Who We Are
At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.
The Role
1. Strategic Leadership & Governance
Define, articulate, and execute the CDC vision, mission, and transformation roadmap, ensuring alignment with organizational and client security objectives.
Drive strategic modernization of SOC operations, integrating GenAI, agentic AI, and advanced automation into detection, response, and threat analysis workflows.
Lead governance forums with client stakeholders, including CISOs, Risk Officers, and IT Service Leadership, to align cybersecurity operations with business risk and compliance frameworks (ISO 27001, NIST, GDPR, PCI-DSS).
Own the CDC’s performance framework, including key metrics such as MTTD, MTTR, containment rate, automation coverage, and SLA adherence.
Establish and maintain a robust RACI and operational model, ensuring seamless collaboration across global teams and technology towers.
2. Service Delivery Oversight
Oversee 24x7x365 security operations, spanning multiple towers — SOC, Incident Response, Threat Hunting, Platform Engineering, and Automation.
Ensure operational excellence through rigorous SLA tracking, escalation management, RCA reviews, and continuous improvement initiatives.
Drive incident governance and ensure rapid containment and remediation for high-severity incidents.
Ensure coordination across L1–L3 Analysts, Incident Managers, SMEs, and Platform Owners for unified response and reporting.
Foster a proactive defense culture through threat hunting programs, purple teaming, and use case optimization.
Implement structured processes for audit readiness, compliance adherence, and client reporting consistency.
3. People & Capability Management
Lead a team of 100+ cybersecurity professionals, including:
~16+ L1 SOC Analysts
~20+ L2 Engineers (SOC, IR, Endpoint, Network, DLP, IAM)
L3 SMEs (Threat Hunters, IR, Engineering, AppSec, Data Protection, DevSecOps)
Automation Engineers, GenAI Developers, and Content Engineers
Drive workforce planning, succession management, and leadership development across the CDC organization.
Establish structured programs for talent enablement, certification (SC-200, CISSP, CEH, AZ-500), and GenAI cross-skilling.
Create a culture of continuous learning, operational discipline, and innovation, aligned with the principles of Kyndryl’s “Operate with Intelligence” model.
Conduct periodic competency reviews and align resource capacity with delivery demand.
4. Technology & Platform Integration
Oversee the integration, health, and performance of core CDC platforms, including:
Microsoft Sentinel (SIEM)
Azure Logic Apps (SOAR)
Defender XDR Suite (EDR/NDR)
Security Copilot Agents (AI-assisted analysis)
Vulnerability Management Tools (Qualys, Tenable, etc.)
DLP, CASB, IAM, and AppSec tools
Ensure end-to-end telemetry coverage, optimized detection engineering, and cross-platform interoperability.
Partner with AI and Automation Leads to expand use of predictive analytics, agentic AI, and self-healing workflows within SOC operations.
Validate technology roadmaps, manage OEM escalations, and track upgrade and patch cycles in coordination with platform teams.
Establish and maintain KPIs for platform availability, use case efficacy, and automation ROI.
5. Reporting & Stakeholder Engagement
Report to the Account Delivery Partner Executive and maintain strong engagement with:
Client CISOs, Risk Officers, and Business Security Leaders
Internal Service Delivery Managers (Network, Cloud, Workplace, ITSM)
Global Incident Managers and Operations Heads
Conduct Monthly Business Reviews (MBRs) and Quarterly Business Reviews (QBRs), presenting insights on:
Threat landscape and emerging trends
SLA/KPI performance and improvement actions
Operational risks, compliance posture, and investment opportunities
Deliver executive dashboards via Power BI or Kyndryl Bridge, highlighting security effectiveness, automation gains, and strategic roadmap progress.
Support contract renewals, RFPs, and presales engagements, demonstrating measurable value realization from CDC services.
6. Continuous Improvement & Transformation
Champion Cyber Defense maturity model (CDMM) and continuous improvement programs to enhance process and tool effectiveness.
Drive service optimization initiatives to reduce manual efforts through GenAI-assisted playbooks, auto-RCA generation, and intelligent alert correlation.
Establish a Cyber Innovation Cell within CDC to incubate use cases around AI-driven anomaly detection, automated decision-making, and self-defending infrastructure.
Benchmark SOC performance against industry best practices (Gartner, MITRE ATT&CK, ENISA) to ensure competitive maturity.
Collaborate with engineering and architecture teams for platform scalability, integration, and resilience.
Who You Are
Proven experience leading large-scale Cyber Defense Centers or Managed SOC operations with 24x7 delivery responsibility.
Strong understanding of SOC, IR, Threat Hunting, VM, and AppSec operations and toolchains.
Deep technical familiarity with Microsoft Sentinel, Defender, Azure Logic Apps, KQL, EDR/XDR platforms, and automation pipelines.
Strategic understanding of Zero Trust, AI/GenAI, and agentic SOC transformation models.
Demonstrated success in client engagement, contract governance, and SLA management.
Experience with process frameworks (NIST 800-61, ITIL v4, ISO 27035, MITRE ATT&CK).
Strong financial and operational acumen to manage P&L, budgets, and utilization targets.
Being You
Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.
What You Can Expect
With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.
Get Referred!
If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.