Who You Are

The Director of Security Operations is a strategic leader focused on ensuring Phaidra’s security capabilities are operating effectively continuously. You will play a critical role in safeguarding Phaidra’s assets, infrastructure, and operations. In this role, you will be responsible for overseeing the day-to-day operations of our security program, including threat detection, vulnerability management, incident response, threat intelligence and security automation. You will be responsible for engaging with our customers on all things related to security. You will be the lead of the security team, providing guidance and direction to a team of security professionals and collaborating with other departments across the organization.

We are seeking a team member located within one of the following areas: USA

Responsibilities

• Provide strategic direction and leadership to security operations, enterprise security & cloud security functions, aligning them with Phaidra’s overall objectives and risk tolerance.
• Oversee the day-to-day operations of the security team, including monitoring security events, managing incidents, and coordinating responses to security threats and breaches.
• Ensure our compliance and continued accreditation with SOC2, GDPR, ISO27001 and other programs, as required.
• Engage with and present to our customers on all things Phaidra security.
  • Communicate our security posture effectively to customers, tailoring your approach for C-suite, IT, Security, and Operations teams as appropriate.
  • Lead the response to risk and security questionnaires as required by customers and maintain a questionnaire answer repository.
• Provide security expertise to our product development efforts by following secure by default principles to integrate appropriate security controls into Phaidra’s products. Collaborate with product teams on security solutions.
• Establish, implement and manage a coverage plan with defined service level objectives, well-understood outcomes, and effectiveness tracking, to ensure potential issues are discovered and resolved in a timely manner.
• Develop and maintain a comprehensive enterprise and cloud security architecture and procedure for the organization, encompassing network security, endpoint security, cloud security, and other critical areas.
• Identify, assess, and mitigate security risks across the company, utilizing risk assessment methodologies and implementing appropriate controls and countermeasures.
• Own Phaidra’s Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Intrusion Detection System (IDS), and optimize tools and processes to identify and prioritize threats and vulnerabilities.
• Implement and optimize security monitoring tools and processes to identify and prioritize threats. Implement and optimize a vulnerability management program to identify, assess, and prioritize vulnerabilities, and ensure timely patching.
• Promote a culture of security awareness throughout the organization by providing training, educational materials, and awareness campaigns to employees at all levels.
• Establish key performance indicators (KPIs) and metrics to measure the effectiveness of security operations and enterprise security programs, providing regular reports and updates to senior management.
• Drive a culture of continuous improvement and innovation within the security organization, identifying opportunities to enhance security posture, streamline processes, and adopt emerging best practices.
• Develop incident response plans and lead efforts to investigate and mitigate security incidents, collaborating with internal teams and external partners as needed.
• Ensure compliance with relevant laws, regulations, and industry standards related to information security and privacy, maintaining documentation and reporting as required.
• Develop and manage the security budget for the sec ops function, allocating resources effectively to support security initiatives, projects, and operational needs.
• Build and lead a high-performing team, provide coaching and mentorship, and ensure individual and team success.
• Work effectively and regularly with IT, Operations, Legal, and Infrastructure Engineering, and work cross-functionally with other departments to ensure security considerations are integrated into all business processes.
• Communicate security-related threats, information, and changes clearly and succinctly across the company.

Onboarding

In your first 30 days…

• You will be immersed in an onboarding program that introduces you to Phaidra and our product.
• Integrate into the Phaidra team, understanding our product, technologies, security posture, and business goals.
• Get to know the security team and security council, both of which you’ll be leading. Associated transition activities will be completed.
• Begin building relationships across the company, establishing yourself as a foundational resource on security.
• Begin familiarizing yourself with our security and secops systems, processes and controls; identify areas for enhancement and development.
• Begin building relationships with our external vendors and auditors.
• Meet with our sales, customer success, and other teams who interact with our customers to gain an understanding of customer security requirements.
• Review and understand all of our security policies and processes and document areas for improvement or change.

In your first 60 days…

• Engage with our engineering and product teams to grasp the intricacies of our technology and its security implications.
• Outline a strategic and detailed tactical plan for how you’d like to evolve our security approach, actions that need to be taken, and how you’ll run the team (including defining and implementing SLAs for security requests).
• Upon review and approval by the COO, revise all policies and processes to reflect how you’d like security to be run at Phaidra.
• Meet with our current customers and understand their security requirements directly.
• Begin assisting with departmental level security needs.

In your first 90 days…

• Finish executing the plan put in place during your first 60 days.
• Clear definition of security roadmap for the next 12 months defined based on areas of improvement identified. Roadmap will include all recurring activities per our security policies.
• Fully take over security leadership responsibilities held by others currently managing in a fractional capacity.
• Demonstrate that you can represent Phaidra’s security and compliance expertise with our customers — building their trust in our product and services from a security perspective.
• Position the security team as a proactive, strategic partner within the company.
• Build a security awareness program that drives security thinking across Phaidra.
• Define your team’s OKRs for the following quarter based on the action plan and roadmap you’ve developed since starting.

Key Qualifications

• 10 years of progressive technical experience in security operations, enterprise security, and cloud security roles and 5 years of management experience.
• Experience with securely connecting closed systems to the public internet.
• Experience with secure by default concepts for product development.
• Understanding of security technologies, frameworks, and best practices related to cloud platforms (e.g., GCP, AWS), network security, identity and access management (IAM), encryption, data protection, and compliance.
• Experience communicating complex technical security requirements in a way that is understandable, clear, and reassuring to enterprise customers including C-Suite, IT, Security, and Operations personnel.
• Strong leadership experience with a proven track record of leading and managing teams, developing and executing security strategies, and driving results in complex and dynamic environments.
• Proven experience in incident response, threat detection, threat modeling, vulnerability management, security automation, and threat intelligence analysis.
• Experience working in a Zero Trust focused security program.
• Experience working with MacOS endpoint security.
• Strong understanding of security best practices and frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework).
• Excellent communication and interpersonal skills, with the ability to collaborate with internal stakeholders, executive leadership, cloud providers, external partners, customers, and employees.
• Strong analytical and problem-solving skills to identify security risks, assess their potential impact, and develop effective mitigation strategies.
• A thorough understanding of relevant laws, regulations, and industry standards pertaining to cybersecurity and cloud security in a global organization (e.g., CCPA/CPRA, GDPR).

Preferred Skills & Experience

• Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CCSK (Certificate of Cloud Security Knowledge).
• Experience with Vanta and Rippling.

General Interview Process

All of our interviews are held via Google Meet, and an active camera connection is required.

1. Interview with Hiring Manager (30 minutes): The purpose of this interview is for you to get to know the manager for the role. This chat will mainly focus on your previous experience and career goals. You can expect to talk about projects that you have worked on in the past, how you think through problems, and ask any questions about the team & role.
2. Interview with Operations team member (30 minutes): The purpose of this interview is to meet you, learn more about your background, and discuss what you are looking for in a new position.
3. Interview with Infrastructure and Security (45 minutes): The purpose of this interview is to gauge technical understanding and the ability to grok on the software/engineering /infrastructure/secops side.
4. Interview with Corporate Development and Connectivity (30 minutes) The purpose of this interview is to evaluate your skillset from a customer-facing perspective.
5. Culture fit interview with Co-Founders (30 minutes): This interview focuses on alignment with Phaidra’s values.

Base Salary

• United States Residents: $175,000-$250,000/ year

This position will also include equity.

These are best faith estimates of the base salary range for this position. Multiple factors such as experience, education, level, and location are taken into account when determining compensation.