Role Description ECS is seeking a Director, Security Operations to work remotely. This position is contingent upon contract award. We are seeking a Director of Security Operations Center (SOC) to lead and mature our Enterprise Security Operations Center responsible for protecting the organization’s digital assets, infrastructure, and data. This leader will oversee the SOC analysts and security engineering teams, driving operational excellence across threat detection, investigation, response, and security platform engineering. Reporting directly to the Senior Director of Operations, the Director will be responsible for: - Building a high-performing team - Optimizing SOC processes - Ensuring the organization maintains strong visibility into threats across the enterprise environment The role requires a strategic and operational leader who can translate evolving threat intelligence and security technologies into effective defensive capabilities while maintaining close collaboration with enterprise technology, risk, and executive leadership. Responsibilities - Lead Enterprise SOC Operations: - Direct the day-to-day operations of the Security Operations Center, ensuring effective monitoring, detection, investigation, and response to security events across the enterprise environment. - Manage SOC and Security Engineering Teams: - Lead and develop high-performing SOC analysts and security engineers, establishing clear objectives, operational standards, and professional development pathways. - Oversee Security Incident Response: - Serve as the operational leader during major security incidents, coordinating investigation, containment, eradication, and recovery activities while ensuring timely communication with executive leadership. - Drive Detection and Monitoring Strategy: - Ensure the continuous improvement of detection capabilities across SIEM, EDR, and other security platforms through collaboration with our MSSP. - Operationalize Security Technologies: - Oversee the engineering, configuration, and optimization of core security platforms including SIEM, endpoint detection and response, vulnerability management, and data protection technologies. - Establish SOC Metrics and Reporting: - Define and track key SOC performance metrics such as MTTD, MTTR, alert fidelity, and detection coverage, delivering regular operational reporting to senior leadership. - Develop and Maintain SOC Processes and Playbooks: - Ensure the SOC operates under well-defined procedures, playbooks, and escalation processes aligned with enterprise security policies and industry best practices. - Strengthen Cross-Functional Collaboration: - Partner with IT, infrastructure, risk, and compliance teams to ensure security monitoring and response capabilities are integrated across enterprise systems and platforms. - Drive Continuous Improvement and Innovation: - Identify opportunities to enhance SOC capabilities through automation, advanced analytics, threat-informed defense strategies, and emerging security technologies. - Support Enterprise Security Strategy: - Contribute to the broader cybersecurity program by aligning SOC capabilities with organizational risk priorities, regulatory requirements, and long-term security strategy. Qualifications - Minimum of 15 years of progressive experience in cybersecurity, with substantial experience leading security operations or security engineering functions. - Proven experience serving as a Director or equivalent senior leadership role overseeing cybersecurity teams and security operations programs. - Deep understanding of SOC operations including threat detection, investigation, incident response, and operational security monitoring. - Hands-on familiarity with enterprise security technologies such as SIEM, EDR, vulnerability management platforms, network security controls, and cloud security monitoring tools. - Demonstrated experience leading complex security incident investigations and coordinating response efforts across technical and executive stakeholders. - Proven ability to recruit, develop, and manage high-performing cybersecurity teams in a fast-paced operational environment. - Experience building and improving security operations programs, including process development, capability maturity, and operational metrics. - Strong understanding of modern enterprise IT environments including cloud platforms, endpoint ecosystems, identity systems, and network infrastructure. - Strong understanding of cybersecurity compliance requirements and the ability to map SOC operations, security technologies, and monitoring capabilities to established frameworks such as NIST CSF, NIST 800-53, ISO 27001, FedRAMP, or similar regulatory and governance standards. - Ability to clearly communicate complex cybersecurity risks, incidents, and operational metrics to senior leadership and non-technical stakeholders. Requirements - Salary Range: $180,000 - $230,000 Benefits - General Description of Benefits

Company Description About Sibylline Sibylline is a leading intelligence and strategic risk consultancy in the security sector. Since 2010 we have supported businesses, governments and NGOs through the provision of high-quality risk analysis, due diligence and consultancy services. The firm provides an innovative, entrepreneurial and fast-growing working environment, offering employees ever greater exposure to high-profile clients and challenges. Sibylline offers fantastic opportunities for career progression within a successful company, and we aim to help our employees to build their own personal profiles as well-regarded analysts within the broader industry. Key attributes of Sibylline employees are: - Self-motivated, and auto-improving individuals who can couple initiative and boldness with good judgement - Excellent written and spoken English - Clarity of thought and analytical flair - Strong, demonstrable interest in security and intelligence - The ability to work under pressure, demonstrate leadership when required but also be able to collaborate effectively in teams - Excellent attention to detail Job Description About the Role We are looking for a VSOC Analyst to join us in an embedded role for a virtual 24/7 security operations center (VSOC). Using the latest industry technologies and practices, you will identify, analyze, and advise on adverse conditions and threats that could affect the safety, security and operational continuity of the client and its users. These conditions include (but are not limited to): political instability and unrest, armed conflict, crime, terrorism, natural hazards, cyber threats and online malign actors. Being embedded with the client, you will engage directly with the client to provide immediate support and consulting, and assistance with trust and safety issues. This is a fully remote role based in Brazil and involves shift work on a “follow the sun” model and weekend work. Please submit your CV and application in English. Responsibilities - Use all-source intelligence (including alert feeds, traditional and social media, and in-house sources) to monitor security incidents and trends within the client’s areas of operation and locations to assess the likely impact on staff, assets, operations, events and reputation - Support the Client’s trust and safety function to monitor and respond to issues on or with the client’s platform. - Escalate security incidents to client stakeholders, following efficient and rehearsed procedures. - Maintain visibility on employee movements and their proximity to notable incidents and events, advising accordingly through required reporting methods - Participate in training and drills to rehearse incident preparation and response SOPs. - Support internal stakeholders with ad hoc reporting on geopolitical developments, scenario planning, forecasts and other related topics - Be an effective member of a dispersed small team, focused on the delivery of lean, high-impact services - Research and analyse a wide range of information to create insightful analysis in accordance with strict deadlines, including presenting and incorporating relevant data and visualisations. Requirements - Fluent in English (written and verbal) - Bachelor's degree in international relations, Security Studies, Criminal Justice, Journalism, or related field - At least 1-3 years' experience in an intelligence or customer-focused role in geopolitical risk, corporate security, government, law enforcement or similar - Ability to interpret, organise and visualise data - Ability to determine how geopolitical and security threats could impact private sector operations, travellers and sites - Excellent research skills, with the ability to rapidly digest, evaluate and “sift” large quantities of information from a range of sources - Ability to provide rigorous, creative insight into complex situations - Ability to multi-task in a fast-paced working environment and work in both individual and team environments - Excellent attention to detail - High-level competency with MS Office and Google Workspace tools - Must have the right to work in Brazil Nice to have - Advanced degree (Master’s or above) - Additional language skills - Strong professional network - Experience working in intelligence, geopolitical or security-related disciplines - Familiarity and experience with a specific geographic region, ideally aligned with language skills - Strong personal initiative, with the ability to take ownership of tasks and deliver solutions under minimal guidance. - Familiarity with social media platforms, the gaming industry and legislative issues related to both - Experience with mass notification systems, analytical software or OSINT tools including Everbridge, Navigator and Genetec. Additional Information Interview process: - Initial call with our Talent Acquisition team member - Timed written assessment (arranged at the time that suits you) to test writing and analytical capability - Panel interview with some of the team members and hiring managers at Sibylline - Meet and Greet with the client Research indicates that certain groups are less likely to apply for a position unless they meet every single requirement. If you feel you meet some of the requirements and can offer a unique perspective to this role, we strongly encourage you to apply—you might be the perfect fit we're looking for! Sibylline is committed to the recruitment and selection of candidates without regard for sexual orientation, gender, ethnicity, age, political beliefs, culture and lifestyle. We are committed to fostering a business culture that reflects these values and promotes equal opportunity.

Cloud Security Engineer - Security Operations Department: IT Employment Type: Permanent - Full Time Location: Home India Description The Cloud Vulnerability Detection, Response, and Remediation Subject Matter Expert (SME) is responsible for leading efforts to identify, assess, and remediate vulnerabilities across cloud environments. This role involves proactive threat detection, incident response, and collaboration with cloud engineering and security teams to ensure the security and compliance of cloud infrastructure and services. Key Responsibilities - Lead cloud vulnerability management initiatives across AWS, Azure, and GCP environments. - Conduct regular vulnerability scans and assessments using cloud-native and third-party tools (e.g., AWS Inspector, Azure Security Center, Prisma Cloud). - Analyze scan results and prioritize remediation based on risk and impact. - Collaborate with cloud engineering and DevOps teams to implement security patches and configuration changes. - Monitor cloud environments for indicators of compromise and anomalous activity. - Respond to cloud security incidents and provide expert guidance on containment and remediation. - Develop and maintain cloud security policies, procedures, and playbooks. - Ensure compliance with cloud security standards such as CIS Benchmarks, NIST, ISO 27001, and regulatory requirements. - Provide regular reporting on cloud vulnerability trends and remediation status. - Stay current with emerging cloud threats, vulnerabilities, and security technologies. Skills, Knowledge & Expertise - Bachelor’s degree in Computer Science, Information Security, or related field. - 5+ years of experience in cloud security, vulnerability management, or incident response. - Strong understanding of cloud architectures and services (AWS, Azure, GCP). - Hands-on experience with cloud security tools and platforms (e.g., AWS Inspector, Azure Defender, Prisma Cloud) - Experience with SIEM and cloud monitoring tools (e.g., Splunk, Azure Sentinel, AWS CloudTrail). - Relevant certifications such as AWS Certified Security, Azure Security Engineer, CISSP, or CCSP. - Excellent analytical, communication, and problem-solving skills. - Experience with container security and orchestration platforms (e.g., Kubernetes, Docker). - Knowledge of cloud compliance frameworks and audit processes. - Familiarity with automation tools (e.g., Terraform, Ansible) for cloud security operations. - Understanding of cloud identity and access management (IAM) best practices. - ServiceNow Certified System Administrator (CSA) or Certified Implementation Specialist (CIS). - ITIL Foundation certification. - Experience with other ITSM tools and platforms.

Monitor security events and conduct advanced incident response in Microsoft 365 E5 environments while enforcing compliance requirements. Collaborate with teams for vulnerability management and proactive threat detection to enhance security posture.