We are hiring a
Director of Security Operations to own and mature MACOM's detection, response, and security operations program. This is a
player-coach role: you will lead and develop a team of security engineers and SOC analysts while remaining hands-on in detection engineering, incident response, and technical security work. You will own MACOM's security operations stack end-to-end, run our hybrid SOC (a 24/7 managed detection partner plus an internal analyst team), and serve as the operational backbone of our incident response and insider-risk programs.
You will operate in a regulated, defense-adjacent environment - CMMC, ITAR/EAR, SOX, SEC cyber-disclosure, and an OT/ICS manufacturing footprint - where the quality of detection and response has direct compliance and disclosure consequence.
Key Responsibilities
Security operations & tooling - Own, operate, and report on the security operations stack - endpoint detection and response (EDR), email security, removable-media/USB encryption, DLP/insider-risk tooling, and related controls - including configuration, health, coverage, and lifecycle.
- Own budget and vendor management for the security operations tool portfolio.
Detection & SOC management - Run the hybrid SOC: govern the 24/7 managed detection (MDR/co-managed) relationship - SLAs, escalation quality, and coverage accountability - while leading the internal analyst team.
- Own detection engineering and content management: use-case development, tuning, detection-as-code, telemetry/log-source onboarding, and MITRE ATT&CK coverage mapping.
- Lead threat hunting and operationalize threat intelligence into detections and hunts.
- Drive security automation and orchestration (SOAR) and develop response runbooks and playbooks.
- Own security monitoring of OT/ICS telemetry across the manufacturing environment, partnering with OT/engineering teams on coverage and response.
Incident response & preparedness - Own incident preparedness and response: IR plan and playbook maintenance, DFIR retainer management, and post-incident reviews.
- Run tabletop and purple-team exercises to validate detection and response readiness.
- Serve as the operational front end of the executive incident-disclosure process, providing timely, accurate technical input to support materiality determinations under SEC cyber-disclosure rules.
Insider risk, investigations & legal partnership - Partner with Legal on insider-threat investigations, legal holds, and evidence preservation.
- Operate insider-risk and DLP monitoring in coordination with Legal and HR.
Awareness & technical reviews - Own the phishing simulation and security-awareness training program, with metrics focused on reporting and resilience.
- Serve as the primary lead for technical security reviews of systems, integrations, and changes.
Product Security - Build foundational product security capability within the security operations team as MACOM expands its software and firmware-enabled product portfolio - partnering with product and firmware engineering on secure development practices, embedded/firmware vulnerability awareness, and coordinated vulnerability handling.
- Develop the team's depth in software and firmware security over time, serving as the security operations interface for product security matters.
M&A Due Diligence - Support cybersecurity due diligence for mergers, acquisitions, and divestitures - evaluating target security posture, control maturity, and inherited risk, and informing integration planning and Day-1 security requirements, in coordination with Corporate Development, Legal, and GRC.
Compliance & reporting - Operate and evidence security-operations controls supporting CMMC / NIST 800-171 and SOX ITGC, in partnership with GRC.
- Produce and report security operations metrics (e.g., MTTD/MTTR, detection coverage, response quality) for leadership and the board.
- Partner with the vulnerability management owner on exploitation validation and risk-based prioritization.
Balancing risk with business requirements - Exercise risk-based judgment to balance security requirements against business and operational priorities - enabling the business to move at speed while ensuring material risks are surfaced, owned, and consciously accepted at the appropriate level.
Leadership - Lead, mentor, and develop a team of security engineers and SOC analysts; set clear expectations, build career paths, and raise the technical bar.
What You Bring
Required - 8+ years in security operations, detection/response, or a closely related security engineering discipline, including 2+ years leading and developing technical security teams.
- Demonstrated hands-on depth in detection engineering and incident response - this role leads by doing, not only by directing.
- Experience operating core security operations tooling (EDR, SIEM, email security, DLP) and managing a SIEM/detection content lifecycle.
- Experience managing a managed-detection or co-managed SOC relationship and holding a partner accountable to outcomes.
- Proven incident response leadership across the full lifecycle, including coordination with legal, executive, and external (DFIR/IR retainer) stakeholders.
- Strong working knowledge of detection frameworks and methodologies (e.g., MITRE ATT&CK).
- Excellent written and verbal communication, including the ability to translate technical risk for executive and board audiences.
Preferred - Experience in a regulated environment - defense contractor (CMMC / NIST 800-171), ITAR/EAR, SOX, or critical infrastructure.
- Exposure to OT/ICS security (IEC 62443) in a manufacturing setting.
- Relevant certifications (e.g., CISSP, GCIA, GCIH, GCFA, or equivalent).
- Familiarity with Microsoft Defender XDR, Azure / Azure Government, and cloud workload monitoring.
Leadership attributes - A genuine player-coach: invested in growing people and willing to dig into the technical work alongside the team.
- Sound judgment under pressure and a calm, structured approach to incidents.
- Collaborative across IT, Legal, GRC, and OT/engineering peers.
Salary Range The Salary Range for this position is $168,000 - $255,000. Actual salary offered to candidate will depend on several factors, including but not limited to, work location, relevant candidates' experience, education, and specific knowledge, skills, and abilities.
Benefits: This position offers a comprehensive benefits package including but not limited to:
- Health, dental, and vision insurance.
- Employer-sponsored 401(k) plan.
- Paid time off.
- Professional development opportunities.
