Snr Manager, Cybersecurity Operations

At 2U, we are all in on purpose. We are motivated by our mission – to eliminate the back row in education – and connected by our shared passion to deliver world-class digital education at scale. As the parent company of edX, the world’s leading online learning platform, 2U powers more than 4,000 online higher education offerings – from free courses to full degrees. Together with more than 230 colleges, universities, and corporate partners, we are helping to unlock human potential.

What We’re Looking For:

As the Senior Manager of Cybersecurity Operations, you will lead and mature 2U’s global cyber defense and security operations capabilities. This role is accountable for the effective execution of threat detection, incident response, vulnerability management, and operational security monitoring across a global enterprise.

You will manage and develop a team of security engineers responsible for day-to-day security operations, while also acting as the operational bridge between cybersecurity engineering, infrastructure, SRE, IT, and external partners (including managed or embedded resources). While remaining technically credible, your primary focus will be on operational excellence, incident readiness, process maturity, and ensuring consistent, high-quality execution of security operations at scale.

This role requires strong leadership, sound judgment under pressure, and the ability to translate technical security events into clear risk-based communication for senior stakeholders. You will own operational outcomes, ensure alignment to industry frameworks, and continuously improve tools, processes, and team capability to reduce risk across 2U’s most critical systems.

Responsibilities Include, But Are Not Limited To:

Cybersecurity Operations & Execution

• Own and oversee day-to-day cybersecurity operations, ensuring effective threat detection, investigation, response, and remediation across cloud, application, and infrastructure environments.
• Ensure security monitoring, alerting, and response processes are consistently executed, well-documented, and aligned to defined SLAs and severity models.
• Provide operational oversight of security tooling (e.g., SIEM, EDR, SOAR), ensuring tools are properly configured, maintained, and delivering actionable outcomes.
• Drive continuous improvement of operational runbooks, response workflows, and automation to reduce manual effort and improve response quality.

Cybersecurity Incident Management & Operational Readiness

• Own the cybersecurity incident management program, ensuring incidents are triaged, escalated, coordinated, and resolved effectively.
• Ensure clear roles, escalation paths, and communications are in place for security incidents, including coordination with SRE, Engineering, Infrastructure, IT, Legal, Privacy, and Communications teams.
• Lead post-incident reviews for security incidents, driving root cause analysis, remediation tracking, and systemic improvements.
• Ensure incident response practices align with industry standards and internal risk management expectations.

Engineering, Cloud & Application Security Alignment

• Partner with Cloud Security, Application Security, and Engineering teams to ensure security controls, detections, and response requirements are operationalised within cybersecurity operations.
• Ensure outputs from Cloud Security and Application Security initiatives (e.g., controls, detections, alerts, runbooks) are effectively integrated into security monitoring, incident response, and operational workflows.
• Act as the primary intake point for security-relevant operational signals from engineering and platform teams, ensuring they are triaged, prioritised, and actioned appropriately by cybersecurity operations.
• Collaborate with partner teams to identify gaps in detection, response coverage, and operational readiness, and drive improvements to expand and mature cybersecurity operations coverage.
• Serve as an escalation and advisory point for security-related operational issues, ensuring coordination with the appropriate domain owners (Cloud, Application, Infrastructure, SRE) while maintaining clear accountability.

Security Operations Coverage & Readiness

• Ensure cybersecurity operations maintain effective visibility and response capability across cloud, infrastructure, and application environments, aligned to defined risk and threat models.
• Oversee the integration of logging, telemetry, alerts, and response playbooks into operational tooling (e.g., SIEM, SOAR, EDR), without assuming ownership of underlying platform or application architectures.
• Partner with domain security teams to validate that new systems, services, and changes are adequately covered by operational security monitoring and incident response processes.
• Continuously assess and improve operational coverage to ensure cybersecurity operations can detect, respond to, and support incidents across the evolving technical environment.

Proactive Risk & Vulnerability Management

• Own the operational vulnerability management lifecycle, ensuring vulnerabilities are identified, prioritized, remediated, and tracked to closure.
• Use risk-based prioritization to balance remediation effort with business impact and operational realities.
• Ensure security findings and risk trends are translated into clear, actionable insights for technical and non-technical stakeholders.

Team Leadership & Partner Management

• Lead, mentor, and develop cybersecurity operations engineers, fostering a culture of accountability, continuous improvement, and operational excellence.
• Provide direction and oversight to embedded or partner resources (e.g., Sonata), ensuring clear expectations, quality delivery, and alignment to 2U standards.
• Contribute to workforce planning, skills development, and operational maturity of the cybersecurity operations function.

Things That Should Be In Your Background:

• 5+ years experience in cybersecurity or security operations, with progression into technical leadership or people management.
• Experience leading or supporting security operations, incident response, or threat management in complex environments.
• Working knowledge of AWS; exposure to GCP or Azure is a plus.
• Comfortable with scripting/automation (e.g., Python, Bash) to guide and review operational improvements.
• Experience partnering on CI/CD and DevSecOps initiatives to ensure security signals feed into detection and response.
• Familiarity with cloud-native and containerised environments and their operational security risks.
• Required: Hands-on experience with SIEM and EDR platforms supporting security monitoring, investigation, and incident response.
• Beneficial: Experience with SOAR workflows and WAF technologies to support security automation and application protection.
• Strong analytical judgment, able to make risk-based decisions under pressure.
• Clear communicator with both technical teams and senior stakeholders.

Benefits & Culture

Our global employee base is a diverse collection of innovators, dreamers, and doers working together to transform lives through higher education. We believe that every employee can advance our shared purpose, and that life at 2U should be fun and meaningful. If you’re excited by the opportunity to provide over 40 million learners and counting with access to world-class online higher education, then join us – and do work that makes a difference. #NoBackRow

We offer comprehensive benefits (unique per country) and excellent work/life balance.
Full-time, ZA benefits include: 

• 2 complimentary Getsmarter short courses per year
• Subsidised medical aid with Discovery Health Medical Scheme
• 4% 2U contribution towards Discovery Life Pension Fund and Group Risk Benefit
• Employee Assistance Program (EAP)
• Generous leave policy including time off to volunteer for non-profit organization, study leave, sports leave and a company-wide festive season break

2U Diversity and Inclusion Statement

At 2U, we are committed to building and sustaining a culture of belonging, respect, and inclusion. We are proud of the steps we’ve taken to bring together an employee base that embodies diverse walks of life, ideas, genders, ages, races, cultures, sexual orientations, abilities and other unique qualities. We strive to offer a workplace where every employee feels empowered by what makes us different, as well as by how we are alike. 

2U is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodations, please reach out to us at: recruitingaccommodations@2u.com. 

About 2U

For more than a decade, 2U has been the digital transformation partner of choice to great non-profit colleges and universities delivering high-quality online education at scale. As the parent company of edX, a leading global online learning platform, 2U provides over 45 million learners with access to world-class education in partnership with more than 230 colleges, universities, and corporations. Our people and technology are powering more than 4,000 digital education offerings — from free courses to full degrees — and helping unlock human potential. To learn more: visit 2U.com.

About edX

edX is the education movement for restless learners and a leading global online learning platform from 2U. Together with the majority of the world’s top-ranked universities and industry-leading companies, we bring our community of over 45 million learners world-class education to support them at every stage of their lives and careers, from free courses to full degrees. And we're not stopping there — we're relentlessly pursuing our vision of a world where every learner can access education to unlock their potential, without the barriers of cost or location. Learn more at edX.org.

Learn more at https://2u.com/careers/
#NoBackRow

The above statements are intended to describe the general nature and level of work performed by individuals assigned to this position, and are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed.

2U is an equal opportunity employer that does not discriminate against applicants or employees and ensures equal employment opportunity for all persons regardless of their race, creed, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, age, marital status, disability, citizenship, military or veterans’ status, or any other classifications protected by applicable federal, state or local laws. 2U’s equal opportunity policy applies to all terms and conditions of employment, including but not limited to recruiting, hiring, training, promotion, job benefits and pay. 

2U is strongly committed to diversity within its community and especially welcomes applications from South African citizens who are members of designated groups who may contribute to Employment Equity within the workplace and the further diversification of ideas. In this regard, the relevant laws and principles associated with Employment Equity will be considered when appointing potential candidates. We are required by law to verify your ability to work lawfully in South Africa. 2U requires that you submit a copy of either your identity document or your passport and any applicable work permit if you are a foreign national, along with an updated curriculum vitae.