Director - Cybersecurity Operations

Job Description:
Director of Cybersecurity Operations (Vertex Inc.)

Position summary

Vertex is seeking a Director of Cybersecurity Operations to lead the end-to-end operational

defense of the enterprise against modern, AI-enabled threats. This leader will build and

continuously improve a resilient, intelligence-driven cyber operations program across Security

Operations, Incident Response & Recovery, Threat Management & Testing, and Analytics & AI

Governance, while ensuring operational excellence across a multi-cloud environment.

Cybersecurity’s operating model is being reshaped by AI: adversaries move faster, automate

reconnaissance and exploitation and use synthetic content to bypass traditional controls. In

parallel, organizations are rapidly deploying AI systems (LLMs, ML models, APIs, data

pipelines) that expand the attack surface and introduce new risk categories (prompt injection,

model/data poisoning, model extraction, data leakage, deepfakes). This role provides the

leadership required to operationalize AI-driven analytics and automation, enforce AI governance

guardrails, and maintain resilience, compliance, and trust at scale.

Reporting relationship

Reports to the CISO and partners closely with Cloud Engineering, Infrastructure/IT, Product &
- Application Security, Risk & Compliance, Legal/Privacy, and Business Continuity.

What you’ll do

Security Operations (AI-augmented defense & detection engineering)
- Lead a modern SecOps program delivering continuous monitoring, alert triage,
- investigation, and response coordination across a multi-cloud environment.
- Own the strategy and execution for SIEM/SOAR, endpoint and identity telemetry, cloud
- security signals, and centralized log management (collection, normalization, retention,
- and integrity).
- Build and run a detection engineering function: develop, tune, and maintain detections
- mapped to attacker behaviors (e.g., MITRE ATT&CK), validate coverage, and reduce
- false positives.
- Operationalize AI-assisted triage and correlation (e.g., anomaly detection, alert
- enrichment, case summarization) with measurable improvements in fidelity and analyst
- efficiency.
- Establish guardrails for SecOps automation (human-in-the-loop controls, auditability,
- testing, rollback procedures, and change governance).

Incident Response & Recovery (AI-enabled IR & forensics)
- Own the incident response lifecycle: readiness, identification, containment, eradication,
- recovery, and post-incident lessons learned.
- Drive the development and maintenance of playbooks (including cloud-native, AI, and
- identity-centric scenarios) and ensure consistent execution through training and exercises.
- Operationalize digital forensics and evidence handling capabilities (chain of custody,
- investigation workflows, endpoint/cloud log forensics), including emerging needs such as
- detection of synthetic artifacts and AI-enabled fraud.
- Partner with Business Continuity/DR teams to validate recovery strategies and ensure
- response operations support resiliency objectives.
- Plan and execute tabletop exercises that simulate high-speed, AI-driven adversaries and
- validate decision-making, communications, and escalation paths.

3) Threat Management & Testing (AI-enhanced intel, hunting, and purple
- teaming)
- Build a threat management program that connects threat intelligence detection
- engineering hunting testing remediation.
- Lead threat intelligence intake and prioritization efforts focused on Vertex’s business
- risks, including AI-enabled attacker tradecraft and cloud attack paths.
- Run proactive threat hunting using behavior-based hypotheses, analytics, and cross
- domain telemetry to uncover low-signal, multi-stage activity.
- Oversee enterprise penetration testing and adversary emulation, including assessments of

cloud control planes, identities, APIs, and AI/LLM attack surfaces where applicable.
- Establish a purple teaming cadence to continuously validate detection and response

effectiveness, improving readiness through measurable outcomes.

4) Analytics & AI governance (AI/security analytics and guardrails)
- Create a security analytics strategy that uses AI/ML and advanced correlation to improve

detection fidelity, accelerate investigations, and forecast operational risk.
- Partner with data, engineering, and governance stakeholders to ensure telemetry and

labeling are fit for analytics and model-driven detection

n. Enforce AI governance alignment for security operations: policy, controls, and

monitoring for enterprise AI systems (model risk considerations, access controls, data

handling, prompt/input logging where appropriate, and adversarial testing expectations).
- Ensure AI-enabled security automation is validated, explainable where necessary,

auditable, and compliant—never blindly trusted.

Program leadership & operating model
- Set the strategy and roadmap for cyber operations, main