Security Operations Center Executive

The core responsibilities for the job include the following:

In your first 6 to 12 months, you will:

• Build and operationalize a fintech-grade SOC function.
• Define monitoring strategy across cloud, infra, identity, endpoints, and transaction systems.
• Establish detection coverage aligned to MITRE ATT and CK and fraud threat models.
• Own incident response end-to-end.
• Lead containment, eradication, and recovery for security incidents.
• Run post-incident reviews with clear root cause analysis and systemic fixes.
• Minimize blast radius and reduce time to detect (MTTD) and respond (MTTR).
• Design and mature detection engineering.
• Define a high-signal alerting strategy (reduce noise, increase signal).
• Improve SIEM use cases, telemetry coverage, and correlation rules.
• Build measurable detection coverage maps.
• Define security KPIs and KRIs.
• Track detection coverage, false positive rate, and incident severity trends.
• Establish executive dashboards with actionable metrics.
• Quantify operational risk reduction.
• Embed SOC into engineering and product workflows.
• Integrate security review into new feature launches.
• Ensure logging, telemetry, and auditability are designed upfront.
• Partner with backend, infra, and platform teams to close systemic gaps.
• Reduce systemic financial risk.
• Align security monitoring with transaction flows, reconciliation pipelines, and money movement controls.
• Detect abnormal patterns in account behavior, API misuse, and privilege escalation.
• Build and scale the SecOps team.
• Hire, mentor, and level up analysts and detection engineers.
• Define shift models (if required), escalation paths, and on-call processes.
• Establish a culture of ownership and precision.
• Operationalize compliance through execution.
• Ensure SOC processes support ISO 27001 PCI DSS, NIST, and regulatory requirements.
• Produce defensible evidence for audits.

Requirements:

• 8 to 12+ years in cybersecurity operations.
• Proven experience building or maturing a SOC in a complex environment.
• Deep experience in incident response and security investigations.
• Hands-on experience with SIEM platforms and detection rule engineering.
• Strong knowledge of cloud security (AWS/GCP/Azure), identity systems, and SaaS telemetry.
• Experience defining KPIs, dashboards, and operational metrics.
• Strong leadership and team management experience.
• Ability to communicate risk clearly to executives and non-technical stakeholders.

Strongly Preferred (Accelerates Ramp):

• Experience in fintech, payments, or high-transaction financial systems.
• Knowledge of SOC 2 ISO 27001 NIST, and CIS.
• Experience with EDR, SOAR, DLP, CASB, MDM, and email security.
• Familiarity with fraud detection models and transaction risk monitoring.
• Experience in product security and CI/CD security.
• CISSP, CISM, CISA, or equivalent certifications.