Senior Manager, Cybersecurity and Operations

ABOUT THE ROLE

The Senior Manager, Cybersecurity and Operations leads Accela’s cybersecurity operations, security engineering, monitoring, detection, incident response, and infrastructure security capabilities.

This role is responsible for protecting Accela corporate, cloud, hybrid, and production environments through effective security tooling, operational processes, incident readiness, and measurable risk reduction.

This role combines technical leadership, operational ownership, and people management. The Senior Manager owns core security operations capabilities, leads incident response activities, manages operational security investments, and partners with IT, Engineering, DevOps, Legal, GRC, and Compliance to improve Accela security posture and support SOC 2, ISO 27001, GovRAMP, PCI DSS, HIPAA, and NIST-based requirements.

 SPECIFIC RESPONSIBILITIES

• Lead the cybersecurity operations and security engineering function across corporate, cloud, hybrid, and production environments.
• Manage and develop security engineers and analysts responsible for monitoring, detection, response, infrastructure security, vulnerability management, and operational security controls.
• Own monitoring, detection, and response capabilities, including SIEM, EDR/XDR, DLP, vulnerability management, firewall, WAF, email security, identity security, and cloud security tooling.
• Serve as the operational control point during significant cybersecurity incidents, coordinating response across Security, IT, Engineering, Legal, Communications, GRC, and executive stakeholders.
• Develop, maintain, and test incident response playbooks, escalation paths, tabletop exercises, on-call procedures, and post-incident review processes.
• Lead post-incident reviews and ensure root-cause remediation, lessons learned, and control improvements are completed.
• Evaluate, implement, and optimize security solutions across endpoint, identity, network, email, cloud, logging, detection, and response platforms.
• Partner with IT and Engineering to strengthen cloud, hybrid, and corporate security controls, including identity, network segmentation, key management, secrets management, privileged access, endpoint hardening, and secure configuration management.
• Support GovRAMP and PCI DSS control requirements related to logging, monitoring, vulnerability management, incident response, endpoint security, access control, encryption, cloud security, configuration management, and evidence collection.
• Drive measurable risk reduction across infrastructure, endpoints, cloud environments, identity systems, and business-critical services.
• Own operational vulnerability management processes for infrastructure, cloud, endpoint, and corporate systems.
• Support business continuity, disaster recovery, and resilience planning from a cybersecurity perspective.
• Manage cybersecurity operations budget inputs, including vendor evaluation, renewals, tool rationalization, and investment recommendations.
• Develop operational security metrics and reporting for executive leadership, including incident trends, vulnerability risk, detection coverage, response performance, control health, and remediation progress.
• Stay ahead of evolving threats, including cloud-native attacks, identity compromise, ransomware, AI-enabled threats, and emerging attacker techniques.
• Participate in or manage the security on-call rotation.

 REQUIRED QUALIFICATIONS

• 8+ years of experience in cybersecurity, security operations, security engineering, infrastructure security, cloud security, or incident response.
• 3+ years of experience leading cybersecurity teams, security operations programs, or technical security initiatives.
• Strong working knowledge of SIEM, EDR/XDR, DLP, WAF, vulnerability management, firewalls, email security, identity security, and cloud security tooling.
• Experience securing cloud, hybrid, and corporate environments across AWS, Azure, or GCP.
• Experience leading or coordinating incident response for material cybersecurity events.
• Strong understanding of identity security, network segmentation, endpoint security, logging, detection engineering, vulnerability management, and key/secret management.
• Demonstrated ability to deliver security initiatives that produce measurable risk reduction.
• Experience managing vendors, evaluating security tools, and making build/buy recommendations.
• Strong communication skills with the ability to explain operational security risk to technical and executive audiences.

 DESIRED QUALIFICATIONS

• Experience with Microsoft Defender for Cloud, Azure-native security tooling, or equivalent AWS/GCP security tooling.
• Experience supporting SaaS environments with public-sector, regulated, payment, or customer-trust-driven requirements.
• Experience operating in environments governed by SOC 2, ISO 27001, GovRAMP, PCI DSS, NIST CSF, or NIST 800-53 control requirements.
• Familiarity with zero-trust architectures, SSO, MFA, conditional access, SSPM, identity threat detection, and privileged access management.
• Experience securing Kubernetes, containers, cloud workloads, and CI/CD infrastructure.
• Relevant certifications such as CISSP, CISM, CCSP, GIAC, GCIH, GCIA, or similar.

OTHER

• Expected to participate in or lead the security incident response rotation.
• Very light travel may be expected for team or company offsites and industry conferences.

ABOUT ACCELA
For nearly 20 years, Accela has been an industry leader in designing and delivering government software to improve efficiency, increase citizen engagement and enable the development of thriving communities. Today, citizens are savvy to how services should be delivered, and expect a consistently convenient, openly transparent view into their local government. While government agencies struggle to do more with less, our mission has never been more critical. Accela provides a robust, cloud-based platform of government software solutions that accelerate growth, efficiency, and transparency in communities of all sizes. From planning, to building, to service request management and more, Accela’s SaaS offerings level the playing field for small and medium governments and enable smaller agencies to leverage larger city technologies. Our open and flexible technology helps agencies address specific needs today, while ensuring they are well prepared for the emerging challenges of the future.

OUR COMMITMENT TO DIVERSITY, EQUITY, AND INCLUSION
Accela believes in developing and nurturing a workplace community where our differences are celebrated, and everyone feels a sense of psychological safety and belonging. Accela is committed to putting resources and attention towards evolving our practices, policies, and philosophies to enable diversity to thrive and to support equity in opportunity for everyone.

COMPENSATION AND WELL-BEING
The annual base salary range for this full-time position is $170,000-$190,000 (less applicable taxes). The actual annual base salary offered may be adjusted based on a variety of factors, including but not limited to, location, education, skills, training, and experience. In addition to an annual base salary, this position is eligible for an annual bonus target. This is a discretionary bonus awarded based on company and individual goal achievement.
 
Accela’s U.S. team members will receive a generous benefits package consisting of options including flexible time off, comprehensive medical, dental, and vision plans, family planning benefits, 401(k) retirement savings plan with company match, health savings account with company contributions, flexible spending account, life, accident, and disability coverage, business travel insurance, employee assistance programs, and other well-being benefits.

Accela is an Equal Opportunity Employer/Affirmative Action Employer and will respond to requests for job accommodations.

All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, national origin, protected veteran status, or based on disability, gender identity, and sexual orientation

#LI-Remote