Job
Description
Key Responsibilities: Lead the identification and development of innovative cybersecurity solutions, products, and services to improve operational efficiency and client experience. Develop and execute automation strategies across security operations processes, from threat detection to incident response, leveraging technologies such as SOAR (Security Orchestration, Automation, and Response), AI, and machine learning. Act as the primary SPOC for all innovation and automation initiatives, collaborating with internal teams (e. g. , SOC, Engineering, Product, and Customer Success) to ensure alignment with business goals. Evaluate and implement emerging cybersecurity technologies, tools, and platforms to enhance the efficiency and effectiveness of our MSSP services. Identify and drive improvements in workflows, playbooks, and standard operating procedures (SOPs) within security operations to enhance productivity, reduce manual interventions, and minimize response times. Support pre-sales and post-sales teams by providing technical expertise in automation and innovation to clients, ensuring solutions are tailored to client-specific needs and delivering measurable outcomes. Define, track, and report on the success of automation and innovation initiatives using KPIs and performance metrics. Stay up-to-date with industry trends, new technologies, and best practices to ensure our services remain competitive and innovative. Provide training, guidance, and mentoring to team members on new automation practices, tools, and technologies. Required Qualifications: 5-10 years of experience in cybersecurity, with a focus on security operations, automation, and innovation. Strong understanding of MSSP operations, including incident detection, response, and service delivery. Experience with automation tools and platforms such as SOAR (e. g. , Palo Alto Cortex XSOAR, Splunk Phantom), orchestration frameworks, and AI/ML integration in security workflows. Knowledge of cybersecurity technologies, including SIEM, EDR, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions. Hands-on experience with process improvement methodologies (e. g. , Lean, Six Sigma, ITIL) applied to security operations. Strong communication and leadership skills, with the ability to influence across different teams and business units. Excellent problem-solving and critical-thinking abilities with a focus on practical solutions to complex security challenges. Industry certifications such as CISSP, CISM, or any automation/security-related certifications are highly desirable. Preferred: Experience with CyberSecurity automation and integration in public cloud environments (AWS, Azure, GCP). Knowledge of SOC Operations principles and integration of security automation with control stack Understanding of regulatory frameworks (e. g. , GDPR, HIPAA, PCI-DSS) and the ability to implement automated compliance solutions. Familiarity with scripting languages (Python, PowerShell, Bash) to support automation development.
