Head of Security Operations
Remote - USA
Abnormal SecurityAdvanced email protection to prevent credential phishing, business email compromise, account takeover, and more.
About the Role
Abnormal Security is looking for a senior leader of security operations to join the Security & Privacy team. As a leading cybersecurity company, it is crucial that we protect our infrastructure, customers, and employees from advanced attacks and threats we face every day. The Head of Security Operations is responsible for implementing and managing the day-to-day detection and response, analysis and reacting to events, handling incidents in a methodical and repeatable manner, and protecting our cloud infrastructure and applications that our customers rely upon. While most of the function focuses on defending, the role will also own proactive security measures such as red-teaming and penetration testing. The ideal candidate will have the ability to protect cloud-native SaaS software companies and be able to balance risk mitigations with the demands of supporting a hyper-growth organization.
Who you are
- Strong technical acumen in cloud security controls and the ability to partner with and influence engineering and development teams.
- Team player, collaborative work style.
- High attention to detail, process, and organization.
- Demonstrated experience presenting detailed, technical concepts to both technical and non-technical audiences.
- Results-oriented, values collaboration, self-motivated, and willing to adapt to change in a fast-moving environment.
- Ability to manage multiple priorities and meet deadlines in a fast-paced environment.
- Operate within an agile environment and provide leadership to adapt to dynamics in technology, industry, cyber threats, and our own business.
- Outstanding analytical and communication (written and verbal) skills and exercises good business judgment
- Strong project management skills to ensure accountability and results.
- Ability to take unpopular positions when necessary, influence others to support these decisions, and maintain trust and credibility.
- Ability to mentor, coach, and develop a global team
What you will do
- Responsible for the design and management of cyber defenses; Incident Response and Security Operations Center (SOC) monitoring to ensure rapid identification and mitigation of security incidents
- Lead the Security Operations team and other related functions to defend against cyber-attacks and to protect Abnormal during a cyber-incident
- Develop roadmaps, set objectives, and choose initiatives that support the goals of improving Cyber defense capability and maturity at Abnormal
- Develop metrics for reporting purposes and driving specific actions, including measuring and improving operational effectiveness and performance and determining detective control effectiveness and coverage.
- Using a maturity model to measure the incident detection and response capability and identifying capability gaps in all support environments over time.
- Build in-house digital forensics and incident response (DFIR), threat intelligence, and purple teaming capability, and formalize relevant processes and procedures.
Incident Response & Threat Intelligence
- Lead incident response efforts, coordinating with internal teams and external partners to mitigate the impact of security incidents and prevent future occurrences.
- Work with internal stakeholders to mature crisis procedures and cyber incident management.
- Create and update IR playbooks that are reflective of Abnormal’s business and threat profile.
- Assess and document risks through threat modeling, white-boarding exercises, and security reviews with teams.
- Utilize threat intelligence platforms, open-source intelligence (OSINT) tools, and internal data sources to gather, correlate, and analyze threat indicators.
- Leverage cyber threat intelligence concepts to enhance detection and response capabilities.
Cloud & Application Security
- Engage and partner with R&D and Engineering teams to ensure our infrastructure, platform, and products are built with appropriate security considerations
- Develop and maintain effective monitoring and alerting solutions to proactively identify and respond to emerging threat campaigns or detection anomalies.
- Understand and be able to relay complex IaC, Cloud, and Application Security information as a subject matter expert.
- Deep Expertise: At least 15 years of experience in cybersecurity, with a focus on strategic planning, risk management, and incident response.
- 7+ years experience in leadership in security operations or incident response function.
- Technical Acumen: Proficiency in various cybersecurity technologies, from network, system, application, and cloud security protocols.
- Crisis Management: Proven track record in effectively handling cybersecurity incidents and crises, minimizing impact, and ensuring rapid resolution.
- Collaborative Mindset: Ability to work cross-functionally with other departments such as IT, HR, Legal, and Operations to achieve comprehensive cybersecurity coverage.
- Adaptability: Quick to adapt to new technologies and methodologies to keep the organization secure in an ever-changing threat landscape.
- Experienced people leader with a proven track record of building and developing high-performing teams.
- Strong understanding of application security and cloud security with the ability to effectively communicate cybersecurity risks and recommendations to executives.
- Understanding and practical experience working NIST SP800-53, NIST SP800-171, CMMC, and ISO 27001.
- Bachelor’s degree or equivalent military experience. Prefer a degree in information assurance, computer science, information security, or business.
Nice to Have
- Master of Business Administration, Cybersecurity, or Cybersecurity Law preferred.
- Professional certifications (CISSP, CISM, CISA, or other security-related) are a plus.
- Experience leading Security Operations for a SaaS / tech company
- Experience with highly regulated environments (e.g., Financial, Healthcare, etc.)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security CISA CISM CISSP Cloud CMMC Computer Science Cyber defense DFIR Forensics Incident response ISO 27001 Monitoring NIST OSINT Pentesting Privacy R&D Risk management SaaS SOC Threat intelligence
More jobs like this
., ., United States ., ., United States Full TimeExecutive Executive-levelUSD 48K - 90K * USD 48K+ *
Insider Threat Director - 100% US REMOTE ONLYAnalytics Compliance Governance Incident response Monitoring Risk assessment +3
401(k) matching Career development Competitive pay Equity Flex hours +5
Home based - Americas, … Home based - Americas, EMEA Full TimeExecutive Executive-levelUSD 29K - 55K * USD 29K+ *
Security Operations Team ManagerAgile Cloud Computer Science Governance Incident response ISO 27001 +11
Career development Parental leave Salary bonus Team events Travel
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open SOC Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Staff Security Engineer jobs
- Open Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open o365 Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open Splunk-related jobs