Key skills
Cyber SecurityLeadershipCommunicationPenetration Testing
About this role
Role Overview
- Own end-to-end security operations including SOC, monitoring, and detection capabilities
- Oversee SIEM, EDR, and logging programs to ensure effective threat detection and response
- Manage internal and third-party security operations providers (e.g., MSSP)
- Continuously improve alert quality, detection coverage, and operational efficiency
- Act as technology incident commander for security events and incidents
- Lead operational response including triage, containment, eradication, and recovery
- Ensure incidents are managed in accordance with established procedures and SLAs
- Escalate critical and high-risk incidents to the CISO with clear analysis and recommendations
- Lead post-incident reviews and drive continuous improvement actions
- Own the operational lifecycle of vulnerability management including scanning, prioritization, and remediation tracking
- Ensure adherence to defined remediation timelines and SLAs
- Coordinate penetration testing activities and validation of remediation efforts
- Provide visibility into vulnerability risk and remediation progress
- Oversee logging and monitoring programs to ensure comprehensive visibility across the environment
- Drive development and tuning of detection use cases and alert logic
- Ensure effective integration of threat intelligence into detection and response processes
- Oversee operational response to phishing and email-based threats
- Ensure timely triage, analysis, and mitigation of reported phishing activity
- Partner with the Manager, Information Security on phishing trends and control improvements
- Ensure security controls are operating effectively across monitoring, incident response, vulnerability management, and access enforcement
- Identify control gaps, breakdowns, or inefficiencies and drive remediation
- Escalate systemic control issues and risks to the CISO and Technology Risk
- Develop and maintain operational metrics and KPIs (e.g., MTTR, vulnerability SLAs, alert volumes)
- Provide regular reporting on security operations performance and risk trends
- Identify opportunities to improve automation, tooling, and processes
- Lead and mentor security operations personnel
- Partner with Infrastructure, Engineering, DevSecOps, and Technology teams to implement and improve controls
- Support audits, regulatory assessments, and evidence requests related to security operations
Requirements
- Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)
- 7+ years of experience in cybersecurity, with a focus on security operations, incident response, or SOC leadership
- Experience managing security monitoring, SIEM, and incident response programs
- Strong understanding of vulnerability management and threat detection
- Experience operating in regulated environments (PCI, FFIEC, or similar)
- Strong leadership, communication, and decision-making skills
Tech Stack
- Cyber Security
Benefits
- Pre-tax and post-tax retirement savings plans with a competitive company matching program
- Generous paid time-off plans including vacation, personal/sick time, paid short-
- term and long-term disability leaves, paid parental leave, and paid company holidays
- Multiple health care plans to choose from, including dental and vision options
- Flexible Spending Plans for Health Care, Dependent Care, and Health Reimbursement Accounts
- Company-paid benefits such as life insurance, wellness platforms, employee assistance programs, and Health Advocate programs
- Other great discounted benefits include identity theft protection, pet insurance, fitness center reimbursements, and many more!