Director, Cyber Security Operations and Threat Management

About The Position

Requirements

• Minimum 8 years of experience within Information Security
• At least 3 years of experience Threat Management and Security Operations
• At least one of the following certifications required: CISSP, CCSP, CASP+, any SANS GIAC or equivalent is prefered
• Thorough understanding of the following areas: Threat Management, Secuity Operations,Application Security, Cloud Security, Data Security, Endpoint Security, Network Security, and User Access Security
• Knowledge of security frameworks and standards such as NIST CSF, ISO27000, and/or CIS
• Self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism.
• Ability and desire to take ownership of multiple tasks and responsibilities.
• Experience designing or implementing an enterprise level Security Program

Nice To Haves

• AWS certifications such as “AWS Certified Security - Specialty” highly desired

Responsibilities

• Threat Management & Incident Management
• Detection Strategy: Build and maintain a world-class Threat Intelligence program to pivot from reactive to proactive defense.
• IR Leadership: Serve as the ultimate escalation point for high-priority security incidents, leading the Incident Response (IR) team through containment, eradication, and recovery.
• Hunting: Establish regular threat-hunting cadences to identify dormant or sophisticated actors within the environment. Stay abreast, and keep up with the latest threats and analyze the impact to the Jazwares environment
• Security Operations (SecOps) & Tools
• SOC Oversight: Manage the 24/7 Security Operations Center (MSSP) to ensure high-fidelity alerting and low Mean Time to Resolve (MTTR).
• Tooling Optimization: Own the security stack (SIEM, EDR, XDR, SOAR). Ensure tools are integrated, automated, and providing maximum ROI rather than just generating "noise.
• Automation: Drive a "Detection as Code" philosophy to automate repetitive tasks and manual investigative steps. Be the costodian of all security tools such as PAM, Email Security, Backup and Recovery, etc.
• Provide technical leadership and oversight to security operations activities and initiatives
• Participate in business continuity and disaster planning
• Provide guidance and support on security issues to other departments
• Ensure all software within the network has adequate security measures in place
• Propose metrics and prepare reports to show current security posture
• Monitor system events, log files, and alerts
• Security Engineering & Cloud Security
• Cloud Governance:Define security guardrails for AWS/Azure/GCP environments, focusing on IAM, VPC security, and serverless protection.
• Infrastructure as Code (IaC): Partner with DevOps to integrate security checks into CI/CD pipelines (DevSecOps).
• Engineering Excellence:Lead the design and deployment of scalable security solutions that support business growth without introducing friction.
• Provide technical leadership and oversight to security engineering activities and initiatives
• Harden systems for cyber resilience
• Vulnerability Management
• Lifecycle Management: Oversee the end-to-end vulnerability management process, from discovery and risk-based prioritization to remediation tracking.
• Exposure Management: Move beyond simple patching to manage the "attack surface," including external digital footprints and shadow IT.
• Architecture & Design
• Security Blueprints: Collaborate with Enterprise Architects to ensure security is "baked in" to new product builds and internal migrations.
• Zero Trust: Lead the transition toward a Zero Trust Architecture, focusing on identity-centric security and micro-segmentation.
• Determine security requirements and security controls for new systems
• Develop and maintain architectural diagrams
• Team Coaching
• Coach team memebrs and manage work plan on assigned projects
• Any other tasks assigned by Manager
• Manages People: Yes