×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Director, Security Operations

Job in Newark, New Castle County, Delaware, 19712, USA
Listing for: University of Delaware
Full Time position
Listed on 2026-05-22
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Job Description & How to Apply Below
Pay Grade: 33S

Context of Job

The Director of Security Operations is a senior cybersecurity leader responsible for designing, executing, and continually improving the institution's security operations capabilities. This role provides strategic and hands-on leadership across the Security Operations Center, incident response, digital forensics, vulnerability management, endpoint detection and response (EDR/XDR), firewall and network security, and coordination with Managed Detection and Response (MDR) providers.

The Director works closely with central IT, schools and colleges, legal counsel, privacy, compliance, and external investigators to ensure effective detection, response, investigation, and recovery from cybersecurity incidents in a complex higher-education environment that includes on-premises, cloud, and research systems. This role is accountable for ensuring cybersecurity operations balance risk reduction with usability and operational needs across academic, administrative, research, and affiliated units.

The Director, Security Operations and SOC, reports to the Chief Information Security Officer (CISO).

Major Responsibilities:

Security Operations & SOC Leadership

* Establish and lead a mature, outcomes-driven SOC operating model aligned with higher education risk, academic openness, and regulatory requirements.

* Define SOC strategy, operating procedures, escalation models, and service maturity roadmap.

* Lead, mentor, and develop SOC analysts, incident responders, and security engineers across distributed campus environments.

* Provide operational leadership supporting multiple schools, colleges, research units, and administrative systems.

* Ensure technical security controls, processes, and services operate effectively to support prevention, detection, response, and recovery capabilities.

* Act as a change agent, driving the adoption of new security technologies and operational processes to improve cyber resilience.

* Lead multiple security operations teams and initiatives concurrently, prioritizing service improvement projects based on risk and value.

* Threat Detection, MDR & EDR/XDR

* Own threat detection and response across networks, endpoints, servers, cloud platforms, and SaaS environments.

* Serve as the primary institutional owner for MDR services, ensuring alignment with internal SOC workflows, SLAs, and escalation paths.

* Oversee EDR/XDR platforms, detection tuning, threat hunting, and response automation.

* Validate detection coverage using frameworks such as MITRE ATT&CK.

Incident Response, Forensics & Investigations

* Lead security incident response activities, including containment, eradication, recovery, and post-incident analysis.

* Develop, maintain, and regularly test incident response plans (IRP), playbooks, and tabletop exercises.

* Oversee digital forensics investigations, including endpoint, network, log, and cloud-based forensic analysis.

* Coordinate litigation holds, evidence preservation, and chain-of-custody requirements in collaboration with Legal, Compliance, and Privacy offices.

* Act as the primary security liaison with external investigators, law enforcement, cyber insurance carriers, and third-party forensic firms when required.

* Ensure proper documentation and reporting for regulatory, legal, and institutional requirements.

* Oversee digital forensics activities, including endpoint, network, cloud, and application-level investigations.

* Coordinate with Legal, Privacy, and Compliance teams to support litigation holds, evidence preservation, and regulatory inquiries.

* Engage and manage external investigators, cyber insurance partners, and third-party forensic firms during major incidents.

* Ensure incident response activities support post-incident reporting, lessons learned, and operational improvements.

* Cloud & Modern Infrastructure Security

* Lead security operations for cloud platforms (e.g., Azure, GCP, AWS), including incident response and forensic investigations in cloud-native environments.

* Partner with system, network, HPS, infrastructure, and enterprise application teams to integrate security logging, monitoring, and response into cloud and hybrid architectures.

* Oversee security operations for SaaS platforms commonly used in higher education.

* Provide oversight for application and platform security testing, including secure development practices and Dev Sec Ops  integration.

* Support cloud-native forensic investigations and security monitoring across IaaS, PaaS, and SaaS platforms.

* Ensure security operations integrate with modern application delivery pipelines and enterprise platforms.

Firewall & Network Security Ownership

* Own and manage the campus Palo Alto next-generation firewall environment, including:

* Architecture and design

* Rulebase governance and segmentation

* Secure zone and enclave design

* Change management and performance optimization

* Design firewall and network security solutions that balance academic access, research needs, and institutional risk.

* Collaborate…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search