More jobs:
Job Description & How to Apply Below
Position Overview
The Director of SOC Engineering and Response is a senior leadership role responsible for the strategic vision, engineering, and operational effectiveness of the Security Operations Center (SOC). This individual is charged with designing, implementing, and continuously improving the technological tools, processes, and team capabilities that enable rapid detection, analysis, containment, and remediation of cyber threats. Reporting to Vice President of Cybersecurity Operations, the Director will lead a team of SOC engineers, incident responders, and technology analysts, serving as the backbone of the organization's cyber defense strategy.
Key Responsibilities
Strategic Leadership:
Lead a small team of high performing information security professionals.
Develop and communicate a clear vision for SOC engineering and incident response in alignment with the organization's security objectives and risk tolerance.
Establish and maintain the SOC's engineering roadmap, ensuring ongoing innovation and adaptation to evolving threats and technologies.
Advocate for resources, budget, and executive support necessary to build a world-class SOC engineering and response capability.
As a foundational role in the organization's information security program requires accessibility 24/7/365.
Team Management and Development:
Lead, mentor, and develop a high-performing team of SOC engineers, analysts, and responders.
Recruit, train, and retain top security talent.
Foster a collaborative, growth-oriented environment that values continuous learning and operational excellence.
SOC Engineering and Technology Enablement:
Oversee the architecture, deployment, integration, and maintenance of SOC technologies, including SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), EDR (Endpoint Detection and Response), and threat intelligence platforms.
Ensure systems are optimized for coverage, speed, accuracy, and scalability across on-premises and cloud environments.
Drive the adoption of automation, artificial intelligence, and advanced analytics to enhance detection and response capabilities.
Manage vendor relationships, tool selection, and contract negotiations to ensure the SOC leverages the best technologies for the organization's needs.
Incident Detection and Response:
Oversee 24/7 monitoring, triage, and analysis of security events to identify and remediate threats promptly.
Direct the incident response process from detection through containment, eradication, recovery, and post-incident review.
Develop, test, and maintain incident response plans and playbooks for a wide range of threat scenarios, including ransomware, phishing, insider threats, and data breaches.
Coordinate with cross-functional teams, such as IT, Legal, Compliance, and Communications, during incident response activities.
Threat Intelligence and Hunting:
Work with First Advantage's Threat Intelligence team to integrate external and internal threat intelligence sources to proactively identify emerging risks and vulnerabilities.
Support proactive threat hunting initiatives to uncover hidden threats and reduce dwell time.
Ensure threat intelligence is actionable, timely, and integrated into detection and response processes.
Process Improvement and Metrics:
Continuously assess and improve SOC workflows, processes, and procedures for effectiveness and efficiency.
Develop and track key performance indicators (KPIs), metrics, and dashboards to measure SOC performance, incident trends, and response effectiveness.
Conduct regular after-action reviews and lessons-learned sessions following security incidents and major projects.
Governance, Compliance, and
Risk Management:
Ensure SOC operations adhere to regulatory, legal, and industry standards (e.g., ISO 27001, NIST, PCI DSS, GDPR, HIPAA).
Collaborate with risk management and audit teams to address findings and recommendations.
Support audit engagements and provide evidence of SOC controls, processes, and incident records.
Executive Communication and Reporting:
Prepare and present regular reports, briefings, and executive summaries on SOC operations, threat trends, and incident…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×