Title: Security Operations Director

Location: Northeastern U.S. Region (Hybrid) Employment Type: Full-Time/Perm

Description: • The Security Operations Director for Detection and Response is responsible for guiding cybersecurity operations strategy, directing threat detection and incident response functions, and maturing security practices across the enterprise. • This role provides leadership to teams responsible for threat analysis, incident management, and cyber crisis response with a focus on supporting the needs of a complex, regulated industry environment.

Responsibilities: • Oversee and evolve monitoring, detection, response, and recovery capabilities within the cybersecurity function. • Manage daily activities and performance across the Security Operations Center (SOC). • Implement and enhance tools, frameworks, and operational methodologies across SOC and incident response teams. • Lead threat hunting, complex investigations, and coordination of cyber crisis response activities. • Maintain, update, and enforce SOPs, playbooks, and incident response protocols. • Ensure timely and effective mitigation and reporting of security events. • Maintain visibility into escalated alerts, digital forensic activity, vulnerability status, and intelligence trends. • Support evidence collection and reporting in line with legal and compliance standards. • Work with IT, legal, compliance, privacy, and business teams to align security initiatives with organizational priorities. • Report cybersecurity posture and performance metrics to leadership. • Foster adoption of automation and continuous improvement across SOC processes. • Guide and mentor security analysts and incident responders in a growth-oriented environment. • Contribute expertise to cloud monitoring and cloud-based threat response.

Required Skills: • Minimum of 10 years of relevant experience; 8+ years with a bachelor's degree. • At least 4 years of team leadership or management experience. • 5+ years in intrusion detection or incident response. • Proven track record managing incident response or SOC operations in enterprise settings. • Strong experience with SOC platforms (e.g., alerting, automation, and monitoring tools). • Expertise leading technical teams across various experience levels. • Deep knowledge of incident response standards, frameworks, and best practices. • Excellent communication, organizational, and problem-solving skills.

Desired Skills: • Technical proficiency with current and emerging cybersecurity technologies. • Hands-on experience across the cybersecurity lifecycle (Protect, Detect, Respond, Sustain). • In-depth understanding of threat actor methodologies, intrusion tactics, and exploitation techniques. • Experience applying frameworks like the Cyber Kill Chain or MITRE ATT&CK. • Familiarity with High Value Asset identification and risk-based prioritization.

Compensation: Pay Range: $126000K-$180000K

Benefits: A comprehensive benefits package is offered, reach out to your Mitchell Martin Recruiter Michael Iacono,michael.iacono@itmmi.com to find out more.

EEO Statement: Learn more about our EEO policy here https://www.mitchellmartin.com/eoe-statement