Job Description & How to Apply Below
The Vice President of Security Operations Center (SOC) at Saviynt is responsible for leading and evolving the organization's global cyber defense capabilities. This role owns 24/7 security operations, threat detection and response, threat hunting, and incident response.
The VP SOC will define the cyber defense strategy, ensure rapid and effective response to security incidents, and provide clear, risk-based insights to executive leadership and the board. This role combines strategic vision, operational excellence, and deep technical credibility to protect the organization against modern and emerging threats.
The ideal candidate will have a proven track record of 15+ years leading high-performing cybersecurity teams, proactively identifying and mitigating threats, and driving strategic security initiatives.
WHAT YOU WILL BE DOING Lead and continuously mature a 24/7 global Security Operations Center (SOC) to detect, analyze, and respond to cyber threats in real time
Refine the SOC operating model, coverage strategy, escalation paths, and incident command structure
Serve as Incident Commander for incidents including global coverage. Direct overall IR activities
Ensure high-fidelity alerting, reduced false positives, and measurable improvements in detection and response effectiveness (MTTD, MTTR)
Develop and execute a Threat Hunting strategy to proactively identify advanced, stealthy, and persistent threats before escalation
Drive adversary-focused detection aligned to MITRE ATT&CK and D3
FEND, threat intelligence, and real-world attack patterns
Establish and maintain IR playbooks, runbooks, escalation procedures, and cross-functional coordination with IT, Legal, Communications, Risk, and Compliance
Lead forensic investigations, root cause analysis, and post-incident reviews to strengthen controls and prevent recurrence
Lead tabletop exercises, red/purple team engagements, and breach simulations to test readiness
Oversee Attack Surface Management (ASM) to continuously identify, monitor, and reduce external and internal exposure across cloud, SaaS, identity, endpoints, and networks
Oversee Dark Web Monitoring initiatives to detect leaked credentials, data exposure, insider threats, and early indicators of compromise
Collaborate closely with Threat Intelligence teams to track adversary TTPs, emerging threats, and sector-specific risks, translating intelligence into actionable detections and controls
Develop and execute a comprehensive Cyber Defense strategy, aligning security operations with business objectives, risk appetite, and regulatory requirements
Own the SOC technology stack, including SIEM, SOAR, EDR/XDR, CNAPP, cloud security tooling, case management, and forensic platforms
Drive automation and orchestration to reduce manual effort and scale SOC operations efficiently
Manage, mentor, and grow high-performing teams across SOC, Threat Hunting, Incident Response, and Threat Intelligence functions
Establish career paths, training programs, and succession planning for security operations talent
Partner with Product, Engineering, Infrastructure, Legal and HR teams to ensure alignment with security frameworks and regulatory obligations
Present clear, business-aligned cyber risk metrics, threat trends, and program updates to executive leadership and the board
WHAT YOU BRING Bachelor's or master's degree in computer science, Information Security, or a related field. Or equivalent work experience with demonstrated results
15+ years of experience leading cybersecurity teams across SOC, Threat Hunting, Incident Response, Attack Surface Management, Dark Web Monitoring and Threat Intelligence
Proven executive leadership and crisis management experience handling major security incidents and board-level communications
Deep expertise in MITRE ATT&CK, threat intelligence frameworks, adversary emulation, and digital forensics
Strong hands-on and architectural understanding of SIEM, SOAR, EDR/XDR, and cloud security technologies (AWS, Azure, GCP)
Experience designing and executing cyber defense strategies in large-scale, complex enterprise environments
Solid knowledge of offensive security techniques and attacker methodologies, with the ability to translate them into effective defensive strategies
Certifications - CISSP, CISM, CCSP, or equivalent are nice to have but not a requirement
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×