The Vice President of Security Operations Center (SOC) at Saviynt is responsible for leading and evolving the organization’s global cyber defense capabilities. This role owns 24/7 security operations, threat detection and response, threat hunting, and incident response.
The VP SOC will define the cyber defense strategy, ensure rapid and effective response to security incidents, and provide clear, risk-based insights to executive leadership and the board. This role combines strategic vision, operational excellence, and deep technical credibility to protect the organization against modern and emerging threats.
The ideal candidate will have a proven track record of 15+ years leading high-performing cybersecurity teams, proactively identifying and mitigating threats, and driving strategic security initiatives.
WHAT YOU WILL BE DOING
Lead and continuously mature a 24/7 global Security Operations Center (SOC) to detect, analyze, and respond to cyber threats in real time.
Refine the SOC operating model, coverage strategy, escalation paths, and incident command structure.
Serve as Incident Commander for incidents including global coverage. Direct overall IR activities.
Ensure high-fidelity alerting, reduced false positives, and measurable improvements in detection and response effectiveness (MTTD, MTTR).
Develop and execute a Threat Hunting strategy to proactively identify advanced, stealthy, and persistent threats before escalation.
Drive adversary-focused detection aligned to MITRE ATT&CK and D3FEND, threat intelligence, and real-world attack patterns.
Establish and maintain IR playbooks, runbooks, escalation procedures, and cross-functional coordination with IT, Legal, Communications, Risk, and Compliance.
Lead forensic investigations, root cause analysis, and post-incident reviews to strengthen controls and prevent recurrence.
Lead tabletop exercises, red/purple team engagements, and breach simulations to test readiness.
Oversee Attack Surface Management (ASM) to continuously identify, monitor, and reduce external and internal exposure across cloud, SaaS, identity, endpoints, and networks.
Oversee Dark Web Monitoring initiatives to detect leaked credentials, data exposure, insider threats, and early indicators of compromise.
Collaborate closely with Threat Intelligence teams to track adversary TTPs, emerging threats, and sector-specific risks, translating intelligence into actionable detections and controls.
Develop and execute a comprehensive Cyber Defense strategy, aligning security operations with business objectives, risk appetite, and regulatory requirements.
Own the SOC technology stack, including SIEM, SOAR, EDR/XDR, CNAPP, cloud security tooling, case management, and forensic platforms.
Drive automation and orchestration to reduce manual effort and scale SOC operations efficiently.
Manage, mentor, and grow high-performing teams across SOC, Threat Hunting, Incident Response, and Threat Intelligence functions.
Establish career paths, training programs, and succession planning for security operations talent.
Partner with Product, Engineering, Infrastructure, Legal and HR teams to ensure alignment with security frameworks and regulatory obligations.
Present clear, business-aligned cyber risk metrics, threat trends, and program updates to executive leadership and the board.
WHAT YOU BRING
Bachelor’s or master’s degree in computer science, Information Security, or a related field. Or equivalent work experience with demonstrated results.
15+ years of experience leading cybersecurity teams across SOC, Threat Hunting, Incident Response, Attack Surface Management, Dark Web Monitoring and Threat Intelligence.
Proven executive leadership and crisis management experience handling major security incidents and board-level communications.
Deep expertise in MITRE ATT&CK, threat intelligence frameworks, adversary emulation, and digital forensics.
Strong hands-on and architectural understanding of SIEM, SOAR, EDR/XDR, and cloud security technologies (AWS, Azure, GCP).
Experience designing and executing cyber defense strategies in large-scale, complex enterprise environments.
Solid knowledge of offensive security techniques and attacker methodologies, with the ability to translate them into effective defensive strategies
Certifications - CISSP, CISM, CCSP, or equivalent are nice to have but not a requirement
Diese Cookies sind für das Funktionieren der Website erforderlich und können in unseren Systemen nicht abgeschaltet werden. Sie können Ihren Browser so einstellen, dass er diese Cookies blockiert, aber dann könnten einige Teile der Website nicht funktionieren.
Sicherheit
Benutzererfahrung
Zielgruppenorientierte Cookies
Diese Cookies werden über unsere Website von unseren Werbepartnern gesetzt. Sie können von diesen Unternehmen verwendet werden, um ein Profil Ihrer Interessen zu erstellen und Ihnen an anderer Stelle relevante Werbung zu zeigen.
Google Analytics
Google Ads
Wir benutzen Cookies
🍪
Unsere Website verwendet Cookies und ähnliche Technologien, um Inhalte zu personalisieren, das Nutzererlebnis zu optimieren und Werbung zu indvidualisieren und auszuwerten. Indem Sie auf Okay klicken oder eine Option in den Cookie-Einstellungen aktivieren, stimmen Sie dem zu.
Die besten Remote-Jobs per E-Mail
Schliess dich über 5'000+ Personen an, die wöchentlich Benachrichtigungen über Remote-Jobs erhalten!
