Director, Head of Security Operations

The Head of Security Operations is a senior leadership role responsible for overseeing and directing the security operations of our organization. This includes managing the day-to-day execution of our cybersecurity countermeasures to ensure the safety and security of our people, digital assets, and technology.

1. Strategic Oversight & Leadership:
• Develop and implement comprehensive security strategies, aligning with organizational objectives, legislative requirements, and industry best practices as outlined by the CISO.
• Manage the security operations team to successful outcomes.
• Actively participate as a member of the security leadership team and collaborate with other SLT members on initiatives and projects.
• Measure the comprehensiveness, effectiveness and growth of security operations domains, create CISO dashboards indicating trends, propose changes, projects or other initiatives to enhance these programs.
2. Collaboration: Build and maintain effective relationships with stakeholders, including:
• Security leadership team
• IT and technology teams
• Business leaders and executives
3. Security Operations Management: Lead and manage a team of security professionals, including employees and vendors, to build and execute day-to-day Security Operations including:
• Asset Management – Discover, inventory and classify all information assets (devices, networks, users, applications and data) so that we are able to appropriately protect and monitor our environment.
• Threat Management- Ingest and develop cyber threat information in order to strengthen our defenses, while working with trusted partners to better prevent, detect and respond to cyber incidents effectively, and to assist our partners to do the same.
• Data Protection – Identify, organize and protect Vista data at rest, in motion, and in use.  Safeguard Vista data through consistent policy enforcement and control optimization.
• Platform Protection - Ensure Vista’s platforms are managed consistent with Vista’s risk and threat landscape to protect their Confidentiality, Integrity, and Availability.  Ensure the SOC has the ability to respond to identified compromises quickly and thoroughly.
• Identity and Access Management - Ensure that only the right individuals have access to the right resources under the right circumstances and for the right reasons. Develop mechanisms to detect and respond to identities with overly permissive access rights.
• Secure Culture - Empower end users to be cyber “sentries;” always on alert, knowledgeable of cyber threats, and proactive in reporting suspicious activity to the security team.  Make the “security mindset” the default.
• Security monitoring and response - Determine when an event is a security incident that requires investigation or action to minimize impact to the business for any cyber security related Drive continuous monitoring, rapid triage, and effective incident response to minimize business disruption.
4. Training and Development:
• Stay up-to-date with emerging threats and technologies; and implement changes to security operations and strategies as needed.
• Ensure security team members possess the necessary skills and knowledge to perform their duties effectively.  Coach and mentor appropriately.
• Develop and implement training programs and goals for security staff allowing for upskilling and cross training within the team.
5. Budget and Resource Management:
• Oversee the security operations budget, monitor expenses, and ensure efficient allocation of resources.

• Minimum of 10 years of experience in cybersecurity, including 4+ years managing security operations teams (including operations functions outside of SOC).
• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field, or equivalent experience.
• Significant experience in managing information security operations or incident response activities in a complex, fast-paced organization.
• Ability to pivot from manager role to hands-on tasks as situations require it.
• Excellent leadership and communication skills.
• Certifications such as CISSP, CISM, or ISSMP a plus.
• Ability to build effective relationships and collaborate with diverse stakeholders.
• A positive attitude and a passion for solving problems.
• Ability to work at a fast-pace and think creatively.3
• Ability to lead and pivot quickly in a dynamic, high-pressure environment.
• Broad knowledge of security technologies and trends 
• Ability to apply technical concepts to problem solving. 
• Proficiency with scripting and automation.

The annualized base pay range for this role is expected to be between $215,000 - $245,000. Actual base pay could vary based on factors including but not limited to experience, subject matter expertise and the applicant's skill set.  The base pay is just one component of the total compensation package for employees.  Other rewards may include an annual cash bonus and a comprehensive benefits package.    

Vista is a leading global investment firm that invests exclusively in enterprise software, data and technology-enabled organizations across private equity, credit, public equity and permanent capital strategies. The firm brings an approach that prioritizes creating enduring market value for the benefit of its global ecosystem of investors, companies, customers and employees. The focus of Vista’s Value Creation Team is to accelerate the corporate maturity of its companies – building software businesses that excel in product superiority and operational efficiency. Their collective counsel and resources allow companies to unlock opportunity, scale their business and grow sustainably to deliver value to all stakeholders. Further information is available at vistaequitypartners.com. Follow Vista on LinkedIn @Vista Equity Partners or Twitter @Vista_Equity.