Leader – Security Operations and Incident Response

Job Posting Title: Leader Security Operations and Incident Response

Location: On-Site - Santa Ana California

Compensation: Starting at $150000/year D.O.E

*Actual compensation may vary from posting based on geographic location work experience education and/or skill level.

Position Summary:

The Leader Security Operations and Incident Response is responsible for leading and maturing New American Fundings enterprise cyber defense capabilities. This role blends strategic leadership with deep technical expertise in security operations monitoring detection engineering and incident response.

As a senior-level leader you will oversee day-to-day SOC operations drive program maturity and serve as the executive incident commander during high-impact cyber events. You will lead a team of analysts engineers and responders while partnering with cross-functional business IT and executive stakeholders to ensure a resilient security posture across the organization.

The Leader Security Operations and Incident Response plays a critical role in safeguarding sensitive mortgage financial and customer data and ensuring compliance within a highly regulated environment.

*Disclaimer:Identity Verification checks are in place throughout the Candidate journey to prevent candidate fraud

Security Operations Leadership

Lead and oversee daily operations of the Security Operations Center (SOC) ensuring timely and accurate detection triage and response to cybersecurity threats.

Direct the management and optimization of security monitoring technologies (SIEM EDR IDS/IPS NDR DLP and cloud monitoring).

Define maintain and govern SOC processes playbooks and escalation procedures.

Collaborate with IT DevOps engineering network and cloud teams to advance enterprise-wide security monitoring and visibility.

Track measure and communicate SOC operational metrics threat trends and risk reduction to senior leadership.

Leverage SOAR to automate repetitive tasks standardize incident-response workflows and free security teams to focus on higher-value complex threats.

Map SIEM detections correlation rules and behavioral analytics to MITRE ATT&CK Cyber Kill Chain and other threat-modeling frameworks to ensure comprehensive coverage and structured response.

Lead detection engineering efforts by building high-fidelity alerts tuning correlation logic and aligning detection use cases to adversary TTPs threat intelligence and organizational risk priorities.

Incident Response Leadership

Serve as Incident commander leading enterprise-wide containment eradication and recovery during critical cybersecurity incidents.

Oversee development testing and enhancement of the incident response plan including tabletop exercises simulations and red/blue team engagements.

Direct forensic investigations malware analysis threat hunting operations and root-cause analysis activities.

Provide executive communication and status updates during cyber incidents ensuring clarity transparency and effective crisis management.

Ensure incidents are documented lessons learned are captured and improvements are incorporated back into people process and technology.

Strategic Contributions

Drive the strategic maturity of security operations and incident response programs aligned with NIST CSF MITRE ATT&CK CIS Controls ISO and other frameworks.

Ensure SOC and IR practices comply with financial services regulatory requirements (GLBA PCI DSS FFIEC NYDFS HIPAA SOX).

Mentor develop and coach SOC analysts incident responders and engineers to build a high-performing and continuously improving organization.

Evaluate and recommend emerging technologies security tools and operational enhancements to strengthen the cyber defense roadmap.

Act as a trusted advisor to executive leadership on operational risk cyber resilience and incident readiness

10 years of progressive experience in cybersecurity operations SOC leadership or incident response roles.

5 years of leadership or management experience overseeing SOC IR or cyber defense teams.

Demonstrated success in building scaling and maturing security operations programs.

Advanced expertise with SIEM SOAR EDR NDR IDS/IPS forensic tools and threat analysis methodologies.

Deep understanding of attacker tactics threat intelligence and the MITRE ATT&CK framework.

Experience leading enterprise-scale incident response efforts.

Excellent executive communication briefing and cross-functional leadership skills.

Preferred certifications: CISSP CISM GIAC CCSP OSCP or equivalent.

Education Experience and Certifications:

Bachelors degree in Cybersecurity Computer Science Information Systems or related discipline.

Extensive experience in security operations incident response and cybersecurity leadership.

Certifications such as CISSP CCSP CISM GIAC OSCP/OSCE TOGAF CASP or equivalent strongly preferred.

Experience in the financial services or mortgage industry is a plus.

Reporting Line:

Reports To: Director or Senior Director Cybersecurity Services

Works closely with: CISO Office IT leadership risk management and compliance teams

Work Authorization:

Must be able to verify identity and employment eligibility to work in the U.S.

Other Duties:

This job profile is not intended to be an exhaustive list of duties and responsibilities. Additional responsibilities may be assigned as needed.

Physical Demands:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable

accommodation may be made to enable individuals with disabilities to perform the essential functions. Must be able to lift up to ten pounds. Primary functions require sufficient physical ability and mobility to work in an office setting; to stand or sit for prolonged periods of time; to occasionally stoop bend kneel crouch reach and twist; to lift carry push and/or pull light to moderate amounts of weight; to operate office equipment requiring repetitive hand movement and fine coordination including use of a keyboard; and to verbally communicate to exchange information.

Vision:

See in the normal visual range with or without correction.

Hearing:

Hear in the normal audio range with or without correction.

Pay Transparency Disclosure: If based in New American Fundings offices this role has the annual base salary range stated below.

Job level and actual compensation will be decided based on factors including but not limited to individual qualifications objectively assessed during the interview process (including skills and prior relevant experience potential impact and scope of role) market demands and specific work location. The listed range is a guideline and the range for this role may be modified. For roles that are available to be filled remotely the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information.

New American Funding offers competitive package of additional benefits including health dental & vision retirement with company contribution parental leave mental health & wellness benefits and generous PTO. New American Funding also offers sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales roles. New American Fundings compensation and benefits are subject to change and may be modified in the future.

EOE/M/F/D/V. Drug-free workplace.

#LI-JS3