Manager - Security Operations Center (SOC)

KLA Corporation

KLA Corporation

Ann Arbor, MI, USA
Posted on Wednesday, February 14, 2024
Base Pay Range: $126,700.00 - $215,400.00 AnnuallyPrimary Location: USA-MI-Ann Arbor-KLAKLA’s total rewards package for employees may also include participation in performance incentive programs and eligibility for additional benefits identified below. Interns are eligible for some of the benefits identified below. Our pay ranges are determined by role, level, and location. The range displayed above reflects the minimum and maximum pay for this position in the primary location identified in this posting. Actual pay depends on several factors, including location, job-related skills, experience, and relevant education level or training. If applicable, your recruiter can share more about the specific pay range for your preferred location during the hiring process.

Company Overview

KLA is a global leader in diversified electronics for the semiconductor manufacturing ecosystem. Virtually every electronic device in the world is produced using our technologies. No laptop, smartphone, wearable device, voice-controlled gadget, flexible screen, VR device or smart car would have made it into your hands without us. KLA invents systems and solutions for the manufacturing of wafers and reticles, integrated circuits, packaging, printed circuit boards and flat panel displays. The innovative ideas and devices that are advancing humanity all begin with inspiration, research and development. KLA focuses more than average on innovation and we invest 15% of sales back into R&D. Our expert teams of physicists, engineers, data scientists and problem-solvers work together with the world’s leading technology providers to accelerate the delivery of tomorrow’s electronic devices. Life here is exciting and our teams thrive on tackling really hard problems. There is never a dull moment with us.

Job Description/Preferred Qualifications


The Cybersecurity group at KLA is involved in every aspect of the global business. The KLA Cybersecurity group defends against cyber-attacks and provides cybersecurity tools, incident response services and assessment capabilities to safeguard the environments that support the essential operations of KLA. We are passionate about identifying adversarial activities and anticipating a wide variety of threats to strengthen our defenses and the overall protection of KLA Intellectual Property.

Manager, Security Operations Center (SOC)

This individual will be the security leader who will develop, operationalize and continually mature KLA’s Security Operations Center (SOC), through the development and maintenance of best-practice procedures, and supporting documentation to ensure the safety of KLA information assets. This role will function as the primary liaison with a diverse group of individuals including Cybersecurity Architecture, Governance, Insider Threat, Information Technology, Risk Management, Human Resources, Legal and Compliance as well as senior leaders throughout the organization. The role is responsible for the analysis of anomalous/risky behavior, leading KLA's incident response, and response to identified threats with the appropriate teams. As the program matures, this leader will be responsible for strengthening the team to support the mission. The successful candidate will have a strong technical background, proven effectiveness in security operations/incident response, leadership, excellent written and verbal communication, and outstanding interpersonal skills. There will be a brief technical assessment as part of this role.


  • Operationalize and mature the KLA Security Operations Center.

  • Improve operational cyber programs including Intelligence, Detect, Response, and coordinate activities with legal and IT as needed.

  • Guide the SOC in the investigation of anomalous network activity and work with IT, HR, and Legal to coordinate responses as needed.

  • Present frequently to KLA leadership teams in order to drive a deep understanding of our efforts to improve delivery of the insider threat program

  • Coordinate execution of the Program across key partners including Information Security, Human Resources, Legal, and Compliance

  • Collaborate on the build and implementation of processes and technologies to detect high-risk insider activities that are accidental or malicious in nature

  • Develop mechanisms to monitor and test the effectiveness of insider threat management solutions and associated analytical models

  • Identify and implement opportunities for continuous program improvement

  • Represent the SOC to both internal and external partners, such as other Information Security functions and regulators

  • Collaborating with Legal and Compliance teams to ensure timely handoffs and alignment with Legal and Privacy regulations associated with threat actor behavior

  • Focus on the tools, processes, and methods needed to craft and implement data protection systems and to adapt existing systems as the environment evolves

  • Developing close working relationships with partners, technology owners, and leaders

  • Proactively run the program’s needs, adjusting the program roadmap and strategy according to the evolving threat landscape and organizational context

  • Identify associated technologies, services and solutions needed for the insider risk program to operate

Desired Qualifications

  • Experience with Hands on Keyboard Incident Response/Detection/Intelligence

  • Experience developing/implementing/maturing SOC/CIRT teams

  • Proven track record for cultivating relationships with a diverse group of leaders and teams

  • Proven track record to influence and mentor others in a technology-focused environment

  • Must have a strong customer service orientation, a strong sense of initiative, a positive demeanor, and a collaborative working style

  • Advanced understanding of Risk based approach to the Cybersecurity Operations program development and analysis

  • Advanced understanding of security technologies, compliance frameworks (NIST CSF, ISO), risk management principals

  • Ability to travel abroad

Minimum Qualifications

  • Bachelor’s degree in Computer Science, Information Security, Management Information Systems or equivalent combination of education and related work experience

  • Minimum five (5) years in information security

  • Minimum three (3) years leading technical teams

  • Please note experienced incident handlers with a proven track record of teaching and training teams without other leadership experience will be actively considered for this role

  • This is a hybrid role and will be based out of our Midwest HQ in Ann Arbor, MI

The company offers a total rewards package that is competitive and comprehensive including but not limited to the following: medical, dental, vision, life, and other voluntary benefits, 401(K) including company matching, employee stock purchase program (ESPP), student debt assistance, tuition reimbursement program, development and career growth opportunities and programs, financial planning benefits, wellness benefits including an employee assistance program (EAP), paid time off and paid company holidays, and family care and bonding leave.

KLA is proud to be an Equal Opportunity Employer. We do not discriminate on the basis of race, religion, color, national origin, sex, gender identity, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other status protected by applicable law. We will ensure that qualified individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us at to request accommodation.