About Eleven Recruiting We are a specialized technology staffing agency supporting professional and financial services companies. Why do we stand out in technology staffing? We listen and act as advisors for our candidates on how they can best add value, find interesting projects, and pave a path for career advancement. We advocate for best pay, diversity in tech, and best job-fit for every candidate we place.

Our client, a leading financial services firm, is seeking an Associate Director of Cyber Investigations to join their team in New York, NY!

Responsibilities: Lead Security Operations Center services, driving key technological and procedural improvements. Partner with internal teams and external MSSPs to stay ahead of cyber threats and attack trends. Establish and track SOC performance metrics for continuous improvement. Build and develop a high-performing Cyber Investigations team (in-house and external MSSP and MDR partners). Effectively interact with colleagues across the Cybersecurity team, as well as the broader Technology and Application teams Oversee the security incident triage identified by internal controls or external SOC partners and escalate as appropriate. Conduct threat research, incident response, and automation workflows. Enhance detection, investigation, and response capabilities through automation and enrichment. Detect, identify, and respond to cyber events, threats, security risks and vulnerabilities in line with cyber security policies and procedures. Identify opportunities to contain, obstruct, and deter adversaries. Lead threat hunting efforts, leveraging intelligence and internal tools. Document and manage the incident lifecycle, ensuring clear handoffs and escalations. Optimize security tools and workflows in partnership with security and platform engineering teams. Strengthen incident response planning and execution, ensuring measurable security improvements. Align with GRC team and drive postmortem exercises to strengthen security posture and GRC control testing.

Qualifications: Bachelor's degree in computer science, Information Technology, or related field. 6+ years in Enterprise Cybersecurity, or equivalent experience in a consulting firm or public sector offering security operations. Experience with SIEM tools (Splunk, SumoLogic, Sentinel, QRadar, etc.) and Endpoint Detection & Response tools (CrowdStrike, CarbonBlack, SentinelOne, etc.). Previous work in 24x7 SOC environments. Excellent communication and self-management skills. Experience testing and validating security controls. Proficiency in SQL, Python, PowerShell scripting, and SOAR integration preferred. Professional Certifications such as CISSP, CISM, CEH, GCIH, GCIA, GSOC are a plus.