Director, Security Operations
Resideo
•
Golden Valley, MN
0
0
0
0
Director
Posted April 17, 2026
Job link
Thinking about this job
Responsibilities
Commitments
Responsibilities
- Develop and execute an enterprise SOC strategy aligned with corporate risk, security architecture, and business objectives.
- Oversee SOC governance including policies, processes, runbooks, and incident response playbooks.
- Define SOC goals, KPIs, SLAs, success metrics, and continuous improvement roadmaps.
- Provide briefings and actionable insights to the CISO, executive leadership, and the board on SOC posture, threat trends, and incident impact.
- Develop, standardize, and maintain core security governance documentation, including the Information Security Program, Incident Response Plan, and Security Policies and Procedures
- Operational Excellence
- Lead 24/7 SOC operations ensuring high‑quality monitoring, detection, analysis, threat hunting, and incident response.
- Oversee escalations for anomalous activities, vulnerabilities, and significant cyber events; ensure proper triage and coordinated response.
- Ensure protection and detection capabilities leverage modern analytics, automation, engineering, and industry‑accepted cybersecurity architecture practices.
- Identify, categorize, and report SOC performance trends; continuously optimize processes to improve detection fidelity and reduce overall risk.
- Team Leadership & Workforce Development
- Lead, mentor, and develop SOC managers, engineers, analysts, and threat intelligence staff; build a high‑performing and resilient SOC culture.
- Define staffing models, career pathways, training programs, and competency expectations.
- Maintain strong hiring, coaching, and retention practices to address talent shortages and burnout risks.
- Technology, Tools & Engineering
- Oversee enterprise security monitoring, automation, endpoint, identity, network, and cloud detection capabilities
- Partner with architecture and engineering teams to tune detection rules, prevention signatures, and correlation logic.
- Manage SOC technology roadmap and recommend upgrades, emerging solutions, or automation enhancements.
- Incident Response & Threat Management
- Direct cross‑functional incident response, ensuring rapid mitigation, root‑cause analysis, and post‑incident reporting.
- Lead proactive threat hunting and ensure timely consumption of threat intelligence to anticipate and mitigate emerging risks.
- Ensure SOC integrates with enterprise crisis management, forensics, and business resilience functions.
- Vendor, MSSP & Stakeholder Management
- Manage relationships with MDR, MSSP partners and security technology vendors; ensure high‑quality service delivery and contract compliance.
- Coordinate with IT, cloud teams, legal, privacy, compliance, and business units during detection and response activities.
- Collaborate with Legal, Privacy, and Compliance teams to ensure SOC processes meet regulatory and data privacy requirements and provide documentation supporting security governance programs.
Commitments
The spin-off is currently targeted for completion in the second half of 2026, subject to customary conditions.
Resideo complies with applicable equal employment laws in all countries where we do business.
If you require a reasonable accommodation to apply for a job, please use Contact Us form for assistance.
JOB INFO
Job Identification : 18042
Job Category : Cyber Security
Posting Date : 2026-03-17T23:35:40+00:00
Job Schedule : Full time
Locations : 2201 Donley Drive, Suite 100, Austin, 78758, US; 1985 Douglas Drive North, Golden Valley, 55422, US
(On-site)
Incentive Eligible : RBP
Business : Resideo
The bonus is contingent upon both individual and company performance.
US Visa Sponsorship Eligibility : This position is not eligible for US visa sponsorship
Not Met Priorities
What still needs stronger evidence
Requirements
- 10+ years of progressive experience in security operations, cyber defense, or threat management, with at least 5+ years in SOC leadership.
- Proven hands‑on technical background in:
- Firewalls, IDS/IPS
- Endpoint protection/EDR
- Email security
- Network security
- Incident response and digital investigations
- Optimize detection logic, behavioral analytics, correlation rules, and automated response workflows
- Strong understanding of enterprise infrastructure: networking, storage, servers, cloud, identity, and logging technologies.
- Demonstrated ability to manage 24/7 operations and high‑pressure incident scenarios.
- Effective communication skills with the ability to translate complex threats into clear, executive‑level language.
- CISSP, CISM, GCIA, GCIH, CEH, or equivalent.
- Experience working in hybrid/multi‑cloud environments and with modern cloud‑native detection technologies.
- Experience optimizing SOC performance via automation, threat intelligence integration, KPI monitoring, and continuous improvement frameworks.
- Familiarity with MITRE ATT&CK, NIST CSF, ISO 27001, and SANS SOC maturity models.
- Strong leadership, decision‑making, and crisis‑management skills.
- Deep understanding of cybersecurity principles, threat actors, attack lifecycles, cryptographic concepts, and vulnerability management.
Preferred Skills
- CISSP, CISM, GCIA, GCIH, CEH, or equivalent.
- Experience working in hybrid/multi‑cloud environments and with modern cloud‑native detection technologies.
- Experience optimizing SOC performance via automation, threat intelligence integration, KPI monitoring, and continuous improvement frameworks.
- Familiarity with MITRE ATT&CK, NIST CSF, ISO 27001, and SANS SOC maturity models.
- Strong leadership, decision‑making, and crisis‑management skills.
- Deep understanding of cybersecurity principles, threat actors, attack lifecycles, cryptographic concepts, and vulnerability management.
- Ability to maintain confidentiality and handle sensitive information with professionalism.
- Demonstrated commitment to innovation, operational excellence, and measurable security outcomes.
Job Description
The Director of the Security Operations is a established cybersecurity leader responsible for strategic oversight, operational excellence, and continuous maturity of the SOC , ensuring 24/7 monitoring, detection, and response to cyber threats. This role leads multidisciplinary teams across security operations, threat intelligence, incident response, and engineering, aligning SOC activities with enterprise risk, business objectives, and regulatory requirements.
The Director will develop and execute SOC strategy, enhance detection and response capabilities, manage internal staff and MSSP partners, and ensure measurable improvements through KPIs such as MTTD, MTTR, and threat detection efficacy.
Job Duties
Strategic Leadership & Governance
Develop and execute an enterprise SOC strategy aligned with corporate risk, security architecture, and business objectives.
Oversee SOC governance including policies, processes, runbooks, and incident response playbooks.
Define SOC goals, KPIs, SLAs, success metrics, and continuous improvement roadmaps.
Provide briefings and actionable insights to the CISO, executive leadership, and the board on SOC posture, threat trends, and incident impact.
Develop, standardize, and maintain core security governance documentation, including the Information Security Program, Incident Response Plan, and Security Policies and Procedures
Operational Excellence
Lead 24/7 SOC operations ensuring high‑quality monitoring, detection, analysis, threat hunting, and incident response.
Oversee escalations for anomalous activities, vulnerabilities, and significant cyber events; ensure proper triage and coordinated response.
Ensure protection and detection capabilities leverage modern analytics, automation, engineering, and industry‑accepted cybersecurity architecture practices.
Identify, categorize, and report SOC performance trends; continuously optimize processes to improve detection fidelity and reduce overall risk.
Team Leadership & Workforce Development
Lead, mentor, and develop SOC managers, engineers, analysts, and threat intelligence staff; build a high‑performing and resilient SOC culture.
Define staffing models, career pathways, training programs, and competency expectations.
Maintain strong hiring, coaching, and retention practices to address talent shortages and burnout risks.
Technology, Tools & Engineering
Oversee enterprise security monitoring, automation, endpoint, identity, network, and cloud detection capabilities
Partner with architecture and engineering teams to tune detection rules, prevention signatures, and correlation logic.
Manage SOC technology roadmap and recommend upgrades, emerging solutions, or automation enhancements.
Incident Response & Threat Management
Direct cross‑functional incident response, ensuring rapid mitigation, root‑cause analysis, and post‑incident reporting.
Lead proactive threat hunting and ensure timely consumption of threat intelligence to anticipate and mitigate emerging risks.
Ensure SOC integrates with enterprise crisis management, forensics, and business resilience functions.
Vendor, MSSP & Stakeholder Management
Manage relationships with MDR, MSSP partners and security technology vendors; ensure high‑quality service delivery and contract compliance.
Coordinate with IT, cloud teams, legal, privacy, compliance, and business units during detection and response activities.
Collaborate with Legal, Privacy, and Compliance teams to ensure SOC processes meet regulatory and data privacy requirements and provide documentation supporting security governance programs.
YOU MUST HAVE
10+ years of progressive experience in security operations, cyber defense, or threat management, with at least 5+ years in SOC leadership.
Proven hands‑on technical background in:
Firewalls, IDS/IPS
Endpoint protection/EDR
Email security
Network security
Incident response and digital investigations
Optimize detection logic, behavioral analytics, correlation rules, and automated response workflows
Strong understanding of enterprise infrastructure: networking, storage, servers, cloud, identity, and logging technologies.
Demonstrated ability to manage 24/7 operations and high‑pressure incident scenarios.
Effective communication skills with the ability to translate complex threats into clear, executive‑level language.
WE VALUE
CISSP, CISM, GCIA, GCIH, CEH, or equivalent.
Experience working in hybrid/multi‑cloud environments and with modern cloud‑native detection technologies.
Experience optimizing SOC performance via automation, threat intelligence integration, KPI monitoring, and continuous improvement frameworks.
Familiarity with MITRE ATT&CK, NIST CSF, ISO 27001, and SANS SOC maturity models.
Strong leadership, decision‑making, and crisis‑management skills.
Deep understanding of cybersecurity principles, threat actors, attack lifecycles, cryptographic concepts, and vulnerability management.
Ability to maintain confidentiality and handle sensitive information with professionalism.
Demonstrated commitment to innovation, operational excellence, and measurable security outcomes.
What's In It For You
Join a team that truly values work‑life integration and balance where your well‑being comes first.
Grow your career while diving into cutting‑edge technologies and continuous learning opportunities.
Help shape innovative IoT and control solutions that influence the everyday lives of millions.
Channel your curiosity and passion for discovery while exploring new possibilities and bringing forward bold use cases that help us pioneer the future.
About Us
Resideo Technologies has announced its intention to spin off ADI Global Distribution and establish it as a separate, publicly traded company. Under this plan, ADI will continue its role as a leading global wholesale distributor serving commercial and residential markets, while Resideo will retain its manufacturing and product-solutions business. Upon separation, both companies will operate independently to better serve their respective markets and customers. The spin-off is currently targeted for completion in the second half of 2026, subject to customary conditions.
Resideo is a $6.76 billion global manufacturer, developer, and distributor of technology-driven sensing and control solutions that help homeowners and businesses stay connected and in control of their comfort, security, energy use, and smart living. We focus on the professional channel, serving over 100,000 contractors, installers, dealers, and integrators across the HVAC, security, fire, electrical, and home comfort markets. Our products are found in more than 150 million residential and commercial spaces worldwide, with tens of millions of new devices sold annually. Trusted brands like Honeywell Home, First Alert, and Resideo power connected living for over 12.8 million customers through our Products & Solutions segment. Our ADI | Snap One segment spans 200+ stocking locations in 17 countries, offering a catalog of over 500,000 products from more than 1,000 manufacturers. With a global team of more than 14,000 employees, we offer the opportunity to make a real impact in a fast-growing, purpose-driven industry. Learn more at www.resideo.com .
At Resideo, we bring together diverse individuals to build the future of homes. Resideo is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status. For more information on applicable U.S. equal employment regulations, refer to the "EEO is the Law" poster , "EEO is the Law" Supplement Poster and the Pay Transparency Nondiscrimination Provision . Resideo complies with applicable equal employment laws in all countries where we do business. For more information on how we process your information in the job application process, please refer to Recruitment Privacy Notice . If you require a reasonable accommodation to apply for a job, please use Contact Us form for assistance.
JOB INFO
Job Identification : 18042
Job Category : Cyber Security
Posting Date : 2026-03-17T23:35:40+00:00
Job Schedule : Full time
Locations : 2201 Donley Drive, Suite 100, Austin, 78758, US; 1985 Douglas Drive North, Golden Valley, 55422, US
(On-site)
Incentive Eligible : RBP
Business : Resideo
Hiring Salary Range : The typical hiring salary for this role, ranges from USD $197608.7 to $294817.39 per year but varies by specific work location. Within a range, Resideo determines base pay for an individual based on various factors, including market conditions, skills, and experience.
Incentive Eligible (RBP) : This position is eligible for a performance-based bonus of up to 15% of the annual base salary. The bonus is contingent upon both individual and company performance.
Benefits : Resideo provides comprehensive benefits, including life and health insurance, life assistance program, accidental death and dismemberment insurance, disability insurance, 401k Plan, vacation & holidays.
US Visa Sponsorship Eligibility : This position is not eligible for US visa sponsorship
The Director of the Security Operations is a established cybersecurity leader responsible for strategic oversight, operational excellence, and continuous maturity of the SOC , ensuring 24/7 monitoring, detection, and response to cyber threats. This role leads multidisciplinary teams across security operations, threat intelligence, incident response, and engineering, aligning SOC activities with enterprise risk, business objectives, and regulatory requirements.
The Director will develop and execute SOC strategy, enhance detection and response capabilities, manage internal staff and MSSP partners, and ensure measurable improvements through KPIs such as MTTD, MTTR, and threat detection efficacy.
Job Duties
Strategic Leadership & Governance
Develop and execute an enterprise SOC strategy aligned with corporate risk, security architecture, and business objectives.
Oversee SOC governance including policies, processes, runbooks, and incident response playbooks.
Define SOC goals, KPIs, SLAs, success metrics, and continuous improvement roadmaps.
Provide briefings and actionable insights to the CISO, executive leadership, and the board on SOC posture, threat trends, and incident impact.
Develop, standardize, and maintain core security governance documentation, including the Information Security Program, Incident Response Plan, and Security Policies and Procedures
Operational Excellence
Lead 24/7 SOC operations ensuring high‑quality monitoring, detection, analysis, threat hunting, and incident response.
Oversee escalations for anomalous activities, vulnerabilities, and significant cyber events; ensure proper triage and coordinated response.
Ensure protection and detection capabilities leverage modern analytics, automation, engineering, and industry‑accepted cybersecurity architecture practices.
Identify, categorize, and report SOC performance trends; continuously optimize processes to improve detection fidelity and reduce overall risk.
Team Leadership & Workforce Development
Lead, mentor, and develop SOC managers, engineers, analysts, and threat intelligence staff; build a high‑performing and resilient SOC culture.
Define staffing models, career pathways, training programs, and competency expectations.
Maintain strong hiring, coaching, and retention practices to address talent shortages and burnout risks.
Technology, Tools & Engineering
Oversee enterprise security monitoring, automation, endpoint, identity, network, and cloud detection capabilities
Partner with architecture and engineering teams to tune detection rules, prevention signatures, and correlation logic.
Manage SOC technology roadmap and recommend upgrades, emerging solutions, or automation enhancements.
Incident Response & Threat Management
Direct cross‑functional incident response, ensuring rapid mitigation, root‑cause analysis, and post‑incident reporting.
Lead proactive threat hunting and ensure timely consumption of threat intelligence to anticipate and mitigate emerging risks.
Ensure SOC integrates with enterprise crisis management, forensics, and business resilience functions.
Vendor, MSSP & Stakeholder Management
Manage relationships with MDR, MSSP partners and security technology vendors; ensure high‑quality service delivery and contract compliance.
Coordinate with IT, cloud teams, legal, privacy, compliance, and business units during detection and response activities.
Collaborate with Legal, Privacy, and Compliance teams to ensure SOC processes meet regulatory and data privacy requirements and provide documentation supporting security governance programs.
YOU MUST HAVE
10+ years of progressive experience in security operations, cyber defense, or threat management, with at least 5+ years in SOC leadership.
Proven hands‑on technical background in:
Firewalls, IDS/IPS
Endpoint protection/EDR
Email security
Network security
Incident response and digital investigations
Optimize detection logic, behavioral analytics, correlation rules, and automated response workflows
Strong understanding of enterprise infrastructure: networking, storage, servers, cloud, identity, and logging technologies.
Demonstrated ability to manage 24/7 operations and high‑pressure incident scenarios.
Effective communication skills with the ability to translate complex threats into clear, executive‑level language.
WE VALUE
CISSP, CISM, GCIA, GCIH, CEH, or equivalent.
Experience working in hybrid/multi‑cloud environments and with modern cloud‑native detection technologies.
Experience optimizing SOC performance via automation, threat intelligence integration, KPI monitoring, and continuous improvement frameworks.
Familiarity with MITRE ATT&CK, NIST CSF, ISO 27001, and SANS SOC maturity models.
Strong leadership, decision‑making, and crisis‑management skills.
Deep understanding of cybersecurity principles, threat actors, attack lifecycles, cryptographic concepts, and vulnerability management.
Ability to maintain confidentiality and handle sensitive information with professionalism.
Demonstrated commitment to innovation, operational excellence, and measurable security outcomes.
What's In It For You
Join a team that truly values work‑life integration and balance where your well‑being comes first.
Grow your career while diving into cutting‑edge technologies and continuous learning opportunities.
Help shape innovative IoT and control solutions that influence the everyday lives of millions.
Channel your curiosity and passion for discovery while exploring new possibilities and bringing forward bold use cases that help us pioneer the future.
About Us
Resideo Technologies has announced its intention to spin off ADI Global Distribution and establish it as a separate, publicly traded company. Under this plan, ADI will continue its role as a leading global wholesale distributor serving commercial and residential markets, while Resideo will retain its manufacturing and product-solutions business. Upon separation, both companies will operate independently to better serve their respective markets and customers. The spin-off is currently targeted for completion in the second half of 2026, subject to customary conditions.
Resideo is a $6.76 billion global manufacturer, developer, and distributor of technology-driven sensing and control solutions that help homeowners and businesses stay connected and in control of their comfort, security, energy use, and smart living. We focus on the professional channel, serving over 100,000 contractors, installers, dealers, and integrators across the HVAC, security, fire, electrical, and home comfort markets. Our products are found in more than 150 million residential and commercial spaces worldwide, with tens of millions of new devices sold annually. Trusted brands like Honeywell Home, First Alert, and Resideo power connected living for over 12.8 million customers through our Products & Solutions segment. Our ADI | Snap One segment spans 200+ stocking locations in 17 countries, offering a catalog of over 500,000 products from more than 1,000 manufacturers. With a global team of more than 14,000 employees, we offer the opportunity to make a real impact in a fast-growing, purpose-driven industry. Learn more at www.resideo.com .
At Resideo, we bring together diverse individuals to build the future of homes. Resideo is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status. For more information on applicable U.S. equal employment regulations, refer to the "EEO is the Law" poster , "EEO is the Law" Supplement Poster and the Pay Transparency Nondiscrimination Provision . Resideo complies with applicable equal employment laws in all countries where we do business. For more information on how we process your information in the job application process, please refer to Recruitment Privacy Notice . If you require a reasonable accommodation to apply for a job, please use Contact Us form for assistance.
JOB INFO
Job Identification : 18042
Job Category : Cyber Security
Posting Date : 2026-03-17T23:35:40+00:00
Job Schedule : Full time
Locations : 2201 Donley Drive, Suite 100, Austin, 78758, US; 1985 Douglas Drive North, Golden Valley, 55422, US
(On-site)
Incentive Eligible : RBP
Business : Resideo
Hiring Salary Range : The typical hiring salary for this role, ranges from USD $197608.7 to $294817.39 per year but varies by specific work location. Within a range, Resideo determines base pay for an individual based on various factors, including market conditions, skills, and experience.
Incentive Eligible (RBP) : This position is eligible for a performance-based bonus of up to 15% of the annual base salary. The bonus is contingent upon both individual and company performance.
Benefits : Resideo provides comprehensive benefits, including life and health insurance, life assistance program, accidental death and dismemberment insurance, disability insurance, 401k Plan, vacation & holidays.
US Visa Sponsorship Eligibility : This position is not eligible for US visa sponsorship