The Director of Cybersecurity Operations leads the organization’s 24x7x365 Cyber Defense program, overseeing threat detection, incident response, Cyber Threat Intelligence (CTI), Threat Hunting, Purple Teaming, Threat Modeling, and Data Security capabilities (including DLP, data inventory, and data classification). This role is responsible for the people, processes, and technologies that proactively defend the enterprise, strengthen detection and response effectiveness, protect sensitive data assets, and drive continuous operational maturity and measurable risk reduction.
Reporting to the Head of Cybersecurity Technology, with a dotted-line relationship to the CISO, this leader partners closely with Cybersecurity Engineering, Identity & Access Management, Infrastructure, Risk, and Business stakeholders to continuously enhance the organization’s security posture while enabling business objectives.
Key Responsibilities and Skills:
- Lead and develop a high-performing global SOC team responsible for 24x7x365 threat monitoring, detection, and incident response.
- Oversee incident detection, investigation, containment, and post-incident review processes.
- Drive continuous improvement of SOC processes, playbooks, tooling, and automation capabilities.
- Establish and mature detection engineering and threat hunting capabilities.
- Lead and mature the Cyber Threat Intelligence program, aligning it to business risk and the evolving threat landscape to proactively identify emerging threats and strengthen detection and defensive capabilities.
- Mature and operationalize the threat hunting program to deliver repeatable, proactive hunts that drive actionable security improvements.
- Mature the Purple Team program to continuously validate and strengthen detection and response capabilities through red team simulations and adversary emulation, ensuring measurable improvements in controls and key performance metrics (e.g., MTTD, MTTR).
- Establish and mature an enterprise Threat Modeling program integrated into the SDLC to proactively identify risks and ensure alignment between security requirements, monitoring use cases, and detection capabilities.
- Lead and mature the enterprise Data Security program by strengthening data inventory and classification, enhancing DLP capabilities, and improving secure data handling controls to protect sensitive information
- Ensure operational readiness through metrics, reporting, tabletop exercises, and simulations.
- Define and communicate the strategic vision and roadmap for Cybersecurity Operations.
- Develop KPIs, KRIs, and performance metrics to measure team effectiveness and risk reduction.
- Lead business planning, budget management, vendor selection, and investment ROI analysis.
- Support long-term cybersecurity strategy and annual operating plans.
- Align operations with regulatory and compliance frameworks (e.g., PCI-DSS, GDPR, NY DFS, CCPA).
- Develop executive and board-level presentations for quarterly reviews and strategic updates.
- Craft clear communications regarding cybersecurity posture, major incidents, and risk trends.
- Represent Cybersecurity Operations in internal briefings, audits, and external engagements as needed.
- Craft external communications including customer briefings, external speaking engagements, PR activities, executive reviews, etc.
Preferred Technical Knowledge
- Experience with cloud security monitoring (AWS, Azure, GCP).
- Knowledge of behavioral analytics and insider risk monitoring.
- Familiarity with automation and orchestration (SOAR platforms).
- Understanding of threat intelligence integration.
- Industry certifications such as CISSP, CISM, or equivalent.
Experience Requirements:
- Minimum of 7 years of experience in the Cybersecurity field
- Minimum of 5 years of experience working directly in a SOC
Education Requirements:
- Bachelor’s Degree in Computer Science or similar field of study
OneMain Holdings, Inc. is an Equal Employment Opportunity (EEO) employer. Qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship status, color, creed, culture, disability, ethnicity, gender, gender identity or expression, genetic information or history, marital status, military status, national origin, nationality, pregnancy, race, religion, sex, sexual orientation, socioeconomic status, transgender or on any other basis protected by law.