Director of Cybersecurity Operations

About The Position

Requirements

• Minimum of 7 years of experience in the Cybersecurity field
• Minimum of 5 years of experience working directly in a SOC
• Bachelor’s Degree in Computer Science or similar field of study

Nice To Haves

• Experience with cloud security monitoring (AWS, Azure, GCP).
• Knowledge of behavioral analytics and insider risk monitoring.
• Familiarity with automation and orchestration (SOAR platforms).
• Understanding of threat intelligence integration.
• Industry certifications such as CISSP, CISM, or equivalent.

Responsibilities

• Lead and develop a high-performing global SOC team responsible for 24x7x365 threat monitoring, detection, and incident response.
• Oversee incident detection, investigation, containment, and post-incident review processes.
• Drive continuous improvement of SOC processes, playbooks, tooling, and automation capabilities.
• Establish and mature detection engineering and threat hunting capabilities.
• Lead and mature the Cyber Threat Intelligence program, aligning it to business risk and the evolving threat landscape to proactively identify emerging threats and strengthen detection and defensive capabilities.
• Mature and operationalize the threat hunting program to deliver repeatable, proactive hunts that drive actionable security improvements.
• Mature the Purple Team program to continuously validate and strengthen detection and response capabilities through red team simulations and adversary emulation, ensuring measurable improvements in controls and key performance metrics (e.g., MTTD, MTTR).
• Establish and mature an enterprise Threat Modeling program integrated into the SDLC to proactively identify risks and ensure alignment between security requirements, monitoring use cases, and detection capabilities.
• Lead and mature the enterprise Data Security program by strengthening data inventory and classification, enhancing DLP capabilities, and improving secure data handling controls to protect sensitive information
• Ensure operational readiness through metrics, reporting, tabletop exercises, and simulations.
• Define and communicate the strategic vision and roadmap for Cybersecurity Operations.
• Develop KPIs, KRIs, and performance metrics to measure team effectiveness and risk reduction.
• Lead business planning, budget management, vendor selection, and investment ROI analysis.
• Support long-term cybersecurity strategy and annual operating plans.
• Align operations with regulatory and compliance frameworks (e.g., PCI-DSS, GDPR, NY DFS, CCPA).
• Develop executive and board-level presentations for quarterly reviews and strategic updates.
• Craft clear communications regarding cybersecurity posture, major incidents, and risk trends.
• Represent Cybersecurity Operations in internal briefings, audits, and external engagements as needed.
• Craft external communications including customer briefings, external speaking engagements, PR activities, executive reviews, etc.