Director, Global Security Operations and IR
In October 2021, TripActions announced its Series F funding of $275M at a post-money upround valuation of $7.25B to help accelerate future growth plans. In April 2021, TripActions and Visa announced an expanded strategic partnership. Through the new partnership with Visa, TripActions will accelerate the growth of its next-generation corporate card offering, increasing access to flexible payment methods with built-in policy controls.
The Director, Global Security Operations and Incident Response will lead a team of experts to monitor, detect and respond to the TripActions cybersecurity threats. This leader will be a thought leader in SOC operations, focused on incident response, automation, cloud security, and advanced threat analysis. This role has high visibility and requires a strong technical leader who can partner with stakeholders and cross-functional teams (Engineering, SRE, IT, Legal, etc) to mitigate risk.
What You’ll Do:
- Partner with Security leadership on the creation and implementation of the cybersecurity operations technology roadmap that will enable the SOC to scale and support TripActions through next period of growth
- Lead a multi-function security operations team to proactively identify and respond to threats, vulnerabilities, and incidents across the enterprise – driving to resolution and incorporating lessons learned into practice
- Identify and implement processes and tools to improve the automation and efficiency of monitoring, detection, and response to threats and incidents
- Serve as incident commander to drive the overall response to a cyber incident and coordinating efforts of multiple cross-functional teams
- Advances and guides planning, strategy and delivery of threat intelligence, incident response, cloud security, automation, and development of emerging technologies
- After hours escalation and on-call responsibilities can be expected
What We’re Looking For:
- Exceptional leadership skills, able to lead, manage and grow a 24x7 global cyber security operations center and incident response program
- Expert knowledge of the cyber threat landscape – able to articulate and incorporate into program understanding of major threat categories, motivations, and intent of adversaries against enterprise assets
- Experienced in driving monitoring and automation in cloud environments, preferably including knowledge of AWS and Azure native capabilities
- Experienced in managing and actively engaging third party relationships to include MSS SOC, cloud security contacts, incident response/threat hunting services
- Strong understanding of advanced persistent threats, attacker methodologies, attack lifecycle, cyber kill chain, and the MITRE framework
- Minimum of eight years of consistent SOC experience performing triage/incident response in enterprise environments
- Bachelor's degree in Information Security, Computer Science, Computer Engineering, or equivalent work experience
- Minimum of a GIAC security certification such as GCIA, GCIH, GREM, GPEN (or equivalent), multiple preferred
- Experience in SaaS and/or FinTech industry a plus