Senior Director, Security Operations - Hosting

Location Details: USA Remote

At GoDaddy the future of work looks different for each team. Some teams work in the office full-time, others have a hybrid arrangement (they work remotely some days and in the office some days) and some work entirely remotely.

Remote: This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.

This position is not eligible to be performed in Alaska, Mississippi, North Dakota, or the Virgin Islands.

What you'll get to do...

As a Senior Director of Security Operations Hosting, in GoDaddy's Information Security division, this critical role will own, drive and establish our multi-year security strategy for the Information Security program. With core accountabilities across establishing, scaling and operationalizing dedicated security monitoring, detection and incident response functions to support GoDaddy’s hosting business.

• Drive program management activities required to establish effective incident management and notification protocols
• Partner with internal and external audit teams to drive gap assessments, cyber security audits and other audit functions required to support the organization
• Establish 24/7/365; follow-the-sun coverage, which monitors and mitigates operational/cybersecurity challenges
• Build capabilities required to develop custom detection rules based on threat intel feeds and IOCs pertinent to hosting environment
• Establish a dedicated cyber security operations team to ensure security of hosting environment, systems and services
• Establish malware analysis and behavioral anomaly detection capabilities required to detect and mitigate evolving threats
• Partner with business stakeholders to help define and prioritize security initiatives and investments
• Develop, coach, and mentor a team of engineers and growth leaders, whilst collaborating closely with product/program managers, other engineering leaders and business partners
• Develop metrics and performance indicators to measure efficiency of security functions and capabilities
• Own the enterprise security strategy, to operationalize detection, monitoring and response capabilities imperative to support the business
• Develop and lead effective incident management and notification protocols
• Develop security orchestration, automation and response capabilities required to respond to security events faster
• Operationalize continuous testing and validation of security controls
• Establish threat-hunting capabilities required to pro-actively detect and mitigate threats
• Mature monitoring and response capabilities with a growing team for hosting environments. Drive incident investigations, respond to threats, root cause events, and lead change
• Partner closely with Finance, Operations, IT, executive management, and key product leaders to build a shared vision

Your experience should include...

• Familiarity with network-based anomaly detection, netflow, packer capture. Experience developing and deploying network security detections at scale
• Excellent written and verbal technical communication with an ability to communicate sophisticated technical information in a clear and concise manner to a variety of audiences
• Well versed in technologies like SIEM, SOAR, EDR, IDS, IPS and Firewalls
• 5+ years demonstrated ability in leading teams, being responsible for security operations, incident response and related functions
• Experience establishing and scaling security operations capabilities required to provide 24/7/365 coverage
• Well versed in NIST SP 800-53, NIST CSF and other maturity assessment methodologies
• Consistent track record of project delivery for large, multi-functional projects with evolving requirements
• Experience with threat modeling or other risk identification techniques, and risk management
• Experience establishing security strategy, goals and targets
• Solid project management experience desired for working on multi-functional projects
• Ability to work in a fast-paced environment with minimal process and maximum productivity
• Well versed in developing custom detection rules and signatures to detect anomalies in business-critical systems/networks
• Validated ability, in leading and mentoring other managers and security engineers whilst building and maintaining high agility and high morale
• Prior experience handling security incidents, working with internal and external partners to support notification protocols
• 10+ years proven ability in cyber security operations, Incident Response or related function
• Expertise in leading security investigations on Windows, Mac and *nix systems

You might also have...

• Masters in Information Security
• Bachelor’s Degree in Information Security, Computer Science or a related field

We've got your back... Enjoy our many benefits (My Wallet), which may vary depending on role and tenure, including paid time off, 401k, bonus eligibility, equity grants and parental leave. Join one of our employee resource groups (Culture). Once approved, continue to have a side hustle if you have one (we love entrepreneurs, remember?). Most importantly, come as you are and make your own way.

About us... GoDaddy is empowering everyday entrepreneurs around the world by providing all of the help and tools to succeed online. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights and the people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us (https://aboutus.godaddy.net/about-us/overview/default.aspx.)

GoDaddy is proud to be an equal opportunity employer. We will not discriminate against any applicant or employee on the basis of age, race, color, ethnicity, national origin, citizenship, religion, creed, sex, sexual orientation, gender, gender identity or expression (including against any individual that is transitioning, has transitioned, or is perceived to be transitioning), marital status or civil partnership/union status, physical or mental disability, medical condition, pregnancy, childbirth, genetic information, military and veteran status, or any other basis prohibited by applicable federal, state or local law. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements.

If you need help completing an application for a position with GoDaddy, please reach out to our Recruiting Team at [email protected].

GoDaddy doesn’t accept unsolicited resumes from recruiters or employment agencies.