Director, Security Operations
Context of Job
The Director of Security Operations is a senior cybersecurity leader responsible for designing, executing, and continually improving the institution’s security operations capabilities. This role provides strategic and hands-on leadership across the Security Operations Center, incident response, digital forensics, vulnerability management, endpoint detection and response (EDR/XDR), firewall and network security, and coordination with Managed Detection and Response (MDR) providers.
The Director works closely with central IT, schools and colleges, legal counsel, privacy, compliance, and external investigators to ensure effective detection, response, investigation, and recovery from cybersecurity incidents in a complex higher-education environment that includes on-premises, cloud, and research systems.
Major Responsibilities
- Establish and lead a mature, outcomes-driven SOC operating model aligned with higher education risk, academic openness, and regulatory requirements.
- Own threat detection and response across networks, endpoints, servers, cloud platforms, and SaaS environments.
- Lead security incident response activities, including containment, eradication, recovery, and post-incident analysis.
- Lead security operations for cloud platforms (e.g., Azure, GCP, AWS).
- Own and manage the campus Palo Alto next-generation firewall environment.
- Own the enterprise vulnerability management program.
- Ensure security operations align with relevant frameworks and regulations (e.g., NIST, HIPAA, FERPA, PCI-DSS).
- Define and track SOC metrics (e.g., MTTD, MTTR, alert quality, incident trends).
- Manage SOC-related vendors, tools, and service providers.
Qualifications
- Bachelor’s degree in cybersecurity, information technology, computer science, or a related field.
- Eight years of progressive experience in cybersecurity operations, including 5+ years in security leadership roles.
- Demonstrated experience leading SOC, incident response, digital forensics, and enterprise security operations.
- Hands-on experience with EDR/XDR, SIEM, firewalls (Palo Alto preferred), vulnerability management, and cloud security.
- Proven ability to lead security operations in complex, decentralized environments such as higher education.
Unlock this job opportunity
View more options below
View full job details
See the complete job description, requirements, and application process
