Director, IT Security Operations

About The Position

Requirements

• 10+ years in Information Technology with 5+ years in security operations, including leading teams and MSPs
• Bachelor’s degree in IT, Computer Science, Security required
• Strong grasp of the threat landscape, incident investigation/root-cause analysis, and executive communication
• Working knowledge of frameworks and regulations, e.g., NIST, ISO/IEC, CIS Controls
• Experience operating in cloud, SaaS, and emerging technology environments, including AI-enabled platforms

Nice To Haves

• Certifications, e.g., Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), CompTIA Security+, strongly preferred

Responsibilities

• Security Operations & SOC Oversight Lead the 24x7x365 global SOC, consisting of internal staff and MSPs, including operating models, staffing, and service delivery.
• Set governance, service-level agreements (SLAs), metrics, and escalation paths for SOC services.
• Improve monitoring, alerting, and response across endpoints, networks, identity, software as a service (SaaS), and cloud; ensure consistent execution from triage through post-incident review.
• Own security information and event management (SIEM) and detection engineering strategy, including log onboarding, correlation, tuning, and integration with incident response (IR) workflows.
• Incident Response Leadership Function as the escalation lead for major security incidents, e.g., intrusions, ransomware, malware, data exposure, Distributed Denial-of-Service (DDoS), insider risk, and third-party events.
• Coordinate response with IT, Legal, Human Resources, Privacy, Compliance, Communications, and external partners.
• Own and mature the Incident Response Program (policies, playbooks, exercises), ensuring thorough documentation, root-cause analysis, and corrective actions tracked to closure.
• Vulnerability Management Own the enterprise vulnerability management program (governance, risk-based prioritization, remediation tracking, and reporting).
• Oversee vulnerability discovery across infrastructure, endpoints, applications, cloud, and third parties; partner with teams to drive timely remediation based on risk and exploitability.
• Provide executive visibility into risk posture, trends, and remediation effectiveness.
• AI & Emerging Technology Security Operations Extend monitoring, IR, and vulnerability practices to AI-enabled platforms and services.
• Partner with Security Architecture, AI Governance, and Risk to ensure AI events (misuse, data leakage, model risks) are detectable and operationally manageable as capabilities evolve.
• Governance, Risk & Audit Support Support audit readiness, regulatory compliance, and incident reporting with Governance, Risk, and Compliance (GRC), Privacy, Compliance, and Internal Audit.
• Align operations to frameworks, e.g., National Institute of Standards and Technology (NIST), ISO/IEC 27001/27002 (information security) and ISO/IEC 42001 (AI management system), Center for Internet Security (CIS) Controls, and implement tools/standards driven by operational findings and emerging risk.
• Leadership & Communication Build strong partnerships across IT, Security, and business stakeholders; deliver executive-ready reporting on incidents, operational health, and risk trends.
• Develop and mentor security operations leaders, reinforcing accountability, resilience, and continuous learning.

Benefits

• comprehensive Medical (includes Prescription Drug)
• Dental
• Vision
• Flexible Spending Accounts
• 401(k) with matching company contribution
• 3-weeks paid time off plus paid sick time
• stock purchase plan
• tuition reimbursement
• parental leave
• short- and long-term disability
• life insurance
• accidental death & dismemberment insurance
• 12 paid holidays (including floating holidays)
• employee referral bonuses
• employee discounts