Skip to content

CSIRT SOC Director

United States – Must Work East Coast Hours

Primary Purpose and Goal of Role  

The SOC Operations Leader is responsible for leading a 24x7 team of security analysts and experts for Quzara. The CSIRT / SOC Operations leader will help deliver the Quzara vision of redefining traditional SOC operations using automation, orchestration, and analytics. We are looking for a hands-on, dynamic, and fast-paced Cyber Security Operations & Cyber Security Incident Response Director. In this role, you will be responsible for responding to security threats facing the company and or our clients. You will help further develop the security operations center and incident response program and automation that protects us today and tomorrow. This is a high visibility role and requires a strong technical leader with outstanding customer service skills capable of planning and executing to meet core objectives.


  • Lead 24x7 delivery team, foster innovation, and drive accountability within the SOC and Incident Response functions.
  • Must have proven track record of SOC experience in a government environment or Defense Applications scenario.
  • Must have deep expertise in Managed Detection & Response (MDR) Processes and Incident Response.
  • Must have deep demonstratable experience in Microsoft Sentinel, Microsoft 365 Defender suite of technologies including KQL Development, Playbooks and workbooks.
  • Lead projects that include cloud/SaaS security monitoring, automation, incident response and improve security awareness within the organization.
  • Be a thought leader in security engineering and operations delivery - driving automation, analytics, and advanced threat analysis.
  • Oversee technical delivery, assessing and continually improving output and ensuring processes are developed and adhered to in order to drive operational excellence.
  • Provide administrative direction and support for daily operational activities.
  • Keep current with the latest vendor updates, expansion opportunities, and technology directions utilized in our environment.
  • Collaborate and consult with other Group Leaders/Managers on the overall advancement of the Emerging Services organization and Quzara in general.
  • Establish operational foundations, defining metrics and KPIs to drive governance, quality, and efficiency.
  • Influence and improve existing processes through innovation and operational change.
  • Manage staffing, including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions.
  • Perform annual staff appraisals.
  • Develop and mentor staff through open communication, training and development opportunities, and performance management processes; build and maintain employee morale and motivation.
  • This is a full-time position. Standard business hours are Monday through Friday, 8:30 AM to 5:30 PM EST. With this role, the hours will fluctuate to provide 24/7 coverage. Additional time outside of these hours may be needed to complete the essential functions of the job.


  • Minimum 7 years of Security leadership, with experience building long-term career development plans for team members at all levels.
  • Proven experience in managing teams responsible for investigating cloud security incidents on AWS/GCP/Azure following well-known industry standards/framework/benchmark (MITRE, NIST, CIS, or equivalent).
  • Proven experience with creating incident response workflows, processes, and playbooks with defined SLAs and reflecting it to the company’s stakeholders (e.g., Executive management).
  • Proven experience with automating security flows (SOAR) and threat intelligence.
  • Familiarity with multiple regulations and compliance standards such as ISO27001, FedRAMP, FIPS, SOC 2.0, GDPR, and HIPAA.
  • Experience in designing, implementing, and measuring relevant security and technology management critical success factors, key performance indicators, and metrics.
  • Ability to create shift schedules to ensure 24x7 coverage by support personnel.
  • In-depth knowledge of modern security concepts and how to apply them.
  • CISSP certification
  • CISMP certification
  • Microsoft Security Operations
Quzara LLC is an Equal Employment/Affirmative Action employer. We do not discriminate in hiring based on sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state, or local law. 


Working for Quzara means being part of a team driven by innovation and dedication where we rise together.
Apply Today