About this role
Lead enterprise security operations and manage SOC execution across monitoring, detecting, responding, and recovering from cybersecurity threats. Own the security operations strategy, incident response program maturity, detection coverage, and operational tooling performance while reporting executive metrics and driving continuous improvement.
Key Responsibilities
- Establish enterprise security operations strategy
- Direct day-to-day SOC functions and triage
- Lead and mature incident response program (playbooks, tabletop exercises, post-incident reviews)
- Own security detection strategy and coverage with engineering
- Oversee security tooling (SIEM, SOAR, EDR) and vulnerability response coordination
Technical Overview
Own security detection strategy and coverage, partnering with engineering to improve logging, SIEM content, alert fidelity, use-case development, and threat hunting. Oversee security tooling including SIEM, SOAR, EDR, and case management, and drive metrics such as MTTD/MTTR and containment time across a 24x7 operational model.
Ideal Candidate
The ideal candidate is a cybersecurity leader with 7+ years of progressive security operations and incident response experience and 5+ years of people leadership experience managing senior, cross-functional, geographically distributed teams. They will own the security operations strategy and SOC execution, driving measurable improvements across detection, response, recovery, vulnerability response, and security automation.
Must-Have Skills
7+ years of progressive experience in cybersecurityincluding security operationsincident responseand security monitoring5+ years of people leadership experienceincluding managing senior employees and leading cross-functionalgeographically distributed teamsestablish and execute the enterprise security operations strategydirect day-to-day Security Operations Center (SOC) functionslead and mature the incident response programown security detection strategy and coveragedefine and manage key performance indicators (KPIs) and service level objectives (SLOs) for security operationsoversee security tooling and operational capabilities (e.g.SIEMSOAREDRcase management)
Nice-to-Have Skills
threat hunting capabilities
Tools & Platforms
SIEMSOAREDRcase managementSecurity Operations Center (SOC)
Required Skills
security operations strategysecurity monitoringincident response operating modelSecurity Operations Center (SOC)incident responseplaybookstabletop exercisespost-incident reviewsSIEM contentalert fidelityuse-case developmentthreat huntingKPIsservice level objectives (SLOs)MTTD/MTTRcontainmenteradicationrecoverySIEMSOAREDRcase managementvendor managementbudget planninglifecycle managementsecurity automationvulnerability responserisk acceptanceclosure of critical findingsgovernancemetricscontinuous improvement
Hard Skills
cybersecuritysecurity operations strategysecurity monitoringincident response operating modelsecurity incident triagesecurity event investigationcontainmenteradicationrecoveryincident response programincident response playbookstabletop exercisespost-incident reviewsthreat detection engineeringsecurity detection strategyloggingSIEM contentalert fidelityuse-case developmentthreat hunting capabilitieskey performance indicators (KPIs)service level objectives (SLOs)MTTD/MTTRcontainment timealert qualitysecurity tooling operationsvendor managementbudget planninglifecycle managementoperational resiliencyoperational vulnerability responsesecurity automationvulnerability remediation prioritizationrisk acceptanceclosure of critical findingsgovernancemetricscontinuous improvementsecurity monitoring24x7 operational readinessSecurity Operations Center (SOC) functionssecurity assurance needsexecutive-ready reportingperformance managementsuccession planninginclusive culture of accountabilitycybersecurity threat monitoringcybersecurity threat detectioncybersecurity threat response
Soft Skills
leadershipcross-functional collaborationpartnering with technology and business leadersstakeholder managementgovernance and executive reporting communicationmentoringhiring strategyinclusive culture buildingaccountability and learning culturecontinuous improvement mindset
Keywords for Your Resume
Director Security Operationssecurity operationsSecurity Operations Center (SOC)incident responseSIEMSOAREDRcase management24x7 operational readinessthreat detection engineeringsecurity detection strategyloggingalert fidelityuse-case developmentthreat huntingMTTD/MTTRservice level objectives (SLOs)key performance indicators (KPIs)containmenteradicationrecoverytabletop exercisespost-incident reviewsvulnerability responsesecurity automation
Deal Breakers
Must have 7+ years of progressive cybersecurity experience including security operations, incident response, and security monitoring, Must have 5+ years of people leadership experience managing senior employees and leading cross-functional, geographically distributed teams
Get matched to jobs like this
Luna finds roles that fit your skills and career goals — no endless scrolling required.
Create a Free Profile