- Operate tool-agnostic (e.g., Veracode, Invicti, Burp)
- Ensure AppSec supports modern cloud-native and DevOps environments
- Build trusted relationships with Shadow IT owners, and progressively align with security tooling, testing, and IT security practices.
Threat Detection & Purple Teaming
- Own detection-focused security outcomes, not just vulnerability reporting
- Work closely with SOC and IR teams to improve detection signals
- Use pen-test and red-team insights to strengthen blue-team defenses
- Apply purple-team thinking to close gaps between offense and defense
Penetration Testing & Offensive Readiness
- Ensure strong internal and third-party penetration testing coverage
- Validate that findings are meaningful, prioritized, and remediated
- Use offensive testing to drive real defensive improvements
Vulnerability & Configuration Risk Reduction
- Oversee vulnerability and configuration management programs
- Maintain hardening standards, baselines, and remediation tracking
- Reduce enterprise attack surface across cloud, applications, and infrastructure
- Integrate AppSec, pen-test, and vulnerability data into risk-based prioritization
Environment & Scope
- Multi-cloud environment
- High-availability online banking systems
- Highly regulated financial services setting
- Heavy collaboration with engineering, cloud, risk, and executive leaders
Required Experience
- 10+ years in cybersecurity spanning AppSec, threat detection, incident response, and vulnerability management
- 3–5+ years leading multi-disciplinary security teams
- Demonstrated success reducing attack surface and improving detection speed
- Strong understanding of application security; threat detection & response; penetration testing & adversary simulation; and CI/CD and cloud-native environments
- Comfortable presenting to and influencing executives
- Large-bank experience preferred, with the adaptability to thrive in a smaller-bank environment
About Us
First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at www.FirstHorizon.com.
Benefit Highlights
• Medical with wellness incentives, dental, and vision
• HSA with company match
• Maternity and parental leave
• Tuition reimbursement
• Mentor program
• 401(k) with 6% match
• More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits
Follow Us
Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThis employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
No Sponsorship will be provided for this role.
Location: On Site at location listed in posting
Weekly Schedule: Monday- Friday, 9am-5pm
The Security Operations Manager leads a multi-discipline security team covering application security, threat detection, vulnerability management, red/purple team activities, and security automation, with a heavy emphasis on detection, readiness, and real-world risk reduction.
The role is at the intersection of secure development, threat detection, and operational maturity within a large, multi-cloud online banking environment. Large-bank experience is preferred.
What the Manager Owns
- People leadership for a multi-discipline cyber team (6 to 12 direct reports)
- Threat detection
- Penetration testing readiness and follow-through
- Red / blue / purple team integration
- Reducing enterprise attack surface
Key Responsibilities
Leadership & Team Management
- Manage and develop a team of security professionals across vulnerability management, threat detection & threat intelligence, red/purple team disciplines, and security automation
- Act as the escalation point for high-risk or high-impact cyber issues
Application Security
- Oversee SAST, DAST, SCA, manual testing, and penetration testing programs
- Drive shift-left AppSec - IDE scanning, CI/CD integration, and secure coding practices
- Reduce testing cycles and downstream findings by improving early detection
- Operate tool-agnostic (e.g., Veracode, Invicti, Burp)
- Ensure AppSec supports modern cloud-native and DevOps environments
- Build trusted relationships with Shadow IT owners, and progressively align with security tooling, testing, and IT security practices.
Threat Detection & Purple Teaming
- Own detection-focused security outcomes, not just vulnerability reporting
- Work closely with SOC and IR teams to improve detection signals
- Use pen-test and red-team insights to strengthen blue-team defenses
- Apply purple-team thinking to close gaps between offense and defense
Penetration Testing & Offensive Readiness
- Ensure strong internal and third-party penetration testing coverage
- Validate that findings are meaningful, prioritized, and remediated
- Use offensive testing to drive real defensive improvements
Vulnerability & Configuration Risk Reduction
- Oversee vulnerability and configuration management programs
- Maintain hardening standards, baselines, and remediation tracking
- Reduce enterprise attack surface across cloud, applications, and infrastructure
- Integrate AppSec, pen-test, and vulnerability data into risk-based prioritization
Environment & Scope
- Multi-cloud environment
- High-availability online banking systems
- Highly regulated financial services setting
- Heavy collaboration with engineering, cloud, risk, and executive leaders
Required Experience
- 10+ years in cybersecurity spanning AppSec, threat detection, incident response, and vulnerability management
- 3–5+ years leading multi-disciplinary security teams
- Demonstrated success reducing attack surface and improving detection speed
- Strong understanding of application security; threat detection & response; penetration testing & adversary simulation; and CI/CD and cloud-native environments
- Comfortable presenting to and influencing executives
- Large-bank experience preferred, with the adaptability to thrive in a smaller-bank environment
About Us
First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at www.FirstHorizon.com.
Benefit Highlights
• Medical with wellness incentives, dental, and vision
• HSA with company match
• Maternity and parental leave
• Tuition reimbursement
• Mentor program
• 401(k) with 6% match
• More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits
Follow Us
Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThis employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
About First Horizon National Corporation
First Horizon is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. With $81.7 billion in assets as of December 31, 2023, we serve clients through a team of approximately ~7,300 associates and ~418 banking centers throughout the southeastern United States. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. First Horizon has been recognized as one of the nation’s best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank.