Director of Security Operations

Information Technology Washington, DC, USA


As a security company, Sophos takes its own security seriously and has an internal IT Security team which focuses on protecting Sophos’ own systems and infrastructure.

This role is for a Security Operations Director, reporting into the Global Cyber Security Director. The ideal candidate will have previous experience building out and operating a world-class security operations function handling both pro-active threat hunting and reactive detection and response capabilities.

Additionally, the candidate will be a problem solver and a quick learner with solid experience in defining team roles and tasks, vetting and hiring ideal candidates, guiding the implementation of core technologies such as EDR & SIEM.

Ability to communicate, present and report via metrics is essential, as is experience in offshore SOC operations.

You will be expected to lead and develop security capabilities from conception to operations and will get the opportunity to work with world-leading experts in a fast-paced & exciting environment where security is a priority.

Main Duties



As part of this role you will need to build out and manage a 24/7/365 frontline security operations team including:

  • Defining roles and recruitment of ideal candidates for SOC operations
  • Personal development – hiring, training, performance reviews mentoring and managing career progression
  • 24/7/365 rota management

Responsibilities include:

  • Oversight of all security alerts generated across the Sophos infrastructure escalation processes to ensure appropriate investigation and resolution.
  • Developing, documenting and implementing SOC processes and technologies, including monitoring and alerting across infrastructure and applications, threat hunting, access control, incident response, forensics, etc.
  • Provide thought leadership and process excellence in building out SOC functions, SOC teams and day to day operations.
  • Ensuring process adherence via strict controls, staff education and enablement.
  • Acting as escalation point for security alerts and when necessary, raising, managing and coordinating security incidents.
  • Reporting on security alert levels and assigning resources appropriately to ensure continued triage of events.
  • Ability to communicate vertically throughout the organization via metrics, progress reports, and methodologies.
  • Project management of small teams on IT security projects and activities.

You will also need to contribute towards:

  • Determining root cause of alerts and incidents and communicating appropriately.
  • Feedback performance on Sophos products to product implementation specialists and engineering teams.
  • Continual improvement of our SIEM.
  • Risk assessment and threat modelling exercises.
  • Expert Training and knowledge transfer to peers, the security operations centre and the wider IT team.
  • Staff education and awareness.

Experience and Skills




  • Strong experience in security, specifically building and leading SOC teams, building SOC technologies and processes
  • Experience managing a team in a global environment.
  • Past experience in IT Security, with demonstrated increasing responsibility roles throughout caree
  • Strong cross-platform knowledge of Enterprise IT infrastructure (Networking, Operating Systems, Databases, etc.).
  • Excellent communication skills & fluent in English.



  • Knowledge of Sophos products.
  • Familiarity with SIEM/log aggregation systems and techniques.
  • Experience developing and automating security tools.
  • Experience monitoring & protecting cloud-based assets (EC2).
  • Knowledge of Application Security 

Apply Now Return to Positions