AI and Monitoring for Security, VP

About The Position

Requirements

• Bachelor’s degree in Information Technology, Cyber Security, Computer Science, Data Analytics or related discipline or equivalent work experience
• 4-8 years in Information Security or other Information Technology fields
• Experience with use case and automation related to UEBA, SIEM, SOAR, DLP, EDR and other open-source security tools
• Knowledge of models/frameworks such as Cyber Kill Chain, MITRE and CRI (Cyber Risk Institute)
• Experience in scripting or working in low-code environments
• Experience integrating APIs and building automated workflows across cloud/on‑prem systems
• Understanding of machine learning basics, LLM operations, and AI model lifecycle concepts
• Well-developed analytic, qualitative, and quantitative reasoning skills
• Demonstrated creative problem-solving abilities
• Security event monitoring, investigation, and overall incident response process
• Strong time management skills to balance multiple activities and lead junior analysts or interns as needed
• In-depth knowledge in one or more security domains including Security Governance and Oversight, Security Risk Management, Network Security, Threat and Vulnerability Management, and Incident Response and Forensics
• Experience creating trending metrics and management reports
• Experience with cloud computing security, network, operating system, database, application, and mobile device security

Nice To Haves

• Experience working within the Financial Services Industry preferred
• Experience as a team lead or guiding junior analysts preferred
• Experience working on a global team preferred
• CISSP, ISSMP, SANS, GSEC, GCFA, GNFA, GIAC and/or GCIH

Responsibilities

• Security Monitoring & Incident Response Support Support advanced security event monitoring, triage, and investigation activities across global environments, leveraging expertise in SIEM, UEBA, SOAR, DLP, EDR, and cloud native tooling.
• Apply frameworks such as MITRE ATT&CK, Cyber Kill Chain, and CRI to ensure detections and response actions are mapped to industry-aligned threat behaviors.
• Draw upon your comprehensive understanding of the cyber landscape to design and execute advanced detection and response strategies, employing an array of sophisticated security tools and technologies. Your solutions will serve as the first line of defense, minimizing potential risks and vulnerabilities.
• Automation, AI Integration & Workflow Engineering Aid in the design and implementation of automated workflows using SOAR, low code platforms, custom scripting, and API integrations to streamline SOC and IR processes.
• Operationalize machine learning and LLM powered capabilities—such as case summarization, alert enrichment, anomaly detection, and autonomous investigation—while maintaining human in the loop governance.
• Identify high value automation opportunities and develop scalable, repeatable solutions that reduce MTTR and improve SOC efficiency.
• Collaborate with platform engineering and cloud teams to deploy automation across hybrid (cloud/on prem) environments.
• Reporting, Metrics, Leadership & Continuous Improvement Develop and maintain metrics, dashboards, and reporting used by management to track detection coverage, automation ROI, incident trends, and SOC performance.
• Lead and mentor junior analysts and interns, ensuring consistent development, high-quality execution, and alignment to operating procedures.
• Champion process optimization by identifying gaps in workflow, documentation, and tool usage, and driving improvements in collaboration with global teams.
• Contribute to strategic initiatives and capability uplift across a global SOC/IR operating model.

Benefits

• comprehensive health and wellness benefits
• retirement plans
• educational assistance and training programs
• income replacement for qualified employees with disabilities
• paid maternity and parental bonding leave
• paid vacation, sick days, and holidays