Skip to main content
Portrait of a young businessman working at his desk in a modern officePortrait of a young businessman working at his desk in a modern office

Vice President of Security Operations Center

Apply Now
Apply Now

Description

The Security Operations Center moves quickly, no single day is the same as the previous day and the team interacts with a wide variety of stakeholders. The VP of Security Operations should have an innate interest in building tools, be comfortable working with new technologies, and have a strong enthusiasm for enabling business operations through secure designs. Everyone on our team must welcome learning from and working with colleagues from a variety of backgrounds, roles, and needs. Reporting to the Chief Information Security Officer (CISO), this role will be responsible for leading our Security Operations Team and driving to the next level in our Capability Maturity. Our Security Operations team handles SOC operations, Incident Detection and Response enriched by Threat Intelligence, and Vulnerability Management at all layers of the stack.
This team is also responsible for identifying, deploying and maintaining the tools required to provide these services.

Responsibilities:

  • Lead and coach our Security Operations and Incident Response Team to ensure prompt mitigation of any security threat.
  • Define, deploy and tune our Detection and Response platforms to ensure appropriate visibility across the enterprise.
  • Identify and incorporate all log sources required and work towards a centralized dashboard and a rational set of alerts.
  • Update Incident Response plan and develop SOPs and playbooks for Blue Team operations.
  • Manage Endpoint Detection & Response (EdR) tooling and processes to ensure maximum effectiveness.
  • Manage vendor partners to ensure the enterprise gets maximum value from engagements (right size, define KPIs, etc.).
  • Manage vendor partners to ensure the enterprise gets maximum value from engagements (right size, define KPIs, etc.).
  • Run a Vulnerability Management program to ensure that we have complete coverage, accurate and up-to-date data on our vulnerability posture and a process to quickly remediate vulnerabilitie.
  • Keep current on information security risks, threat vectors and indicators of compromise. Keep current on technology trends for Blue Team tools.
  • Maintain regular and punctual attendance. Comply with all company policies and procedures.

Essential and Other Job Duties and Responsibilities:

  • Self-starter; come with ideas and be ready to implement them using data to justify the approach and the effectiveness of your program.
  • Experience managing Security Operations Center and Blue Teams.
  • Experience with Incident Response and Security Operations in cloud environments across Major Cloud Providers in IaaS, PaaS and SaaS space; knowledge of all security tools, features and approaches in AWS.
  • Technical expertise in Intrusion Prevention System (IPS)/Intrusion Detection System (IDS), SIEMs and other network and endpoint (e.g. EDR) defense tools.
  • Ability to successfully make liaison with business units to understand workflows and engineer the appropriate detective and preventive controls without impacting operations.
  • Proven ability to effectively prioritize and execute in a high-pressure environment.
  • Ability to mentor and teach junior engineers and administrators to grow capability in the team.

Qualifications:
  • Bachelor's Degree required
  • Minimum of 8 years of recent Secruity Operations Leadership experience required.
  • Security certification - GIAC, ISC2 or ISACA certification(s).
  • Strong verbal and written communication skills with the ability to articulate complex technical ideas in easy to understand business terms.
  • Ability to accomplish results through others, particularly by establishing relationships, effective controls and leading in a managed service environment.
  • Strong understanding of cybersecurity governance, design, and operations.
  • Experience with Containerized microservices and Kubernetes.
  • Experience with SQL, and ability to develop data-driven approaches to monitor the effectiveness and efficiency of our detective controls.
  • This position will have direct reports.

#CB

#LI-EB1