BestEgg - Director of Security Operations
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience) • 7+ years of experience in cybersecurity, with a focus on security operations, incident response, or SOC leadership • Experience managing security monitoring, SIEM, and incident response programs • Strong understanding of vulnerability management and threat detection • Experience operating in regulated environments (PCI, FFIEC, or similar) • Strong leadership, communication, and decision-making skills • Experience managing or partnering with MSSPs or outsourced SOC providers • Experience with cloud security (AWS preferred) • Familiarity with MITRE ATT&CK framework and detection engineering practices • Relevant certifications (e.g., CISSP, GCIA, GCIH, CISM) • ## What Success Looks Like • Security incidents are detected and responded to quickly and effectively • Vulnerabilities are remediated within defined SLAs • Alert quality improves and false positives decrease over time • Security operations processes are efficient, scalable, and well-documented • Stakeholders have clear visibility into operational security risk • Security controls are operating effectively with minimal audit findings • Best Egg celebrates diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better we will grow.
Responsibilities
• Security Operations Leadership • Own end-to-end security operations including SOC, monitoring, and detection capabilities • Oversee SIEM, EDR, and logging programs to ensure effective threat detection and response • Manage internal and third-party security operations providers (e.g., MSSP) • Continuously improve alert quality, detection coverage, and operational efficiency • Incident Response & Event Management • Act as technology incident commander for security events and incidents • Lead operational response including triage, containment, eradication, and recovery • Ensure incidents are managed in accordance with established procedures and SLAs • Escalate critical and high-risk incidents to the CISO with clear analysis and recommendations • Lead post-incident reviews and drive continuous improvement actions • Vulnerability Management • Own the operational lifecycle of vulnerability management including scanning, prioritization, and remediation tracking • Ensure adherence to defined remediation timelines and SLAs • Coordinate penetration testing activities and validation of remediation efforts • Provide visibility into vulnerability risk and remediation progress • Threat Detection & Monitoring • Oversee logging and monitoring programs to ensure comprehensive visibility across the environment • Drive development and tuning of detection use cases and alert logic • Ensure effective integration of threat intelligence into detection and response processes • Phishing & Threat Response Operations • Oversee operational response to phishing and email-based threats • Ensure timely triage, analysis, and mitigation of reported phishing activity • Partner with the Manager, Information Security on phishing trends and control improvements • Operational Control Effectiveness • Ensure security controls are operating effectively across monitoring, incident response, vulnerability management, and access enforcement • Identify control gaps, breakdowns, or inefficiencies and drive remediation • Escalate systemic control issues and risks to the CISO and Technology Risk • Metrics, Reporting & Continuous Improvement • Develop and maintain operational metrics and KPIs (e.g., MTTR, vulnerability SLAs, alert volumes) • Provide regular reporting on security operations performance and risk trends • Identify opportunities to improve automation, tooling, and processes • Collaboration & Leadership • Lead and mentor security operations personnel • Partner with Infrastructure, Engineering, DevSecOps, and Technology teams to implement and improve controls • Support audits, regulatory assessments, and evidence requests related to security operations
Benefits
• Best Egg offers many additional benefits for our employees, including (but not limited to): • · Pre-tax and post-tax retirement savings plans with a competitive company matching • · Generous paid time-off plans including vacation, personal/sick time, paid short-- • term and long-term disability leaves, paid parental leave, and paid company • · Multiple health care plans to choose from, including dental and vision options • · Flexible Spending Plans for Health Care, Dependent Care, and Health • Reimbursement Accounts • · Company-paid benefits such as life insurance, wellness platforms, employee • assistance programs, and Health Advocate programs • · Other great discounted benefits include identity theft protection, pet insurance, • fitness center reimbursements, and many more!
No credit card. Takes 10 seconds.