Director, Security Operations

View full description

Requirements:

• Experience: 8+ years leading cybersecurity, detection and response, and/or corporate security programs including experience securing and/or defending large-scale web/cloud applications and infrastructure.
• 4+ years experience managing individual contributors as well to include experience managing other managers.
• Demonstrated experience in security operations teams with significant experience across the entire IR lifecycle, including running incidents, building threat detection capabilities, leveraging SIEM, and incorporating threat intelligence.
• Passion for fostering psychological safety and stability in high stress environments.
• Practical experience with common security infrastructure such as log/SIEM analysis systems, firewalls, identity and access management, vulnerability management, etc.
• Practical experience with common Corporate Security practices endpoint, SaaS, and corporate IAM security.
• Exposure to different software development life-cycles and product security programs.
• Demonstrated software development experience with Go, Ruby on Rails, shell scripting, python, or other languages.
• Exposure to digital forensics and incident response, including system forensics, memory forensics, network analysis, malware analysis, cyber threat intelligence, and log analysis.
• Exceptional written and verbal communication skills with a strong sense of empathy and the ability to advocate for your team.
• Experience collaborating across departments such as with internal business or engineering units, external incident response teams, and law enforcement throughout the entire incident lifecycle.
• Experience working with and briefing executives, legal counsel, and public relations professionals during security incidents.
• Experience collaborating on Bug Bounty disclosures and triaging reports.

Responsibilities:

• Serving as a great people leader for the team, managing both ICs and managers, meeting with members 1-1 on a regular basis, giving guided performance feedback, and helping individuals plan and execute on their career development objectives.
• Serving as the hiring manager for the team to bring in new engineers and analysts who not only complement the existing team's skills, but who also have new perspectives, ideas, and experiences.
• Guiding the team's vision, helping build roadmaps, ensuring projects get staffed effectively, and setting priorities that align with both the team and the company's goals.
• Establishing and maintaining intra-department, cross-department, and management level communications.
• Provide leadership during and after security incidents both within the security operations team and cross-functionally across the company demonstrating a bias for action and critical prioritization.
• Being passionate about creating and fostering good security practices and processes throughout the company.
• Managing team budgets, external consultants, and service provider contracts.
• Participate in an on-call rotation and contribute to ensuring the incident management process is streamlined and efficient for all of 1Password.
• Develop and execute blameless mitigation and remediation plans to restore the confidentiality and integrity of compromised resources.
• Pair with dedicated legal and privacy professionals to assess and mitigate business, technical, and regulatory risk.
• Closely partner with existing application and product security teams to evaluate application security issues and drive long-term risk reduction through incident remediation.