Director, Security Operations

About The Position

Requirements

• 10+ years of progressive experience in cybersecurity, information security, or related technology roles.
• 5+ years of leadership experience in security operations, incident response, threat detection, or a comparable cyber operations function.
• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, Engineering, or a related field; or equivalent combination of education and relevant professional experience.
• Demonstrated experience leading security monitoring and incident response programs in a mid-sized or large enterprise environment.
• Experience managing or overseeing SOC operations, including internal teams, managed security service providers, or hybrid operational models.
• Experience leading significant cybersecurity incidents, investigations, and post-incident remediation efforts.
• Experience with vulnerability operations, remediation governance, and security operations tooling strategy and optimization.
• Experience developing operational metrics, executive dashboards, and performance reporting for leadership audiences.
• Experience managing technical teams, vendors, and cross-functional stakeholders in support of enterprise security objectives.

Nice To Haves

• Master’s degree in Cybersecurity, Information Assurance, Computer Science, Business Administration, or a related discipline.
• Professional certifications such as CISSP, CISM, GIAC, GCIA, GCIH, or other relevant security operations, incident response, or leadership credentials.
• Experience in SaaS, cloud-native, highly regulated, or customer-facing technology environments.
• Experience aligning operational practices to recognized frameworks or standards such as NIST CSF, NIST SP 800-61, ISO 27001, CIS Controls, SOC 2, PCI DSS, HIPAA, or other applicable requirements.
• Experience building or maturing detection engineering, threat hunting, digital forensics, or crisis management capabilities.
• Experience supporting customer-facing security reviews, external audits, or regulatory examinations involving operational controls.

Responsibilities

• Lead the strategic direction, operating model, and maturity roadmap for the security operations function, including monitoring, detection, response, and operational resilience activities.
• Oversee security operations center (SOC) capabilities, whether internal, outsourced, or hybrid, and ensure monitoring coverage for critical enterprise, cloud, endpoint, identity, network, and application environments.
• Direct the end-to-end incident response lifecycle, including triage, investigation, containment, eradication, recovery, escalation, and post-incident lessons learned.
• Establish and maintain operational processes, standard operating procedures, escalation criteria, and playbooks for security events, incidents, and crisis situations.
• Lead and improve vulnerability operations in partnership with infrastructure, engineering, and application teams, including prioritization, remediation oversight, exception handling, and reporting.
• Manage and optimize core detection and response technologies such as SIEM, SOAR, EDR/XDR, case management, threat intelligence, email security, and related operational tooling.
• Drive detection engineering, use-case development, alert tuning, and automation initiatives to improve fidelity, reduce noise, and accelerate response times.
• Coordinate with legal, privacy, compliance, human resources, communications, and executive leadership during significant cybersecurity incidents and investigations.
• Support digital forensics, threat hunting, and root cause analysis efforts as needed for material incidents or suspicious activity.
• Partner with security architecture, engineering, and IT operations teams to improve control effectiveness, close operational gaps, and strengthen preventive and detective capabilities.
• Lead service reviews and performance oversight for managed security service providers, technology vendors, and other external partners supporting operational security functions.
• Coach, develop, and performance-manage analysts, engineers, and operational leaders while fostering a resilient, accountable, and continuously improving team culture.

Benefits

• Fantastic health and wellness benefits package
• Outstanding 401k match
• Flexible PTO program
• Generous and inclusive parental leave policy
• Relias pays for the employee portion of the monthly healthcare premium
• Flexible work environment with onsite and work from home options
• Active Employee Resource Groups open to all employees
• Comprehensive onboarding program
• Growth and career advancement opportunities
• Promotes internal mobility and career growth aligned with evolving business needs
• Multiple development program options – leadership development, professional development curriculums, and Nanodegree options in both technology and data science
• Professional development gained from conference attendance and participation in organizations like NC Tech
• Onsite 321 Coffee Shop providing free coffee and pastries to employees