Director of Cyber Security Operations

Who We Are; What We Do; Where We’re GoingMagnet Forensics is a global leader in the development of digital investigative software that acquires, analyzes and shares evidence from computers, smartphones, tablets and other IoT related devices. We are continually innovating so that our customers can deploy advanced and effective tools to protect their companies, communities and countries.  Earlier this year, we shared the exciting news that Grayshift and Magnet Forensics have come together as one organization to accelerate innovation and transform digital investigations for our customers. We’re pleased to share that the combined organization is operating as Magnet Forensics! The combination of mobile, cloud, and computer forensics expertise under the Magnet Forensics name underscores our dedication to providing comprehensive, end-to-end DIFR solutions. This includes our commitment to helping with access to modern digital devices lawfully with our renowned product suite. And, our focus on innovating for the DFIR community, along with our shared mission, continues to be the top priority! Magnet is continuing to expand and grow.  Where we are today, is not where we will be tomorrow.
Role Summary:
Magnet Forensics is looking for a Director of Cyber Security Operations, with a deep security and management background, to lead the development of the Security Operations team.  As part of the Magnet Forensics Security team, this candidate is a key liaison with Magnet Forensics service teams, infrastructure teams, and other areas across the company. Serving as a security leader for our teams that monitor security events and respond to security incidents for our corporate environments

Responsibilities:

• Recruiting, hiring, developing, coaching, and supporting operational analysts and engineers in team and 1:1 meetings.
• Identifying emerging industry threats and trends to identify gaps and prioritize security engineering efforts.
• Managing security operations work and own responsibilities for the quality of issue refinement, predictability repeatable and on-time operational outcomes.
• Developing comprehensive and insightful reports on security operations metrics and trends and presenting them to internal leadership and clients on a regular basis.
• Reviewing security frameworks, standards, and guidelines as well as regulatory compliance requirements to identify and enhance detective and preventive security controls as part of an operations team.

The Director of Cyber Security Operations will also perform the following functions:

• Provide operational guidance to the security operations team to measure and optimize MTTD and MTTR, maximize the coverage and depth of assessments and detection tools, and ensure completeness and accuracy throughout the incident response lifecycle.
• Produce and deliver job-specific education and training to security operations team members on emerging threats and technologies.
• Review the technical methods and output of the security operations team to ascertain the quality and fit of solutions and provide constructive and detailed feedback to improve team members’ ability to perform their duties.
• Develop and maintain threat models to inform and prioritize the risk management activities of the security team.
• Collaborate with clients, auditors, vendors, and internal teams to develop thorough assessment strategies and validate the security posture of multiple layers of environments, from low-level physical to high-level application layers.
• Develop strategies, initiatives, and projects to reduce security risks across cloud services, servers, network devices, and end-user endpoints. Act as the technical project manager for security operations projects. Where engineering collaboration is required, coordinate with the security engineering team to define requirements for future engineering sprint epics and stories.
• Lead formalized security incident response procedures as part of a team, including all phases of the incident handling lifecycle, from preparation through lessons learned.
• Collect evidence of security program activities to satisfy client due diligence requests as well as support internal and external audit activities.
• Performs other related duties as assigned.

Basic Qualifications:

• Bachelor’s degree in Information Assurance, Information Security, Cybersecurity, or related field; or equivalent self-study in cybersecurity with demonstrated command of key concepts and technologies and proficiencies in digital forensics, incident response, secure application development, penetration testing, or other technical security risk management domains required.
• Five (5) years of experience managing technical teams required; preferably as part of an in-house security operations center (SOC) or a SOC for a managed-security service provider serving financial institutions or financial technology companies.
• Ten (10) years of experience in a relevant information assurance domain, including security operations, cloud-based firewall and network administration, or managed detection and response in regulated environments.
• Ten (10) years of demonstrated experience in designing, maintaining, and optimizing detective and preventative controls to manage security risks, or managing a team which does the same.

Preferred qualifications

• Solid technical knowledge of cybersecurity tools, techniques, and procedures to identify and analyze threats and devise and monitor technology safeguards to protect sensitive assets.
• Excellent presentation delivery skills, including the ability to speak confidently to underlying data and data-driven insights to internal technical and management teams, and as needed, to clients’ technical or management teams.
• Ability to read and comprehend technical details contained in vulnerability assessments penetration testing reports and accurately.
• Working knowledge of vulnerability prioritization methods, including through the Common Vulnerability Scoring System (CVSS)
• Calm and serious attitude, technical aptitude, appropriate sense of urgency, and communication skills to effectively coordinate with internal team members to identify, detect, and prevent vulnerabilities and to reduce security risks.
• Ability to prioritize and organize tasks, exercise sound judgment and confidentiality with sensitive information.
• Ability to work remotely while maintaining a high level of productivity and effectiveness managing a highly performing team with limited or no supervision.

The Most Important Thing:

• We’re looking for candidates that can provide examples of how they demonstrated Magnet CODE in their previous experiences.


• CARE -We care about each other and our mission to make a difference in the world.
• OWN -We are accountable for or results – while never forgetting to act with integrity, empathy, and respect.
• DEDICATE -We put our heart and soul into meeting the needs of our customers and helping them serve the people they protect.
• EVOLVE -We are constantly innovating and exploring new ways to work together to make an impact with our work.

We’re committed to continuous learning and are focused on building a diverse and inclusive workforce. This commitment will be reflected in our hiring processes and embedded in our values and how we treat one another. If you’re interested in this role, but do not meet all of the qualifications listed above, we encourage you to apply anyways. Magnet Forensics is an Equal Opportunity Employer and considers applicants for employment without regard to race, colour, religion, sex, orientation, national origin, age, disability, genetics or any other basis forbidden under federal, provincial, or local law. We are committed to providing an inclusive, accessible recruitment process and work environment. Accommodation is available to all applicants upon request throughout the hiring process. If you require accommodation, please let our talent team know, or you can email aoda@magnetforensics.com.