Senior Director, Threat Operations

What You Will Do

• Define and execute the global strategy for Threat Operations, ensuring alignment with Sophos’ broader business objectives, product roadmap, and customer commitments. 
• Lead multiregion SOCs and Threat Ops functions with a focus on operational scale, service reliability, innovation, and measurable customer outcomes. 
• Own operational OKRs, performance targets, and continuous improvement initiatives across global teams. 
• Oversee global MDR operational delivery, including threat detection, response, threat hunting, automation, and analyst workflows. 
• Drive transformation programs that enhance efficiency, tooling, quality, and incident handling maturity. 
• Partner with Engineering and Product to shape roadmap priorities, requirements, and future service capabilities. 
• Own capacity modeling, workforce planning, and longterm staffing strategies for a global 24x7x365 operation. 
• Act as a sponsor for strategic customers, ensuring clarity, trust, and superior support during major incidents and escalations. 
• Engage with executive leadership (internal and external) to represent Threat Operations, service posture, and strategic initiatives. 
• Drive customer retention and service expansion in partnership with Sales and Customer Success. 
• Collaborate deeply with Threat Research and Labs to operationalize advanced detection capabilities. 
• Influence longterm architecture and design decisions for SOC tools, data pipelines, automation, and telemetry. 
• Champion security operations best practices across internal teams and customerfacing functions. 
• Build and scale highperforming global teams, including frontline analysts, leads, managers, directors, and senior technical staff. 
• Develop leadership bench strength, establish succession plans, and drive a culture of excellence, accountability, and innovation. 
• Create and maintain a global operational training strategy, including career development frameworks. 
• Drive established policies, procedures, and standards as a means of producing repeatable outcomes as they relate to Managed Detection and Response goals and objectives 
• Perform team member assessment, development, and implementation of continuous improvement practices 

What You Will Bring

• 10+ years of experience in cybersecurity, with 5+ years in senior operational leadership roles (Director/Senior Director or equivalent). 
• Proven experience leading global SOC/MDR operations at scale across multiple time zones and operational functions. 
• Strong executive presence with the ability to drive alignment, influence decisions, and communicate effectively with Csuite stakeholders. 
• Deep understanding of modern attacker tradecraft, detection engineering, threat hunting, and incident response workflows. 
• Demonstrated success in transforming operational organizations, including service modernization, tooling evolution, automation, and process redesign. 
• Experience partnering with Product & Engineering to guide roadmap development and service capabilities. 
• Strong analytical and KPIdriven mindset; proficient in leveraging metrics to drive operational performance. 
 
Preferred 
• Background influencing or owning budget, P&L elements, or multimilliondollar program portfolios. 
• Experience in highgrowth SaaS or MDR providers. 
• Familiarity with frameworks such as MITRE ATT&CK, NIST CSF, and cyber defense maturity models.