remote

Director, Cybersecurity

Lead API's global cyber defense program, managing security posture in AWS and Azure, and embedding security into product development.

About the role

Cyber Defense & Threat Intelligence: Own API’s cyber defense strategy across threat intelligence, detection, incident response, and product fraud and abuse. Translate adversarial research into actionable controls, detection rules, and response procedures.
SOC Operations: Lead and manage the SOC MSSP, ensuring 24x7x365 monitoring, investigation, and response. Set performance standards, drive operational accountability, and continuously improve SOC effectiveness.
Cloud Security: Manage API’s cloud security posture across AWS and Azure, applying defense-in-depth best practices to protect cloud-native and hybrid environments.
Security Engineering Partnership: Partner with engineering to embed security into product development from the ground up — ensuring secure-by-default practices across cloud-hosted workloads and applications.
Incident Response: Lead containment, recovery, and postmortem activities for security incidents. Establish measurable benchmarks to track program maturity and drive continuous improvement.
Frameworks & Architecture: Apply NIST, MITRE ATT&CK, and the Cyber Kill Chain to guide security architecture, detection strategy, and response procedures. Maintain current security architecture diagrams and documentation.
Metrics & Reporting: Develop and maintain scorecards that measure SOC effectiveness and organizational risk. Report regularly to security and business leadership with clear, actionable insights.
Automation & Innovation: Identify and implement automation technologies to improve threat detection, prevention, and response at scale.
Team Development: Empower and develop SOC analysts and team members, fostering a culture of accountability, continuous learning, and strong cybersecurity practice.

Success Metrics

SOC performance metrics demonstrate measurable improvements in mean time to detect (MTTD) and mean time to respond (MTTR).
Cloud security posture scores improve consistently in AWS and Azure environments.
Security is embedded into the product development lifecycle with no critical vulnerabilities at release.
Incident response playbooks are documented, tested, and continuously refined.
High team engagement and development of SOC analyst capabilities.
Security risks are communicated clearly to executive leadership with actionable recommendations.

Required Skills, Education and Experience

7–10+ years of progressive cybersecurity experience, with demonstrated leadership in security operations, threat detection, and incident response.
Proven track record managing a SOC or MSSP relationship, including 24x7 operational oversight and performance management.
Hands-on experience with AWS and Azure, including cloud security posture management and securing cloud-native and hybrid environments.
Strong background in threat

About the role

Cyber Defense & Threat Intelligence: Own API’s cyber defense strategy across threat intelligence, detection, incident response, and product fraud and abuse. Translate adversarial research into actionable controls, detection rules, and response procedures.
SOC Operations: Lead and manage the SOC MSSP, ensuring 24x7x365 monitoring, investigation, and response. Set performance standards, drive operational accountability, and continuously improve SOC effectiveness.
Cloud Security: Manage API’s cloud security posture across AWS and Azure, applying defense-in-depth best practices to protect cloud-native and hybrid environments.
Security Engineering Partnership: Partner with engineering to embed security into product development from the ground up — ensuring secure-by-default practices across cloud-hosted workloads and applications.
Incident Response: Lead containment, recovery, and postmortem activities for security incidents. Establish measurable benchmarks to track program maturity and drive continuous improvement.
Frameworks & Architecture: Apply NIST, MITRE ATT&CK, and the Cyber Kill Chain to guide security architecture, detection strategy, and response procedures. Maintain current security architecture diagrams and documentation.
Metrics & Reporting: Develop and maintain scorecards that measure SOC effectiveness and organizational risk. Report regularly to security and business leadership with clear, actionable insights.
Automation & Innovation: Identify and implement automation technologies to improve threat detection, prevention, and response at scale.
Team Development: Empower and develop SOC analysts and team members, fostering a culture of accountability, continuous learning, and strong cybersecurity practice.

Success Metrics

SOC performance metrics demonstrate measurable improvements in mean time to detect (MTTD) and mean time to respond (MTTR).
Cloud security posture scores improve consistently in AWS and Azure environments.
Security is embedded into the product development lifecycle with no critical vulnerabilities at release.
Incident response playbooks are documented, tested, and continuously refined.
High team engagement and development of SOC analyst capabilities.
Security risks are communicated clearly to executive leadership with actionable recommendations.

Required Skills, Education and Experience

7–10+ years of progressive cybersecurity experience, with demonstrated leadership in security operations, threat detection, and incident response.
Proven track record managing a SOC or MSSP relationship, including 24x7 operational oversight and performance management.
Hands-on experience with AWS and Azure, including cloud security posture management and securing cloud-native and hybrid environments.
Strong background in threat