Director of Security Operations, Remote

The Director of Security Operations will be responsible for overseeing the daily operations of the organization's security operations center (SOC) and managing a team of security professionals. This role involves developing and implementing security policies, incident response protocols, and security monitoring strategies. The ideal candidate will be proactive, detail-oriented, and capable of identifying and mitigating security threats to protect the organization's assets, data, and reputation. In this role, you will lead by example of being a highly technical leader who delivers high business impact on multiple projects of increasing dependencies and ambiguity.

Primary Duties:

• Impact: Balance short and long-term business impact by developing strategies to manage risks. 
• Security Operations Center (SOC) Oversight:
• Oversee the daily operations of the SOC, ensuring effective monitoring, detection, analysis, and response to security incidents.
• Develop and maintain SOC procedures, playbooks, and incident response protocols.
• Ensure 24/7 coverage and response capability, including managing shifts, on-call rotations, and escalations.
• Incident Response and Threat Management:
• Lead the development and execution of incident response plans and processes.
• Coordinate and manage security incidents, including detection, containment, eradication, and recovery efforts.
• Conduct post-incident reviews, root cause analysis, and implement improvements based on lessons learned.
• Security Monitoring and Threat Intelligence:
• Implement and maintain security monitoring tools, including SIEM, IDS/IPS, EDR, and other security technologies.
• Utilize threat intelligence feeds and sources to stay informed about emerging threats and vulnerabilities.
• Develop and maintain metrics and reports to track the effectiveness of security monitoring and incident response activities.
• Vulnerability Management:
• Oversee the vulnerability management program, including regular scanning, assessment, and remediation efforts.
• Work with IT and development teams to prioritize and address vulnerabilities and security gaps.
• Ensure that patch management processes are effective and up to date.
• Security Policies and Compliance:
• Develop, implement, and enforce security policies, standards, and procedures that align with industry best practices and regulatory requirements.
• Ensure compliance with relevant regulations and standards (e.g.,SOC2, HIPAA, ISO27001).
• Coordinate with Compliance teams for  internal and external security audits, and respond to audit findings.
• Risk Management:
• Identify, assess, and mitigate security risks to the organization’s assets and operations.
• Provide recommendations for risk mitigation and reduction.
• People: Develop outstanding teams using a combination of world-class-hiring and direct-timely-actionable feedback to develop security talent. 
• Lead, mentor, and manage the Security Operations team, including SOC analysts, incident responders, and other security staff.
• Foster a collaborative and high-performing team environment, encouraging continuous learning and development.
• Define roles, responsibilities, and expectations for the security operations team, ensuring alignment with organizational goals.
• Execution: Set aggressive yet clear goals and remove all roadblocks for the team to achieve them. 
• Collaboration: Develop strong relationships and work cross-functionally with many partners across organizations and functions, and as a result, increase the impact of the team’s work.
• Work closely with IT, product development, legal, and other departments to ensure security requirements are integrated into projects and initiatives.
• Communicate security incidents, and metrics to executive leadership and key stakeholders.
• Provide security awareness training and education to employees across the organization.
• Company: Work closely with company-wide leaders to drive excellence in our processes and systems that protect patients, our employees, and Aledade as a 

Minimum Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field (Master’s degree preferred).
• Minimum of 10 years of experience in security operations, with at least 5 years in a leadership or management role.
• Proven experience in managing a SOC and leading incident response efforts.
• Strong understanding of security technologies, including SIEM, IDS/IPS, EDR, firewalls, and vulnerability management tools.
• Ability to work effectively in high-pressure situations and manage multiple priorities.
• Experience with regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS).

Preferred Knowledge, Skills, and/or Abilities:

• Excellent leadership, communication, and interpersonal skills.
• Strong analytical and problem-solving abilities with a proactive and forward-thinking approach.
• In-depth knowledge of security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).

Who We Are:Aledade, a public benefit corporation, exists to empower the most transformational part of our health care landscape - independent primary care. We were founded in 2014, and since then, we've become the largest network of independent primary care in the country - helping practices, health centers and clinics deliver better care to their patients and thrive in value-based care. Additionally, by creating value-based contracts across a wide variety of payers, we aim to flip the script on the traditional fee-for-service model. Our work strengthens continuity of care, aligns incentives, and ensures primary care physicians are paid for what they do best - keeping patients healthy. If you want to help create a health care system that is good for patients, good for practices and good for society - and if you're eager to join a collaborative, inclusive and remote-first culture - you've come to the right place.
What Does This Mean for You?At Aledade, you will be part of a creative culture that is driven by a passion for tackling complex issues with respect, open-mindedness and a desire to learn. You will collaborate with team members who bring a wide range of experiences, interests, backgrounds, beliefs and achievements to their work - and who are all united by a shared passion for public health and a commitment to the Aledade mission.
In addition to time off to support work-life balance and enjoyment, we offer the following comprehensive benefits package designed for the overall well-being of our team members:Flexible work schedules and the ability to work remotely are available for many rolesHealth, dental and vision insurance paid up to 80% for employees, dependents, and domestic partners Robust time off plan 21 days of PTO in your first year 2 Paid Volunteer Days & 11 paid holidays12 weeks paid Parental Leave for all new parents6 weeks paid sabbatical after 6 years of serviceEducational Assistant Program & Clinical Employee Reimbursement Program401(K) with up to 4% matchStock optionsAnd much more!
At Aledade, we don’t just accept differences, we celebrate them!   We strive to attract, develop, and retain highly qualified individuals representing the diverse communities where we live and work. Aledade is committed to creating a diverse environment and is proud to be an equal opportunity employer. Employment policies and decisions at Aledade are based on merit, qualifications, performance, and business needs. All qualified candidates will receive consideration for employment without regard to age, race, color, national origin, gender (including pregnancy, childbirth or medical conditions related to pregnancy or childbirth), gender identity or expression, religion, physical or mental disability, medical condition, legally protected genetic information, marital status, veteran status, or sexual orientation.
Privacy Policy: By applying for this job, you agree to Aledade's Applicant Privacy Policy available at  https://www.aledade.com/privacy-policy-applicants