Exec Director, Cyber Defense Operations

We're building a world of health around every individual - shaping a more connected, convenient and compassionate health experience. At CVS Health®, you'll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger - helping to simplify health care one person, one family and one community at a time.

The Executive Director of Defense Operations, within the Cyber Defense organization, is responsible for defining and executing a multi‑year, enterprise‑wide strategy for the Security Operations Center and the Computer Security Incident Response Team functions.

This role provides executive leadership for 24x7 security operations capability, ensuring rapid identification, containment, and remediation of cyber threats while continuously advancing the maturity, scalability, and effectiveness of detection and response programs. This role necessitates ability to rapidly triage and categorize remediation efforts, effective dissemination of tasks to pertinent business and technology units, and is a reliable source of understanding the scope and implication (business and/or compliance) of unfolding events.

This leader sets the long‑term vision and operating model for security operations, integrating threat intelligence, threat hunting, automation, orchestration, and advanced analytics to improve outcomes at enterprise scale, while driving pertinent alignment and relationships with colleague executives in the business lines within CVS.

The Executive Director drives the adoption of leveraged agentic, autonomous and automation capabilities to enhance anomaly detection, threat modeling, remediation triage and predictive response. Partnering closely with business, technology, legal, compliance, and executive stakeholders, this role ensures security operations align with business objectives, regulatory requirements, and evolving threat landscapes. In addition, the Executive Director mentors senior leaders, develops high‑performing global teams, and delivers executive‑level insights, metrics, and strategic guidance that strengthen organizational resilience.

• Develop, maintain and execute the enterprise‑wide detection and response program aligned with Cyber Defense, larger business objectives, and regulatory requirements.
• Develop, own and maintain the enterprise Detection and Response Maturity Model, Strategy, Roadmap and Operating Model.
• Lead and mentor a team of Triage, Detection Engineers, Threat Hunters, and Incident Response professionals, fostering a culture of continuous improvement and operational excellence.
• Strategize with senior leaders across Product, Engineering, and Security. You are a key stakeholder in the company's direction, advocating for the telemetry and architectural changes required to support future detection use cases.

• Serve as the Incident Commander for major security incidents, coordinating technical teams and executive leadership.
• Develop innovative and cutting‑edge detection content aligned with ATT&CK, ATLAS, D3
  
  FEND and various other cyber security frameworks.
• Identify and surface patterns to leadership regarding root causes of problems. You anticipate future challenges and own the delivery of solutions before they become bottlenecks.
• Ensure tracking of OKRs aligned to maturity models, defining, tracking and reporting on KPIs and KRIs to track operational and strategic improvements.

• Partner with threat intelligence, other security teams to enhance detection and response capabilities.
• Act as a liaison with legal, compliance, and public relations during high‑impact incidents.
• Provide executive‑level briefings and actionable insights to senior leadership.

• Drive automation and orchestration initiatives to improve operational efficiency.
• Monitor emerging threats and adapt operations, tactics, and strategies accordingly.
• Lead tabletop exercises and other simulations to validate readiness.

• 15+ years of experience in…