We are seeking an experienced Director of Cyber Defense to lead and enhance our
organization’s cybersecurity capabilities. This role is responsible for overseeing the Security
Operations Centre (SOC), Attack Surface Management, Incident Response and Crisis
Management, and Dark Web Monitoring. The ideal candidate must have solid Cyber
Defense practitioner experience and a proven track record of 15+ years in Cyber Security,
with 5+ years leading cybersecurity teams and driving strategic security initiatives.
Key Responsibilities
Lead and mature the 24/7 Security Operations Centre (SOC) to detect, analyze, and
respond to cyber threats in real-time.
Establish playbooks, escalation procedures, and cross-functional coordination for
handling critical security incidents.
Dive deep into technical aspects of escalated incidents, in partnership with other
Cyber Defense leads and cross functional peers
Direct Incident Response (IR) and Crisis Management efforts, ensuring rapid
containment, mitigation, and recovery from cyber incidents.
Lead forensic investigations and post-incident reviews to improve security posture
and prevent recurrence.
Oversee Attack Surface Management to continuously assess, monitor, and reduce
the organization’s exposure to cyber risks.
Oversee Dark Web Monitoring initiatives to identify and assess leaked credentials,
insider threats, and external attack indicators.
Collaborate with Threat Intelligence teams to track adversary tactics, techniques, and
procedures (TTPs).
Develop and execute a Cyber Defense strategy, aligning security operations with
business objectives.
Manage, mentor, and grow a team of cybersecurity professionals across SOC and
Cyber Defense functions.
Partner with IT, Risk, Legal, and Compliance teams to ensure alignment with security
frameworks and regulations.
Present key cyber risk metrics, threat trends, and program updates to executive
leadership.
Qualifications & Experience
15+ years of overall experience including 5+ years leading cybersecurity teams in
SOC and/or Cyber Defense
Strong leadership and crisis management skills with experience handling major
security incidents and executive-level communications.
Deep expertise in MITRE ATT&CK, threat intelligence frameworks, adversary
emulation, and digital forensics.
Proficiency working with cloud service providers such as AWS, Azure, GCP and must
be able to demonstrate ability to effectively conduct IR on incidents within these
cloud environments
Proficiency in SIEM, SOAR, EDR/XDR
Experience implementing cyber defense strategies in large-scale enterprise
environments.
Familiarity with regulatory requirements and compliance frameworks (NIST, CIS, ISO
27001, GDPR, etc.).
Strong knowledge of offensive security techniques and how to defend against them.
Preferred Certifications
CISSP, CISM, GIAC (GCTI, GCIH, GCFA, GNFA, GDAT), CCSP, or equivalent.
AWS/Azure/GCP Security certifications are a plus
Top Skills
What We Do
Saviynt’s Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The company brings together identity governance (IGA), granular application access, cloud security, and privileged access to secure the entire business ecosystem and provide a frictionless user experience.
