Job Title: Cyber Operations Director
">
We are seeking a seasoned cybersecurity professional to lead our Cyber Operations team. As the Cyber Operations Director, you will be responsible for overseeing cyber threat intelligence, detection engineering, incident response, and SOC functions in our organization.
The ideal candidate is an experienced cybersecurity leader who thrives under pressure, communicates effectively across technical and business teams, and is passionate about growing and developing a high-performing team.
">
Key Responsibilities:
* In-depth Technical Leadership: Serve as the technical SME to Cyber Threat Intel, Detection Engineering, and Incident Response team members.
* Security Event and Incident Leadership: Be the leader for our first line of defense against high-priority security events, ensuring accurate triage and response.
* Operational Excellence: Maintain day-to-day operations across a distributed environment, ensuring balance, coverage, and response consistency.
* Team Management & Development: Oversee analysts, foster mentorship and career growth, and lead by example during critical incidents.
* Strategic Communication: Translate technical insights for executive audiences, escalate risks, and drive cross-functional collaboration.
* Metrics-Driven Management: Use data to track effectiveness, drive accountability, and highlight trends to stakeholders.
Core Duties:
* Leader of Multidiscipline Team: Intra-team coordination and planning of a multidisciplinary group of cyber defenders.
* Tactical Understanding: Act as Incident Commander, providing direction and focus on cyber events tactically.
* Detection and Response: Demonstrated expertise in building detection and response techniques by both building and utilizing detections from tools such as SIEM, EDR, NDR, and other security platforms.
* Threat Analysis: Ability to lead effective threat analysis to identify and understand the tactics, techniques, and procedures (TTPs) used by threat actors.
* APT and Cybercrime Groups: Understanding of APTs and cybercrime groups, how they relate to our operating environment enabling curation of CTI campaigns.
Metrics & Reporting:
* KPIs: Refine and report on KPIs such as False Positive rates, criticality of detections, and workload distribution.
* Data-Driven Decisions: Use data to support team planning, capacity management, and continuous improvement.
Strategic Planning:
* Quarterly Objectives: Plan quarterly team objectives and allocate resources based on threat landscape and business needs.
* Scheduling and Task Assignments: Optimize scheduling and task assignments for both performance and team well-being.
* Program Objectives: Develop and define program objectives in order to break them down into actionable tasks for current and upcoming quarter planning.
Growth of Capabilities:
* Technical Understanding: Develop technical understanding and abilities of individuals and teams on a small scale.
* Culture of Accountability: Foster a culture of accountability, ownership, and growth.
* Coaching and Development: Provide tailored coaching to support technical growth.
Daily Operations:
* Workload Management: Monitor team workloads to ensure balance and SLA adherence to provide Cyber Security services to the organization.
* Tooling Integrations: Collaborate across security and business units on tooling integrations and threat initiatives.
* Gap Identification: Identify gaps and defects in tooling and detections; and create suggested resolutions when reporting or collaborating with leadership and other teams.
Desirable Qualifications:
* Experience: 8+ years of experience in cybersecurity, with at least 5 years in a leadership or management role.
* Proven Experience: Proven experience in managing Incident Response, managing a SOC, CTI collection analysis, development of detections, and active threat hunting.
* Technical Skills: Advanced understanding of detection and response tools (SIEM, EDR, NDR), cloud environments (AWS, Azure, OCI, GCP), and attacker TTPs.
* Communication Skills: Exceptional communication and decision-making skills, particularly under pressure.
Benefits:
We offer a range of benefits to support our employees' careers and personal lives, including generous vacation time, healthcare, retirement benefits, student loan repayment, tuition reimbursement, six months of paid caregiver leave for new parents, and perks like Roadie Babies helping new parents care for their babies on work trips.
We also offer access to free live events through our exclusive employee ticketing program, which gives our employees the opportunity to attend concerts, festivals, and other live events.
We believe in taking care of our employees and providing them with the support they need to succeed in their careers and personal lives.