Director, Security Operations Center (SOC)

📋 Description

• • Own and evolve the global Security Operations Center for UltraViolet Cyber, setting the strategic vision that turns our security-as-code platform into a competitive advantage for Fortune 500, Federal, and Commercial clients. You will architect the next-generation SOC, unifying red-team insights and blue-team defenses into a single, continuously optimized capability that anticipates threats before they materialize.
• • Lead a cross-functional team of Security Analysts, Engineers, and Threat Hunters distributed across U.S. and India offices. Through hands-on mentorship and data-driven coaching, you will cultivate a culture of curiosity, precision, and rapid iteration that keeps our analysts—and our clients—ahead of adversaries.
• • Establish and govern repeatable, measurable processes rooted in MITRE ATT&CK, NIST CSF, and ISO 27001. You will author and maintain playbooks, runbooks, and SLAs that turn chaos into clarity, ensuring every alert is triaged, every incident is contained, and every lesson learned is codified into the platform.
• • Direct the deployment, tuning, and integration of core security technologies—SIEM, SOAR, IDS/IPS, EDR/XDR, and threat-intel feeds—across hybrid cloud and on-prem estates. You will drive vendor selection, negotiate contracts, and oversee data-pipeline engineering to maximize visibility while minimizing false positives.
• • Orchestrate enterprise-scale incident response from initial alert through executive briefing and post-mortem. You will coordinate technical responders, legal counsel, compliance officers, and client stakeholders to contain breaches within minutes, not hours, and translate technical findings into board-ready risk narratives.
• • Design and automate detection logic using Python, KQL, and PowerShell to reduce MTTR and free analysts for higher-order threat hunting. You will champion security-as-code practices—version-controlled rules, CI/CD pipelines for detections, and infrastructure-as-code for SOC tooling—that scale effortlessly as our client base grows.
• • Define, track, and socialize KPIs that matter: mean time to detect (MTTD), mean time to respond (MTTR), dwell time, threat-coverage gaps, and client-satisfaction scores. You will present monthly dashboards to the C-suite, translating telemetry into ROI and influencing investment decisions across the company.
• • Partner with Product Engineering to feed real-world SOC insights back into the UltraViolet Cyber platform. Your team’s frontline experience will shape roadmap priorities, ensuring every new feature hardens defenses and delights analysts.
• • Build a talent pipeline through university alliances, diversity-focused recruiting events, and internal upskilling academies. You will create clear career paths—from Tier 1 Analyst to Principal Hunter—and tie professional development goals to measurable SOC outcomes.
• • Anticipate the threat landscape of tomorrow by leading purple-team exercises, threat-modeling workshops, and red-team adversary emulations. You will convert emerging TTPs into proactive defenses that keep our clients resilient against ransomware, supply-chain attacks, and zero-day exploits.
• • Champion a “secure-by-design” culture across UltraViolet Cyber and its clients. You will sit on the company’s Risk Committee, influence policy, and serve as the public face of our SOC during webinars, conferences, and client QBRs.