Facebook pixel

Director – Security Operations & Incident Response
Posted on 3/14/2023
Remote • United States
Experience Level
Desired Skills
  • 10+ years of relevant hands-on cybersecurity experience dealing with incident detection and response
  • 5+ years of formal people management experience
  • Ability to manage multiple activities and events simultaneously, with a strong ability to prioritize multiple tasks and respond to high-priority events
  • Ability to work independently and collaboratively with teams that are geographically distributed
  • Strong communication skills and able to prepare and present well written papers, briefing and other materials to senior leadership across the enterprise
  • Demonstrated ability to form coalitions amongst disparate groups, be able to produce thorough and precise documentation, and have sound decision making skills
  • Bachelor's Degree in Computer Engineering / Computer Science or equivalent work experience
  • Possess current security certifications (e.g. CISSP, CISM, CEH, Security+ or SANS certification or equivalent)
  • Remote position
  • Professional office environment
  • Up to 10% travel required
  • Lead all aspects of a SOC and IR organization with a focus on providing a comprehensive cyber defense and response capability
  • Develop and build out additional SOC and DFIR program capabilities, processes, and procedures, and align them to the ConnectWise long-term cyber strategy
  • Develop roadmaps, set objectives, and choose initiatives that support the goals of improving capability maturity
  • Provide strategic direction for advancement of SOC detection, analysis, response, and prevention capabilities
  • Partner with engineering, operations, and other teams to improve ConnectWise's cyber defense posture
  • Recommend changes to practices and policies and help direct the operationalization and measure the effectiveness of program components
  • Work with your team to identify, track and remove impediments to improve our visibility, monitoring, and investigation capabilities
  • Lead security incident and data breach investigations and handle post-incident reporting in urgent or critical situations
  • Translate the lessons learned from a security incident or data breach to improve our program or address control deficiencies
  • Use a maturity model to measure the incident detection and response capability and identify capability gaps in all support environments over time
  • Develop metrics for reporting purposes and drive specific actions, including measuring and improving operational effectiveness and performance and determining detective control effectiveness and coverage
  • Coach your team to improve performance and morale

501-1,000 employees

Software solutions for TSPs
Company Core Values
  • Drive partner success
  • Innovate everywhere
  • Make a difference
  • Perform as a team
  • Take pride in our work
  • Own the outcome