Director of Security Operations(EMEA, EST)

Description of Duties

Would you like to create a meaningfully useful, modern SecOps product on top of the Grafana stack, available open source to any Grafana user?  Would you like to build the security operations function behind Grafana’s open source software stack and Grafana Cloud?  Would you like to grow a SecOps team from a beautiful acorn to a collaborative, transparent and highly capable 24x7 unit?  Do you want to build great tools and experiences, then open source them to the community?

We are bootstrapping this function, so this is initially a people and technical management position with an expectation of an appropriate blend of hands-on and leadership responsibilities.  As the team scales out this role will evolve into more of a leadership and product strategy role, though one still suited to a highly technical individual.  This is a 100% remote role reporting to the CISO, alongside the leads for Security Engineering and Security Assurance.  We don’t anticipate on-call requirements as we intend (for you) to hire a geographically dispersed SOC team to begin fleshing out an on-call rota.

We have a blogpost out covering the values behind the kind of team we’d like to build.  Check it out here.

Key Responsibilities

• Lead the product strategy for Grafana’s community-first, open source security operations tooling and features
• Lead the creation of a SecOps function and associated process at Grafana
• Build and lead the Security Operations team from initiation, through 24x7 on-call to 24x7 live coverage (hiring, performance management, etc)
• Act as a point of escalation and trusted stakeholder during security incident response
• Bring your experience, help shape Grafana’s overall security strategy and execution
• Liaising with R&D and IT teams to ensure appropriate instrumentation, logging and 
• Creating and leading an incident training & exercising framework
• Lots of purple team things, including input into our nascent business-wide red team practice 
• Lead the initial forays into building a right-sized security operations capability on the Grafana stack, then open-sourcing all our work
• Internal and external thought leadership around security operations, detection & response, threat hunting, etc

An ideal candidate might possess:

• 5+ years of experience working in a security engineering or security operations role, ideally in DevOps Cloud-native organizations
• Of that, 2+ years of management or team leader experience
• Experience with operating in, instrumenting and supporting SecOps on AWS/GCP/Azure and containerised environments (e.g., AWS ECS, containerd, k8s, etc)
• Experience with both open and closed source SecOps tooling and capabilities, ideally contributing to open source
• Solid practical cyber incident management / CSIRT experience
• Experience growing and mentoring SOC analysts and engineers
• Experience managing geographically dispersed and follow-the-sun SecOps teams
• If you’ve also got opinions about digital forensics, great!

What you’ll bring to the role

• A continual bias to action and ongoing sense of curiosity
• A commitment to autonomy  - both in yourself and supporting this in others
• Very strong communication and project management skills and an appetite for evangelism
• Passionate about mentoring and growing talent, empathic management practices and building a healthy workplace
• A passion for knowledge sharing and education, bringing everyone else up to your level
• Fantastic and proven communication, collaboration and stakeholder management skills
• An interest in Grafana’s stack and a desire to contribute to our open source foundations - We love dogfooding and giving back!