Director, Security Operations

CyberSheath Services International LLC is a rapidly growing Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add to our team!  

CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and, in fact, may weaken an organization’s security posture. Our professionals tell clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security.   

Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Additionally, our most successful people are self-starters and willing to put on many hats in order to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory.  

Job Overview 

The Director of Security Operations will lead the operational security strategy, governance, and delivery functions for a managed service provider supporting a diverse client base. This role is accountable for overseeing the Security Operations Center (SOC), implementing incident detection and response capabilities, managing a security operations team, and ensuring compliance with client contractual obligations and industry regulations. The Director will collaborate with technology, compliance, and client-facing teams to align security operations with broader business objectives. 

Key Responsibilities 

Leadership & Strategy 

• Develop and execute the overall vision for the Security Operations Center (SOC) in alignment with organizational goals and client requirements. 

• Build, mentor, and lead a high-performing team of security analysts, engineers, and incident responders. 

• Establish and maintain operational metrics, key performance indicators (KPIs), and service-level agreements (SLAs) to demonstrate effectiveness. 

• Serve as the primary escalation point for severe security incidents across the client base. 

Operational Management 

• Direct daily SOC activities including threat monitoring, incident detection, response, remediation, and forensic investigations. 

• Oversee the development of runbooks, playbooks, and procedures for security incident handling. 

• Coordinate with engineering teams on deployment and continuous improvement of security monitoring tools, SIEM, endpoint detection, and intrusion detection systems. 

• Ensure consistent delivery of managed detection and response (MDR) and managed security services (MSS) to clients. 

Client & Stakeholder Engagement 

• Act as the senior point of contact for clients on all security operations matters. 

• Provide regular reporting, executive summaries, and recommendations on threat intelligence, vulnerabilities, and incident response posture. 

• Support sales and account management by participating in prospective client meetings and articulating security capabilities. 

• Ensure security deliverables and compliance obligations are met for each client contract. 

Risk & Compliance 

• Oversee vulnerability management and coordinate with client IT teams on remediation efforts. 

• Ensure alignment with frameworks like CMMC, NIST CSF, ISO 27001, CIS Controls, and relevant regulatory requirements (HIPAA, PCI DSS, GDPR, etc.). 

• Partner with compliance and risk teams to ensure audit readiness and coordinate evidence collection. 

• Continuously review and update security policies, procedures, and technologies to align with emerging threats. 

Innovation & Continuous Improvement 

• Stay current on threat landscape trends and emerging technologies to ensure proactive defense posture. 

• Introduce intelligence-driven improvements to incident response strategies and SOC operations. 

• Champion automation and orchestration of operational workflows for efficiency and accuracy. 

• Evaluate and recommend new security tools, services, and vendor solutions. 

Qualifications 

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field (Master’s preferred). 

• 10+ years of progressive experience in cybersecurity, including at least 5 years in leadership roles. 

• Proven experience managing security operations in a managed services or MSSP environment preferred. 

• Strong understanding of SOC operations, SIEM platforms, endpoint protection, threat intelligence, and incident response workflows. 

• Familiarity with cloud security operations (AWS, Azure, Google Cloud). 

• Demonstrated success in building and leading diverse, distributed teams. 

• Excellent communication skills with the ability to engage technical teams and executive stakeholders. 

• Relevant certifications such as CISSP, CISM, GIAC, or equivalent. 

Key Competencies 

• Strategic thinker with hands-on problem-solving abilities. 

• Strong leadership and organizational skills. 

• Ability to thrive in high-pressure, fast-paced environments. 

• Exceptional client communication and relationship management. 

• Continuous improvement mindset and passion for innovation. 

Work Environment  

• A virtual work environment  
• Please note that this role will be part of our SOC on-call rotation

CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability.