Director of IT Security Operations

About The Position

Requirements

• Must have 8-12 years in cybersecurity, with 5+ years in SOC/IR and 3+ leading detection & response in cloud-forward environments.
• Proven incident commander for high-severity events with strong executive communication.
• Deep expertise in SIEM/EDR/SOAR, cloud logs (AWS, Azure, GCP), identity signals (Okta/Entra), and scripting (Python, KQL, SPL).
• Experience managing MDR providers and running tabletop exercises.
• Prior leadership of 24×7 operations and follow-the-sun models.
• Experience with ITSM systems (ServiceNow/Jira), data lakes, and multi-cloud security controls.
• Familiarity with regulated environments (healthcare, financial services, public sector).
• BS in Information Security or related field. Certifications: CISSP, CISM, GIAC (GCIH, GCIA, GCFA, etc.).

Responsibilities

• Lead and mentor SOC analysts and engineers, fostering a collaborative, learning-driven culture.
• Define and execute a multi-quarter roadmap for detection, automation, and response workflows aligned to business risk and threat landscape.
• Establish and track KPIs/KRIs (e.g., MTTD, MTTR, ATT&CK coverage, false positive rates) with executive-ready reporting.
• Own the detection engineering pipeline and alerting strategy; drive high-fidelity detections mapped to MITRE ATT&CK.
• Conduct threat hunts and integrate CTEM/purple team outcomes to close detection gaps.
• Lead major incident response efforts, ensuring cross-functional coordination and post-incident forensics.
• Manage the SOC technology stack (SIEM, EDR, SOAR, etc.), prioritizing automation and enrichment to reduce analyst toil.
• Expand telemetry coverage and optimize data quality, retention, and cost efficiency.
• Evaluate and integrate new security tools; manage vendor relationships, SLAs, and QBRs.
• Partner with GRC to support SOC 2, ISO 27001, HIPAA/HITRUST, and other regulatory requirements.
• Collaborate across Security, Infrastructure, and Risk teams to reduce attack surface and drive remediation.
• Select, develop, and evaluate staff to ensure the efficient operation of department.
• Collaborate, coordinate, and communicate across disciplines and departments.
• Ensure compliance with HIPAA regulations and requirements.
• Demonstrate Company's Core Competencies and values held within.
• Please note due to the exposure of PHI sensitive data -- this role is considered to be a High Risk Role.
• The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.

Benefits

• Medical (PPO & HDHP), dental and vision coverage
• Pre-tax Savings Account (FSA & HSA)
• Life & Disability Insurance
• Paid Parental Leave
• 401(k) company match
• Employee Stock Purchase Plan
• Generous Paid Time Off -- accrued based on years of service
• o WA Candidates: the accrual rate is 4.61 hours every other week for the first two years of tenure before increasing with additional years of service
• 10 paid company holidays
• Tuition reimbursement
• Employee Assistance Program
• Sick time benefits -- for eligible employees, one hour of sick time for every 30 hours worked, up to a maximum accrual of 40 hours per calendar year, unless the laws of the state in which the employee is located provide for more generous sick time benefits