[Remote] Global Head of Cyber Defense and Security Operations

Note: The job is a remote job and is open to candidates in USA. UST HealthProof is a digital transformation company that empowers clients through technology. They are seeking a Global Head of Cyber Defense and Security Operations to lead their security operations, focusing on strategy, execution, and maturation of their Security Operations Center and various cyber defense initiatives.

Responsibilities

• Lead the global 24x7 SOC, detection engineering, threat hunting, threat intelligence, malware analysis, digital forensics, and incident response functions
• Drive measurable improvements in MTTD, MTTR, ATT&CK-aligned detection coverage, and analyst efficiency through automation, orchestration, and continuous tuning
• Own Security Posture Management as a continuous discipline -translating control gaps, detection coverage, and threat exposure into prioritized remediation actions aligned to UST's risk appetite
• Own the security operations technology stack - SIEM, SOAR, EDR/XDR, NDR, email security, DLP, deception, and threat intelligence platforms and the roadmap that keeps it ahead of the threat
• Drive the Breach and Attack Simulation (BAS) program to continuously validate detection coverage and control effectiveness against real-world attack patterns
• Own Digital Risk Monitoring and Brand Protection - covering external threat surface, dark web exposure, credential leakage, and brand impersonation targeting UST and its clients
• Own the end-to-end Vulnerability and Penetration Testing findings lifecycle from intake and prioritization through remediation coordination, closure validation, and reporting- partnering with Engineering, Architecture, and application teams to drive accountability and measurable risk reduction
• Govern the Responsible Disclosure program, serving as the operational owner for vulnerability intake, security researcher engagement, and remediation coordination
• Partner with Security Engineering and Architecture to operationalize controls and scale detection-as-code practices across the environment
• Serve as the senior US-resident security leader and primary escalation point for US executive leadership on all cyber defense matters
• Partner with the Global CISO on quarterly Board of Directors and Audit Committee materials, executive risk reporting, and governance deliverables - owning the underlying metrics, narrative, and analysis
• Represent UST's cyber defense program in client-facing engagements with CIO, CXOs, and CISO teams - security reviews, assurance discussions, joint tabletop exercises, post-incident debriefs, and strategic roadmap conversations
• Translate client expectations and regulatory pressure (FFIEC, NYDFS, HIPAA, HITRUST, PCI, SOX, NAIC, NIST CSF, ISO 27001) into operational requirements for the global team
• Build trusted peer relationships with CISOs in UST's client base and with industry ISACs and government partners, including CISA, FBI, and sector-specific ISACs
• Lead the Insider Risk and Insider Threat program in partnership with HR, Legal, Employee Relations, and Privacy - covering monitoring strategy, investigation protocols, case management, and offboarding controls
• Coordinate with Legal and Privacy on incident response notification, regulatory engagement, litigation holds, eDiscovery support, and law enforcement liaison
• Own US-specific compliance and assurance activities requiring domestic presence - client audits, regulatory engagements, and federal and state-level inquiries
• Lead, mentor, and grow a global Cyber Defense organization headquartered in India - building a high-trust operating model that bridges time zones and cultures
• Establish clear operating cadences, KPIs, and decision rights that empower India-based leadership while maintaining alignment with US executive priorities
• Sponsor talent development, succession planning, and a culture of technical excellence, accountability, and continuous improvement
• Maintain a regular travel cadence to India and client sites to build presence and reinforce one global team

Skills

• At least 12 years in cybersecurity, with at least 5 years leading security operations, cyber defense, or incident response at enterprise scale
• Demonstrated success running a 24x7 SOC and modern detection and response stack -SIEM, SOAR, EDR/XDR, and threat intelligence
• Experience leading globally distributed teams across multiple time zones, ideally including India or a major offshore delivery hub
• Executive presence and the ability to communicate credibly with CIOs, CTOs, CISOs, auditors, and regulators - and to produce Board-quality reporting in partnership with the Global CISO
• Hands-on command of the MITRE ATT&CK framework, detection engineering, threat hunting methodology, and the NIST 800-61 incident response lifecycle
• Strong track record partnering with HR, Legal, and Privacy on insider risk and personnel security
• US-based, with the ability to travel internationally (~15-25%)
• Prior Security Leadership Experience, or Global Head of Cyber Defense / SecOps experience
• Active relationships with US law enforcement and federal cyber agencies - FBI, USSS, CISA, DHS -with demonstrated experience engaging them in incident response, investigations, or threat intelligence coordination
• Background in or serving regulated industries (financial services, healthcare, government, critical infrastructure) and fluency with relevant frameworks (FFIEC, NYDFS, HIPAA/HITRUST, PCI DSS, SOX, NIST CSF, ISO 27001)
• Field CISO, client-facing security advisory, or consulting leadership experience
• Active participation in ISACs, sector partnerships, or government-industry forums (CISA, FBI InfraGard, sector ISACs)
• Industry certifications: CISSP, CISM, GCIH, GCFA, GCIA, or equivalent
• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or a related field - equivalent experience considered

Benefits

• Full-time, regular employees accrue a minimum of 10 days of paid vacation per year
• Receive 6 days of paid sick leave each year (pro-rated for new hires throughout the year)
• 10 paid holidays
• Are eligible for paid bereavement leave and jury duty
• Eligible to participate in the Company’s 401(k) Retirement Plan with employer matching
• They and their dependents residing in the US are eligible for medical, dental, and vision insurance
• Company-paid Employee Only benefits: basic life insurance, accidental death and disability insurance, and short- and long-term disability benefits
• Regular employees may purchase additional voluntary short-term disability benefits
• Participate in a Health Savings Account (HSA) as well as a Flexible Spending Account (FSA) for healthcare, dependent child care, and/or commuting expenses as allowable under IRS guidelines
• Benefits offerings vary in Puerto Rico
• Part-time employees receive 6 days of paid sick leave each year (pro-rated for new hires throughout the year)
• Part-time employees are eligible to participate in the Company’s 401(k) Retirement Plan with employer matching
• Full-time temporary employees receive 6 days of paid sick leave each year (pro-rated for new hires throughout the year)
• Full-time temporary employees are eligible to participate in the Company’s 401(k) program with employer matching
• Full-time temporary employees and their dependents residing in the US are eligible for medical, dental, and vision insurance
• Part-time temporary employees receive 6 days of paid sick leave each year (pro-rated for new hires throughout the year)
• All US employees who work in a state or locality with more generous paid sick leave benefits than specified here will receive the benefit of those sick leave laws

Company Overview

Company H1B Sponsorship