Senior Director, Security Operations - Hosting

Job Description

Location Details: USA Remote

At GoDaddy the future of work looks different for each team. Some teams work in the office full-time, others have a hybrid arrangement (they work remotely some days and in the office some days) and some work entirely remotely.

Remote: This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.

This position is not eligible to be performed in Alaska, Mississippi, North Dakota, or the Virgin Islands.

What you'll get to do...

As a Senior Director of Security Operations Hosting, in GoDaddy's Information Security division, this critical role will own, drive and establish our multi-year security strategy for the Information Security program. With core accountabilities across establishing, scaling and operationalizing dedicated security monitoring, detection and incident response functions to support GoDaddy’s hosting business.

• Establish a dedicated cyber security operations team to ensure security of hosting environment, systems and services
• Develop, coach, and mentor a team of engineers and growth leaders, whilst collaborating closely with product/program managers, other engineering leaders and business partners
• Own the enterprise security strategy, to operationalize detection, monitoring and response capabilities imperative to support the business
• Mature monitoring and response capabilities with a growing team for hosting environments. Drive incident investigations, respond to threats, root cause events, and lead change
• Establish 24/7/365; follow-the-sun coverage, which monitors and mitigates operational/cybersecurity challenges
• Establish threat-hunting capabilities required to pro-actively detect and mitigate threats
• Drive program management activities required to establish effective incident management and notification protocols
• Build capabilities required to develop custom detection rules based on threat intel feeds and IOCs pertinent to hosting environment
• Develop security orchestration, automation and response capabilities required to respond to security events faster
• Establish malware analysis and behavioral anomaly detection capabilities required to detect and mitigate evolving threats
• Partner with business stakeholders to help define and prioritize security initiatives and investments
• Develop metrics and performance indicators to measure efficiency of security functions and capabilities
• Operationalize continuous testing and validation of security controls
• Develop and lead effective incident management and notification protocols
• Partner with internal and external audit teams to drive gap assessments, cyber security audits and other audit functions required to support the organization
• Partner closely with Finance, Operations, IT, executive management, and key product leaders to build a shared vision

Your experience should include...

• 10+ years proven ability in cyber security operations, Incident Response or related function
• 5+ years demonstrated ability in leading teams, being responsible for security operations, incident response and related functions
• Experience establishing security strategy, goals and targets
• Well versed in NIST SP 800-53, NIST CSF and other maturity assessment methodologies
• Well versed in developing custom detection rules and signatures to detect anomalies in business-critical systems/networks
• Familiarity with network-based anomaly detection, netflow, packer capture. Experience developing and deploying network security detections at scale
• Expertise in leading security investigations on Windows, Mac and *nix systems
• Well versed in technologies like SIEM, SOAR, EDR, IDS, IPS and Firewalls
• Prior experience handling security incidents, working with internal and external partners to support notification protocols
• Experience establishing and scaling security operations capabilities required to provide 24/7/365 coverage
• Experience with threat modeling or other risk identification techniques, and risk management
• Ability to work in a fast-paced environment with minimal process and maximum productivity
• Solid project management experience desired for working on multi-functional projects
• Consistent track record of project delivery for large, multi-functional projects with evolving requirements
• Validated ability, in leading and mentoring other managers and security engineers whilst building and maintaining high agility and high morale
• Excellent written and verbal technical communication with an ability to communicate sophisticated technical information in a clear and concise manner to a variety of audiences

You might also have...

• Masters in Information Security
• Bachelor’s Degree in Information Security, Computer Science or a related field

We've got your back... We offer a range of benefits that may include paid time off, retirement savings (e.g., 401k, pension schemes), incentive eligibility, equity grants, participation in an employee stock purchase plan, and other family-friendly benefits including parental leave. GoDaddy’s benefits vary based on individual role and location and can be reviewed in more detail during the interview process.

We also embrace our diverse culture and offer a range of Employee Resource Groups (Culture). Have a side hustle? No problem. We love entrepreneurs! Most importantly, come as you are and make your own way.

About us... GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us.

At GoDaddy, we know diverse teams build better products—period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences and perspectives. But we also know that’s not enough to build true equity and belonging in our communities. That’s why we prioritize integrating diversity, equity, inclusion and belonging principles into the core of how we work every day—focusing not only on our employee experience, but also our customer experience and operations. It’s the best way to serve our mission of empowering entrepreneurs everywhere, and making opportunity more inclusive for all. To read more about these commitments, as well as our representation and pay equity data, check out our Diversity and Pay Parity annual report which can be found on our Diversity Careers page.

GoDaddy is proud to be an equal opportunity employer. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Refer to our full EEO policy.

Our recruiting team is available to assist you in completing your application. If they could be helpful, please reach out to [email protected].

GoDaddy doesn’t accept unsolicited resumes from recruiters or employment agencies.