Director of Managed Security Operations

About TraceableJoin the future of API security with a company founded by serial innovators reshaping the software industry. Visionaries Jyoti Bansal and Sanjay Nagaraj, creators of AppDynamics (acquired by Cisco for $3.7B), established Traceable with a bold ambition : to become the global leader in API security. We're experiencing explosive growth, tripling revenue and scaling rapidly to empower enterprises facing evolving API threats. This success is fueled by a winning strategy : unwavering customer obsession, relentless product innovation, and strategic partnerships - all backed by the entrepreneurial expertise behind past industry-defining success. Our cutting-edge solution makes API security manageable for businesses across the globe, ensuring APIs drive growth, not risk.Join this winning team and make your mark! About The RoleWe are seeking an experienced security leader to build and lead our Managed SOC team. This role will be critical in establishing and scaling our managed security operations service, focusing on API & Application security threat detection and response for our customers. The Managed SOC team will detect, analyze, and respond to security threats targeting customer environments. As the Managed SOC Team Leader, you will work closely with senior leadership, product teams, and customer success teams to ensure that our SOC services are aligned with our customers' goals and expectations. You will also be responsible for establishing best practices, building team capabilities, and maintaining a high level of service excellence.This leadership role will require a strong combination of technical expertise, team management, and strategic thinking to build a resilient and proactive security operations framework that aligns with customer needs. The ideal candidate will combine strong technical expertise in API & application security with proven leadership experience in managed security services.Role ResponsibilitiesLeadership and Team Development : Lead, mentor, and grow a high-performing Managed SOC team that is responsible for threat monitoring, detection, and incident response. Develop and implement SOC team workflows, escalation procedures, and playbooks to ensure timely and effective responses to security incidents.Drive a culture of continuous improvement, technical excellence, and collaboration across all SOC team members.Recruit, onboard, and train new team members to scale the SOC function as the business grows.Foster a strong customer-focused mindset within the team to provide exceptional service to clients.Work with the product development and engineering teams to integrate security measures into customer-facing products, ensuring detection capabilities are embedded throughout the product lifecycle.Collaborate on the development of new SOC-related product features, reporting mechanisms, and integrations that can enhance detection capabilities for customers.Threat Detection and Incident Response : Oversee real-time threat monitoring, detection, and analysis across customer environments, including applications, networks, and endpoints.Ensure the team is using the latest security tools and methodologies to proactively detect threats and vulnerabilities.Lead incident response efforts, including the triage, containment, eradication, and post-incident analysis for customer security incidents.Work with the security research & threat intelligence team to incorporate the latest cyber threat intelligence (CTI) into detection strategies.Establish metrics and KPIs to track and improve incident response times, detection accuracy, and overall SOC performance.Getting threat intelligence data from dark web, private telegram channels etc for threat intel about 0 days, planned attacks, leaked credentials, session stealing malwareEstablish relationships with Threat intel partners, ISACs and MITRE for early disclosures on 0 days vulnerabilities.Detection engineering - Build detection rules, create response playbooks, develop detection tools and fine-tune alertsThreat detection around OWASP API top 10BoT Detection : Oversee and analyze real-time bot attacks, identify policies to be written to mitigate.Work with security research to be aware of and incorporate new & existing bot attackers and their signatures. Use external data, as needed, to identify & mitigate attacks quickly.Report attacks to customers. Educate them on latest attack trends.Work with customers to identify key flows sensitive to bot attacks.Build runbooks for the team for defending against known and zero-day bot attacks.Customer Support : Act as the primary point of contact for customers regarding security incidents, threat intelligence, and ongoing SOC services.Work closely with Customer Success and Sales teams to ensure customer requirements are being met, and provide technical guidance on security posture improvement.Regularly engage with customers to present threat landscape assessments, incident reports, and security recommendations.Proactively identify customer security needs, and tailor SOC offerings to ensure maximum value and satisfaction.SOC Operations and Continuous Improvement : Develop and maintain a set of security monitoring, detection, and response playbooks for SOC operations.Regularly assess and refine SOC processes, workflows, and technology to optimize operational efficiency and incident response.Conduct periodic threat simulations and tabletop exercises to ensure the team is prepared for a wide range of potential security incidents.Stay up to date with the latest trends, tools, and best practices in application security, threat hunting, and incident response.Reporting and Analytics : Provide executive-level reporting on SOC performance, including key metrics (MTTR, false positive rate, incident trends, etc.) and customer security posture.Analyze and present detailed post-incident reports to stakeholders, highlighting lessons learned, root cause analysis, and recommendations for improvement.Ensure comprehensive documentation of all security incidents and SOC activities for compliance, audit, and operational transparency.Qualifications8 years of experience in cybersecurity, with a focus on security operations, threat detection, and incident response.3 years in a leadership or managerial role in a SOC, or related security functions such as threat hunting or incident response.Experience building and scaling SOC teams, including hiring, training, and mentoring.Deep understanding in building detection engineering and incident response pipelines from logs->

alerts->

incidents->

notifications. Familiarity with API & application security concepts (OWASP, SAST / DAST, secure code practices, and vulnerability management).Expertise in security technologies such as SIEM (Splunk, Elastic Stack, QRadar), firewalls and threat intelligence platforms.In-depth knowledge of attack vectors, vulnerability assessments, and threat modeling.Experience in incident response and forensic investigations, including analyzing logs, security events, and system artifacts to identify compromise indicators.Familiarity with regulatory requirements (GDPR, HIPAA, PCI DSS, SOC 2) and industry security standards.Experience working with performance monitoring tools like Grafana, Prometheus or equivalentFamiliarity with detection engineering tools and languages like ElasticAlert, Splunk Query language, SQL or equivalent.Excellent leadership, communication, and interpersonal skills, with the ability to manage a diverse, geographically distributed team.Strong customer service orientation, with the ability to understand and address customer concerns and security needs.Proven track record of driving operational excellence, process improvements, and developing a proactive security culture within a team.Ability to work under pressure and make critical decisions in high-stress situations.Preferred Qualifications CISSP (Certified Information Systems Security Professional)CISM (Certified Information Security Manager)CEH (Certified Ethical Hacker)GIAC Certified Incident Handler (GCIH)SOC Analyst or Threat Hunting certificationsTraceable Perks & BenefitsCompetitive salary and commissionEarly stage equity so when Traceable succeeds, you do tooFlexible paid time off Paid parental leaveBest-in-class health benefits including a One Medical membership Flexible Spending Account (FSA)Employee Assistance Program (EAP)Remote home office setupMonthly internet reimbursement401(K)We value diversity and treatment of employees and applicants is based on merit, talent and qualification. We encourage people from underrepresented groups to apply. We believe the key to success is bringing together unique perspectives and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. For qualified applicants with criminal histories, consideration will be consistent with the requirements of the San Francisco Fair Chance Ordinance. All your information will be kept confidential according to EEO guidelines.Direct applicants only. Recruiting agencies : Please do not email or call our team. We are not accepting agency candidates.#LI-LBWe believe the key to success is bringing together unique perspectives and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.For qualified US : applicants with criminal histories, consideration will be consistent with the requirements of the San Francisco Fair Chance Ordinance. All your information will be kept confidential according to EEO guidelines.