Director, Security Operations

The Director of the Security Operations is a established cybersecurity leader responsible for strategic oversight operational excellence and continuous maturity of the SOC ensuring 24/7 monitoring detection and response to cyber threats. This role leads multidisciplinary teams across security operations threat intelligence incident response and engineering aligning SOC activities with enterprise risk business objectives and regulatory requirements.

The Director will develop and execute SOC strategy enhance detection and response capabilities manage internal staff and MSSP partners and ensure measurable improvements through KPIs such as MTTD MTTR and threat detection efficacy.

JOB DUTIES

Strategic Leadership & Governance

• Develop and execute an enterprise SOC strategy aligned with corporate risk security architecture and business objectives.
• Oversee SOC governance including policies processes runbooks and incident response playbooks.
• Define SOC goals KPIs SLAs success metrics and continuous improvement roadmaps.
• Provide briefings and actionable insights to the CISO executive leadership and the board on SOC posture threat trends and incident impact.
• Develop standardize and maintain core security governance documentation including the Information Security Program Incident Response Plan and Security Policies and Procedures

Operational Excellence

• Lead 24/7 SOC operations ensuring highquality monitoring detection analysis threat hunting and incident response.
• Oversee escalations for anomalous activities vulnerabilities and significant cyber events; ensure proper triage and coordinated response.
• Ensure protection and detection capabilities leverage modern analytics automation engineering and industryaccepted cybersecurity architecture practices.
• Identify categorize and report SOC performance trends; continuously optimize processes to improve detection fidelity and reduce overall risk.

Team Leadership & Workforce Development

• Lead mentor and develop SOC managers engineers analysts and threat intelligence staff; build a highperforming and resilient SOC culture.
• Define staffing models career pathways training programs and competency expectations.
• Maintain strong hiring coaching and retention practices to address talent shortages and burnout risks.

Technology Tools & Engineering

• Oversee enterprise security monitoring automation endpoint identity network and cloud detection capabilities
• Partner with architecture and engineering teams to tune detection rules prevention signatures and correlation logic.
• Manage SOC technology roadmap and recommend upgrades emerging solutions or automation enhancements.

Incident Response & Threat Management

• Direct crossfunctional incident response ensuring rapid mitigation rootcause analysis and postincident reporting.
• Lead proactive threat hunting and ensure timely consumption of threat intelligence to anticipate and mitigate emerging risks.
• Ensure SOC integrates with enterprise crisis management forensics and business resilience functions.

Vendor MSSP & Stakeholder Management

• Manage relationships with MDR MSSP partners and security technology vendors; ensure highquality service delivery and contract compliance.
• Coordinate with IT cloud teams legal privacy compliance and business units during detection and response activities.

• Collaborate with Legal Privacy and Compliance teams to ensure SOC processes meet regulatory and data privacy requirements and provide documentation supporting security governance programs.

YOU MUST HAVE

• 10 years of progressive experience in security operations cyber defense or threat management with at least 5 years in SOC leadership.
• Proven handson technical background in:
  • Firewalls IDS/IPS
  • Endpoint protection/EDR
  • Email security
  • Network security
  • Incident response and digital investigations
  • Optimize detection logic behavioral analytics correlation rules and automated response workflows
• Strong understanding of enterprise infrastructure: networking storage servers cloud identity and logging technologies.
• Demonstrated ability to manage 24/7 operations and highpressure incident scenarios.
• Effective communication skills with the ability to translate complex threats into clear executivelevel language.

WE VALUE

• CISSP CISM GCIA GCIH CEH or equivalent.
• Experience working in hybrid/multicloud environments and with modern cloudnative detection technologies.
• Experience optimizing SOC performance via automation threat intelligence integration KPI monitoring and continuous improvement frameworks.
• Familiarity with MITRE ATT&CK NIST CSF ISO 27001 and SANS SOC maturity models.
• Strong leadership decisionmaking and crisismanagement skills.
• Deep understanding of cybersecurity principles threat actors attack lifecycles cryptographic concepts and vulnerability management.
• Ability to maintain confidentiality and handle sensitive information with professionalism.
• Demonstrated commitment to innovation operational excellence and measurable security outcomes.

WHATS IN IT FOR YOU

• Join a team that truly values worklife integration and balance where your wellbeing comes first.
• Grow your career while diving into cuttingedge technologies and continuous learning opportunities.
• Help shape innovative IoT and control solutions that influence the everyday lives of millions.
• Channel your curiosity and passion for discovery while exploring new possibilities and bringing forward bold use cases that help us pioneer the future.

#LI-MA1

#LI-ONSITE