Director, Security Operations jobs in United States
cer-icon
Apply on Employer Site
company-logo

Agilysys · 2 days ago

Director, Security Operations

positionAlpharetta, GA
timeFull-time
remoteOnsite
seniorityDirector/Executive
date10+ years exp

Agilysys is seeking a Director of Security Operations to lead and mature the organization’s cyber defense capabilities. This role involves overseeing security operations, incident response, and vulnerability management, ensuring rapid detection and recovery from security incidents while proactively reducing risks.

Information TechnologySoftware
check
H1B Sponsor Likelynote

Responsibilities

Lead and oversee 24x7 security operations and enterprise incident response capabilities
Own the Incident Response (IR) program, including policies, playbooks, escalation paths, and communication protocols
Ensure rapid identification, containment, eradication, and recovery from security incidents
Act as executive incident commander for high-severity incidents, coordinating technical, legal, privacy, communications, and business stakeholders
Conduct and oversee post-incident reviews, root cause analysis, and corrective action plans
Ensure lessons learned are translated into improved detections, controls, and preventive measures
Lead tabletop exercises and simulate cyber incidents to validate readiness and executive decision-making
Establish and mature a structured threat hunting program focused on identifying advanced, persistent, and evasive threats not detected by automated controls
Direct hypothesis-driven threat hunts using adversary TTPs, threat intelligence, and MITRE ATT&CK mappings
Ensure threat hunting outcomes drive improvements in detection logic, alert fidelity, and preventive controls
Own the enterprise vulnerability management program across infrastructure, endpoints, applications, containers, and cloud platforms
Establish risk-based vulnerability prioritization using exploitability, business impact, asset criticality, and threat intelligence
Oversee vulnerability scanning, validation, remediation tracking, and executive reporting
Drive continuous improvement in remediation SLAs and vulnerability reduction metrics
Guide development and tuning of threat detection use cases aligned to the MITRE ATT&CK framework
Ensure comprehensive telemetry coverage across endpoint, identity, network, cloud, and SaaS environments
Integrate vulnerability, misconfiguration, and threat intelligence to improve exposure-based detection and response
Partner with Security Architecture and Engineering teams to operationalize secure-by-design and preventive controls
Define and track operational SLAs, KPIs, and KRIs for SOC performance, incident response effectiveness, vulnerability management, and configuration security
Provide clear, concise, risk-based reporting to executive leadership and the Board
Support regulatory, audit, and customer assurance activities (SOC 2, PCI, SOX, etc.), including incident response evidence and reporting
Build, mentor, and lead high-performing SOC, IR, and vulnerability management teams
Establish on-call, escalation, and follow-the-sun operational models
Manage security operations vendors, MDR providers, and tooling investments to maximize coverage and efficiency
Drive automation through SOAR and workflow orchestration to improve response speed and consistency

Qualification

Security OperationsIncident ResponseVulnerability ManagementMITRE ATT&CKSIEM TechnologiesCloud SecurityCrisis LeadershipRisk-based Decision MakingAutomation MindsetClear Communication

Required

10+ years of progressive experience in cybersecurity, including deep expertise in Security Operations and Incident Response
5+ years of experience leading SOC and IR teams in enterprise or SaaS environments
Extensive experience leading and working with international cyber teams
Strong hands-on knowledge of: Incident response frameworks and playbooks, MITRE ATT&CK and D3FEND frameworks, SIEM, SOAR, EDR/XDR technologies, Vulnerability management and exposure reduction, Cloud security and configuration management
Proven experience serving as incident commander for high-severity cyber incidents

Preferred

Experience with breach response coordination involving legal, privacy, and communications teams
Familiarity with regulatory notification requirements and customer communications
Industry certifications such as CISSP, CISM, GIAC (GCIH, GCED), or equivalent

Company

Agilysys

twittertwittertwitter
Glassdoor3.7
company-logo
Agilysys is a hospitality solutions company.
dateFounded in 1963
location
Alpharetta, Georgia, USA
people-size1001-5000 employees
web-link
http://www.agilysys.com/

H1B Sponsorship

Agilysys has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (1)
2023 (1)
2020 (6)

Funding

Current Stage
Public Company
Total Funding
$72.7M
2024-02-14Post Ipo Secondary· $72.7M
1978-06-13IPO

Leadership Team

leader-logo
Prabuddha Biswas
CTO
linkedin
leader-logo
Joe Ahmed Youssef
SVP & Chief Commercial Officer
linkedin

Recent News

Business Wire
Agilysys Mobile Caddie App Drives Over 20 Hours of Weekly Scheduling Efficiency for Streamsong Resort’s Golf Operations
2025-12-11
Morningstar.com
Agilysys InfoGenesis® Point-of-Sale (POS) Platform Approved by IHG Hotels & Resorts Across Its Portfolio
2025-12-02
Morningstar.com
Agilysys Book4Time Wins 2025 American Spa Professional’s Choice Award for Favorite Spa Software Technology
2025-11-24
Company data provided by crunchbase