Exec Director, Cyber Defense Operations

About The Position

Requirements

• 15+ years of experience in cybersecurity with 8 years in a leadership role managing global detection and response, threat hunting, or security operations teams.
• Experience developing and executing a long-term strategic vision for security operations at an enterprise scale.
• Experience leveraging automation and orchestration (i.e., SOAR) to improve the efficiency and effectiveness of a security operations center (SOC).
• Experience with the application of AI and Machine Learning (AI/ML) on security data for anomaly detection, threat modeling, and predictive security.
• Experience managing a globally distributed 24/7 security operations team.
• Experience defining and driving a multiyear strategy for threat detection and response.
• Strong understanding of security frameworks, risk management, and incident response
• Deep understanding of people, process, technologies of successful cybersecurity program
• Strong leadership and people management skills
• Strong project management and time management skills
• Proficient in analyzing operational data and creating visualizations and reports
• Strong communicator, verbal and written, with presenter skills
• Bachelor's degree required or demonstration of specialized training in the areas of SOC / CSIRT military or like-structured methodology

Nice To Haves

• Advanced Degree preferred
• technical certifications in advanced management of security incident and remediation will be considered.

Responsibilities

• Develop, maintain and execute the enterprise-wide detection and response program aligned with Cyber Defense, larger business objectives, and regulatory requirements.
• Develop, own and maintain the enterprise Detection and Response Maturity Model, Strategy, Roadmap and Operating Model.
• Lead and mentor a team of Triage, Detection Engineers, Threat Hunters, and Incident Response professionals, fostering a culture of continuous improvement and operational excellence.
• Strategize with senior leaders across Product, Engineering, and Security. You are a key stakeholder in the company's direction, advocating for the telemetry and architectural changes required to support future detection use cases.
• Serve as the Incident Commander for major security incidents, coordinating technical teams and executive leadership
• Develop innovative and cutting-edge detection content aligned with ATT&CK, ATLAS, D3FEND and various other cyber security frameworks
• Identify and surface patterns to leadership regarding root causes of problems. You anticipate future challenges and own the delivery of solutions before they become bottlenecks.
• Ensure tracking of OKRs aligned to maturity models, defining, tracking and reporting on KPIs and KRIs to track operational and strategic improvements
• Partner with threat intelligence, other security teams to enhance detection and response capabilities.
• Act as a liaison with legal, compliance, and public relations during high-impact incidents.
• Provide executive-level briefings and actionable insights to senior leadership.
• Drive automation and orchestration initiatives to improve operational efficiency.
• Monitor emerging threats and adapt operations, tactics, and strategies accordingly.
• Lead tabletop exercises and other simulations to validate readiness.

Benefits

• medical, dental, and vision coverage
• paid time off
• retirement savings options
• wellness programs
• CVS Health bonus, commission or short-term incentive program
• award target in the company’s equity award program