SECTION I · THE BRIEF
Brief #08150Updated 07 JUL 2026BENGALURULeverSOFTWARE COMPANIES
Employbl Company Profile

Vice President - Security Operations Center and Cyber Defense

Saviynt, Inc. develops security software. The Company offers cloud security, identity governance, and administration solutions. Saviynt enables enterprises to secure applications, data, and infrastructure in a single…

Location
Bengaluru
Company size
200–1,000
Posted
1w ago
Via
Lever
Section II · Premium ProfileMembers only
  • 01Comp band & equity packageLocked
  • 02Seniority & experience requirementsLocked
  • 03Interview process & rubricLocked
  • 04Hiring manager & team contextLocked
  • 05Growth trajectory in this roleLocked
  • 06Offer & decision timelineLocked

7-day free trial · $25/mo · cancel anytime

Saviynt logo

Vice President - Security Operations Center and Cyber Defense · Saviynt

View company profile
Job title
Vice President - Security Operations Center and Cyber Defense
Job location
Bengaluru
Job description
The Vice President of Security Operations Center (SOC) at Saviynt is responsible for leading and evolving the organization’s global cyber defense capabilities. This role owns 24/7 security operations, threat detection and response, threat hunting, and incident response.
The VP SOC will define the cyber defense strategy, ensure rapid and effective response to security incidents, and provide clear, risk-based insights to executive leadership and the board. This role combines strategic vision, operational excellence, and deep technical credibility to protect the organization against modern and emerging threats.
The ideal candidate will have a proven track record of 15+ years leading high-performing cybersecurity teams, proactively identifying and mitigating threats, and driving strategic security initiatives.
WHAT YOU WILL BE DOING
  • Lead and continuously mature a 24/7 global Security Operations Center (SOC) to detect, analyze, and respond to cyber threats in real time.
  • Refine the SOC operating model, coverage strategy, escalation paths, and incident command structure.
  • Serve as Incident Commander for incidents including global coverage. Direct overall IR activities.
  • Ensure high-fidelity alerting, reduced false positives, and measurable improvements in detection and response effectiveness (MTTD, MTTR).
  • Develop and execute a Threat Hunting strategy to proactively identify advanced, stealthy, and persistent threats before escalation.
  • Drive adversary-focused detection aligned to MITRE ATT&CK and D3FEND, threat intelligence, and real-world attack patterns.
  • Establish and maintain IR playbooks, runbooks, escalation procedures, and cross-functional coordination with IT, Legal, Communications, Risk, and Compliance.
  • Lead forensic investigations, root cause analysis, and post-incident reviews to strengthen controls and prevent recurrence.
  • Lead tabletop exercises, red/purple team engagements, and breach simulations to test readiness.
  • Oversee Attack Surface Management (ASM) to continuously identify, monitor, and reduce external and internal exposure across cloud, SaaS, identity, endpoints, and networks.
  • Oversee Dark Web Monitoring initiatives to detect leaked credentials, data exposure, insider threats, and early indicators of compromise.
  • Collaborate closely with Threat Intelligence teams to track adversary TTPs, emerging threats, and sector-specific risks, translating intelligence into actionable detections and controls.
  • Develop and execute a comprehensive Cyber Defense strategy, aligning security operations with business objectives, risk appetite, and regulatory requirements.
  • Own the SOC technology stack, including SIEM, SOAR, EDR/XDR, CNAPP, cloud security tooling, case management, and forensic platforms.
  • Drive automation and orchestration to reduce manual effort and scale SOC operations efficiently.
  • Manage, mentor, and grow high-performing teams across SOC, Threat Hunting, Incident Response, and Threat Intelligence functions.
  • Establish career paths, training programs, and succession planning for security operations talent.
  • Partner with Product, Engineering, Infrastructure, Legal and HR teams to ensure alignment with security frameworks and regulatory obligations.
  • Present clear, business-aligned cyber risk metrics, threat trends, and program updates to executive leadership and the board.
  • WHAT YOU BRING
  • Bachelor’s or master’s degree in computer science, Information Security, or a related field. Or equivalent work experience with demonstrated results.
  • 15+ years of experience leading cybersecurity teams across SOC, Threat Hunting, Incident Response, Attack Surface Management, Dark Web Monitoring and Threat Intelligence.
  • Proven executive leadership and crisis management experience handling major security incidents and board-level communications.
  • Deep expertise in MITRE ATT&CK, threat intelligence frameworks, adversary emulation, and digital forensics.
  • Strong hands-on and architectural understanding of SIEM, SOAR, EDR/XDR, and cloud security technologies (AWS, Azure, GCP).
  • Experience designing and executing cyber defense strategies in large-scale, complex enterprise environments.
  • Solid knowledge of offensive security techniques and attacker methodologies, with the ability to translate them into effective defensive strategies
  • Certifications - CISSP, CISM, CCSP, or equivalent are nice to have but not a requirement
  • View job listing ↗

    Get the Saturday tech briefing

    New company profiles, funding moves, and who’s hiring across the market — every Saturday morning.

    Saviynt headquarters

    El Segundo, CA

    Company size

    2001,000 employees

    Founded

    2010

    Total raised

    $375,000,000

    View company profile ↗

    Funding rounds

    • Series B$700M
    • Debt Financing$205M
    • Debt Financing$205M
    • Private Equity$130M
    • Private Equity$130M
    • Series A$40M
    • Series A$40M