Director of Security Services

About The Position

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or equivalent professional experience.
• 7+ years of experience in cybersecurity, security operations, managed services, infrastructure security, or related technology leadership roles.
• 3+ years of experience leading technical security teams, security engineers, SOC analysts, or managed security service personnel.
• Experience working in an MSP, MSSP, consulting, or client-facing technology services environment.
• Strong understanding of SOC operations, incident response, alert triage, vulnerability management, endpoint security, email security, identity security, and cloud security.
• Strong understanding of enterprise infrastructure and security dependencies across cloud and on-premises environments, including Microsoft Azure, traditional data center infrastructure, networking, firewalls, DNS, Active Directory, Microsoft Entra ID, Intune, endpoint management, and related infrastructure technologies that support secure client operations.
• Hands-on or leadership experience with security platforms such as Rapid7, Microsoft 365 security tools, Microsoft Defender, Cisco Umbrella, Mimecast, and related security technologies.
• Experience supporting Microsoft-centric client environments, including Microsoft 365, Entra ID, Defender, Exchange Online, Intune, and security/compliance capabilities.
• Strong understanding of ITIL-based incident, problem, change, and request management processes.
• Ability to communicate effectively with executive stakeholders, technical teams, clients, vendors, and internal leadership.
• Demonstrated ability to build structure, improve processes, lead escalations, and deliver measurable service improvement.

Nice To Haves

• Experience leading managed SOC, MDR, or co-managed security services.
• Experience with security frameworks such as NIST CSF, CIS Controls, ISO 27001, or similar standards.
• Experience supporting legal, professional services, financial services, or other highly regulated client environments.
• Relevant certifications such as CISSP, CISM, Security+, CySA+, Microsoft Security certifications, or equivalent experience.
• Experience with ServiceNow.
• Experience developing client-facing security reports, executive briefings, remediation roadmaps, and QBR materials.
• Experience supporting security assessments, risk reviews, vulnerability remediation programs, security roadmaps, or vCISO/vCIO-style advisory services.

Responsibilities

• Lead the client-facing security services function, including security engineering, managed security operations, service quality, and client outcomes.
• Provide direct leadership, coaching, prioritization, and performance management for a team of security engineers.
• Establish clear operating standards, escalation paths, service expectations, documentation practices, and quality controls.
• Establish and enforce operational standards for client-facing security services.
• Partner with the EVP of Technology Enabled Solutions to define the roadmap for Opensity’s security service offerings.
• Maintain clear service definitions, scope boundaries, operational runbooks, escalation criteria, and ownership expectations.
• Serve as a senior escalation point for client security concerns, security incidents, service delivery issues, and complex technical matters.
• Oversee daily security operations for managed clients, ensuring alignment with defined SLAs, client expectations, and internal operational standards.
• Lead the operational delivery of SOC-supporting services.
• Ensure proper incident response coordination across internal teams, client stakeholders, third-party security partners, and external vendors.
• Support major incident response activity by providing executive-level communication, timeline development, containment coordination, remediation oversight, and post-incident reporting.
• Drive continuous improvement in how security incidents are documented, communicated, escalated, and resolved.
• Own the operational use, service delivery standards, governance, and client-facing effectiveness of security tools.
• Partner with Corporate Information Security, Engineering, IT, and other platform owners for shared tools.
• Ensure security tools are properly configured, monitored, maintained, documented, and aligned to service delivery standards.
• Work with engineering teams to improve integrations between security tools, monitoring platforms, ticketing systems, and client reporting processes.
• Develop and maintain standard operating procedures for security tooling, alert handling, escalation workflows, and client-specific requirements.
• Evaluate new security technologies, service enhancements, automation opportunities, and vendor capabilities.
• Act as a trusted security advisor to clients, providing practical guidance on risk reduction, security posture improvement, incident readiness, and operational security maturity.
• Participate in client meetings, QBRs, service reviews, renewal discussions, security assessments, and executive briefings.
• Translate complex security issues into clear business language for client executives, account teams, and internal leadership.
• Partner with Account Management, Service Delivery, Engineering, and Sales teams to support client retention, service expansion, proposal development, and security-related solution design.
• Support review of client-facing security commitments, RFP responses, service descriptions, and contractual obligations.
• Provide input into client roadmaps, remediation plans, security recommendations, and prioritized improvement initiatives.
• Build and maintain consistent security service delivery processes aligned to ITIL, SOC operations, incident management, change management, and managed services best practices.
• Partner with Corporate Information Security to ensure managed security services align with enterprise security standards, client commitments, regulatory expectations, audit requirements, and approved security governance practices.
• Ensure security work is properly captured, tracked, prioritized, and reported through Opensity’s operational systems.
• Develop KPIs and operational reporting for security services.
• Identify gaps in service delivery, staffing, tooling, documentation, and client coverage, and develop plans to address them.
• Ensure security services are delivered in a scalable, repeatable, and margin-conscious manner across the client base.
• Recruit, develop, and retain high-performing security engineering talent.
• Define roles, responsibilities, career paths, technical expectations, and performance standards for the security services team.
• Promote a culture of accountability, urgency, client service, technical excellence, and continuous improvement.
• Ensure team members maintain appropriate knowledge across security operations, Microsoft security platforms, MDR/SOC tooling, email security, endpoint protection, network security, identity security, and client-specific environments.
• Provide hands-on guidance during complex client issues while also developing the team’s ability to operate independently and consistently.