Security Operations

Position Overview

Position Overview

At Apollo, we’re a global team of alternative investment managers passionate about delivering uncommon value to our investors and shareholders. With over 30 years of proven expertise across Private Equity, Credit and Real Estate, regions and industries, we’re known for our integrated businesses, our strong investment performance, our value-oriented philosophy – and our people.

We are seeking a Cyber Investigations Lead to join our dynamic and distributed Cyber Security & Risk team. The Engineering team, comprising over 300+ members globally, manages the firm’s technology landscape. Within this, the Cyber Security & Risk team oversees and mitigates cyber risks across the organization.

In this role, you will design and implement cyber processes and technology, working with our distributed investigations team to respond to escalations.  This hybrid role involves leading investigations, testing security controls, and optimizing Apollos Cyber’s defense, strategies, and procedures. The ideal candidate has leadership experience in a Security Operations Center (SOC), a strong security background, and hands on expertise in testing/validating security controls.  Success in this role requires a deep understanding of networking, security controls, exploitation techniques, and light penetration testing. This role will also explore ways to identify threats that may have found their way inside the organization, using the latest Threat Intelligence and internal controls/toolsets. 

As the functional leader of the Security Operations Center (SOC), you will scale and develop the team, managing both in-house analysts and external partners such as MSSP and MDR providers

This is a high-impact opportunity on a growing team investing in people, processes, and technology. This role requires working flexible hours when needed to support the cybersecurity mission at Apollo If you thrive in a dynamic environment, are committed to learning and innovation, and passionate about cyber security, this is the right opportunity for you.

Primary Responsibilities

• Lead Security Operations Center services, driving key technological and procedural improvements.
• Partner with internal teams and external MSSPs to stay ahead of cyber threats and attack trends.
• Establish and track SOC performance metrics for continuous improvement.
• Build and develop a high-performing Cyber Investigations team (in-house and external MSSP and MDR partners).
• Effectively interact with colleagues across the Cybersecurity team, as well as the broader Technology and Application teams
• Oversee the security incident triage identified by internal controls or external SOC partners and escalate as appropriate.
• Conduct threat research, incident response, and automation workflows.
• Enhance detection, investigation, and response capabilities through automation and enrichment.
• Detects, identifies, and responds to cyber events, threats, security risks and vulnerabilities in line with cyber security policies and procedures.
• Identify opportunities to contain, obstruct, and deter adversaries.
• Lead threat hunting efforts, leveraging intelligence and internal tools
• Document and manage the incident lifecycle, ensuring clear handoffs and escalations.
• Optimize security tools and workflows in partnership with security and platform engineering teams.
• Strengthen incident response planning and execution, ensuring measurable security improvements. Align with GRC team and drive postmortem exercises to strengthen security posture and GRC control testing.

Qualifications & Experience

Education:

• Bachelor’s degree in computer science, Information Technology, or related field.
• Professional Certifications such as CISSP, CISM, CEH, GCIH, GCIA, GSOC are a plus.

Experience Required:  

• 8+ years in Enterprise Cybersecurity, or equivalent experience in a consulting firm or public sector offering security operations.
• Experience with SIEM tools (Splunk, SumoLogic, Sentinel, QRadar, etc.) and Endpoint Detection & Response tools (CrowdStrike, CarbonBlack, SentinelOne, etc.)
• Previous work in 24x7 SOC environments.
• Proficiency in SQL, Python, PowerShell scripting, and SOAR integration preferred.
• Excellent communication and self-management skills.
• Experience testing and validating security controls.

Apollo Global Management Inc. is an equal opportunity/affirmative action employer.  The firm and its affiliates do not discriminate in employment because of race, color, religion, gender, national origin, veteran status, disability, age, citizenship, marital or domestic/civil partnership status, sexual orientation, gender identity or expression or because of any other criteria prohibited under controlling federal, state or local law.

Pay Range

Apollo Global Management, Inc. (together with its subsidiaries and affiliates) is committed to championing opportunity.

The firm and its affiliates comply with applicable discrimination and equal opportunities legislation in all of its jurisdictions and do not discriminate in employment or recruitment based on race, color, religion, gender, national origin, veteran status, disability, age, citizenship, marital or domestic/civil partnership status, sexual orientation, gender identity or expression or any other protected characteristic under applicable law.

The contents of the qualifications and experience section of this job description are a guideline only. If an applicant can otherwise demonstrate their suitability for the role they will be considered.

The base salary range for this position is listed above. This position is also eligible for a discretionary annual bonus based on personal, team, and Firm performance. Compensation ranges are based on several factors including job function, level, and geographic location. Final offer amounts are determined by multiple factors including candidate experience and expertise, and may vary from the amounts listed here.