Director - SOC Monitoring (AI-Driven)

About the role

We are seeking a visionary and operationally strong Director to lead our Security Operations Center (SOC) as it transforms into an AI‑augmented, autonomous cyber‑defense hub. The role oversees enterprise‑wide security monitoring, threat detection, incident response and the integration of AI, machine learning and generative AI technologies.

Key responsibilities

• Define and execute an enterprise AI‑enabled SOC strategy and roadmap.
• Lead the transition to an AI‑augmented/autonomous SOC operating model, incorporating AI/ML for threat detection, behavioral analytics, anomaly detection and predictive risk scoring.
• Drive adoption of Generative AI security copilots to boost analyst productivity and incident investigation efficiency.
• Oversee 24×7 SOC operations, managing analysts, threat hunters, detection engineers, incident responders and automation engineers.
• Direct major cyber‑incident response activities, including ransomware, APTs, insider threats, cloud compromises and AI‑enabled attacks.
• Develop capabilities to detect AI‑generated phishing, deepfake social engineering, LLM abuse, adversarial AI threats and model manipulation.
• Manage AI‑integrated security technologies such as SIEM, SOAR, UEBA, EDR/XDR and cloud‑native security analytics.
• Lead AI‑assisted threat hunting, threat intelligence integration and continuous improvement of detection engineering.

Required profile

• Visionary leadership with a strong operational mindset.
• Proven experience directing large‑scale SOC operations and transformation initiatives.
• Ability to establish governance, risk controls and ethical AI usage standards.

Required skills

• Artificial Intelligence (AI) and Machine Learning (ML) for security.
• Generative AI (GenAI) integration.
• Security Information and Event Management (SIEM).
• Security Orchestration, Automation and Response (SOAR).
• User and Entity Behavior Analytics (UEBA).
• Endpoint Detection and Response / Extended Detection and Response (EDR/XDR).
• Cloud‑native security analytics.
• Threat intelligence platforms.
• Incident response and cyber‑resilience processes.
• Behavioral analytics, anomaly detection and predictive risk scoring.
• Automation engineering and intelligent alert correlation.