Director of Security Operations

Job Overview

Role: Director of Security Operations. Department: Technology. Team: Information Security & Administration. Location: Remote / Flexible. Employment Type: Full Time, Exempt. Workplace Type: remote. Posted Timestamp: 1775079693409.

Eligibility / Qualification Required:

Best Egg is a market-leading, tech-enabled financial platform helping people build financial confidence through a variety of installment lending solutions and financial health tools. We aim to help customers make smart financial decisions and stay on track, so they can be money confident no matter what life throws at them.We offer top-tier benefits and growth opportunities in a culture built on our core values:
Put People First – We foster an inclusive, flexible, and fun workplace.Create Clarity – Open communication drives trust and results.Get Things Done – We focus, prioritize, and deliver with excellence.Deliver with Heart – We lead with kindness, humility, and strong teamwork.Listen to Our Customers – Their needs drive our innovation. Barclays has entered into an agreement to acquire Best Egg with closing expected to take place in Q2 2026. This acquisition will give us the resources and capital to continue on our mission and drive our strategy forward. With an aligned culture, lower cost of funds, and increased employee growth opportunities across a global brand, we are excited about the future of the Best Egg brand under the Barclays umbrella.We are looking for collaborative, innovative team players who like to solve problems. There will also be immense opportunities for those willing to dive in. If you're inspired by growth and want to make a real difference, Best Egg is the place for you.
 We’re proud to be an equal opportunity employer committed to building a diverse, inclusive team.

About the Role

The Director of Security Operations is responsible for the leadership, execution, and continuous improvement of Best Egg’s cybersecurity operations program. This role owns the day-to-day operational effectiveness of security controls, ensuring the organization can detect, respond to, and remediate threats in a timely and efficient manner.
This position leads Security Operations (SOC), Incident Response, Vulnerability Management, and threat detection capabilities, and serves as the primary escalation point for operational security events. The Director partners closely with Technology, Infrastructure, Engineering, IAM, and Technology Risk to ensure security controls are operating effectively and aligned to the organization’s risk posture.
This is a critical leadership role focused on execution, operational maturity, and measurable security outcomes within a regulated fintech environment.
Best Egg celebrates diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better we will grow.
Employee BenefitsBest Egg offers many additional benefits for our employees, including (but not limited to):·       Pre-tax and post-tax retirement savings plans with a competitive company matching program·       Generous paid time-off plans including vacation, personal/sick time, paid short-- term and long-term disability leaves, paid parental leave, and paid company holidays ·       Multiple health care plans to choose from, including dental and vision options·       Flexible Spending Plans for Health Care, Dependent Care, and Health Reimbursement Accounts·       Company-paid benefits such as life insurance, wellness platforms, employee assistance programs, and Health Advocate programs·       Other great discounted benefits include identity theft protection, pet insurance, fitness center reimbursements, and many more!

Key Responsibilities

Security Operations Leadership

Own end-to-end security operations including SOC, monitoring, and detection capabilities

Oversee SIEM, EDR, and logging programs to ensure effective threat detection and response

Manage internal and third-party security operations providers (e.g., MSSP)

Continuously improve alert quality, detection coverage, and operational efficiency

Incident Response & Event Management

Act as technology incident commander for security events and incidents

Lead operational response including triage, containment, eradication, and recovery

Ensure incidents are managed in accordance with established procedures and SLAs

Escalate critical and high-risk incidents to the CISO with clear analysis and recommendations

Lead post-incident reviews and drive continuous improvement actions

Vulnerability Management

Own the operational lifecycle of vulnerability management including scanning, prioritization, and remediation tracking

Ensure adherence to defined remediation timelines and SLAs

Coordinate penetration testing activities and validation of remediation efforts

Provide visibility into vulnerability risk and remediation progress

Threat Detection & Monitoring

Oversee logging and monitoring programs to ensure comprehensive visibility across the environment

Drive development and tuning of detection use cases and alert logic

Ensure effective integration of threat intelligence into detection and response processes

Phishing & Threat Response Operations

Oversee operational response to phishing and email-based threats

Ensure timely triage, analysis, and mitigation of reported phishing activity

Partner with the Manager, Information Security on phishing trends and control improvements

Operational Control Effectiveness

Ensure security controls are operating effectively across monitoring, incident response, vulnerability management, and access enforcement

Identify control gaps, breakdowns, or inefficiencies and drive remediation

Escalate systemic control issues and risks to the CISO and Technology Risk

Metrics, Reporting & Continuous Improvement

Develop and maintain operational metrics and KPIs (e.g., MTTR, vulnerability SLAs, alert volumes)

Provide regular reporting on security operations performance and risk trends

Identify opportunities to improve automation, tooling, and processes

Collaboration & Leadership

Lead and mentor security operations personnel

Partner with Infrastructure, Engineering, DevSecOps, and Technology teams to implement and improve controls

Support audits, regulatory assessments, and evidence requests related to security operations

Required Qualifications

• Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)
• 7+ years of experience in cybersecurity, with a focus on security operations, incident response, or SOC leadership
• Experience managing security monitoring, SIEM, and incident response programs
• Strong understanding of vulnerability management and threat detection
• Experience operating in regulated environments (PCI, FFIEC, or similar)
• Strong leadership, communication, and decision-making skills

Preferred Qualifications

• Experience managing or partnering with MSSPs or outsourced SOC providers
• Experience with cloud security (AWS preferred)
• Familiarity with MITRE ATT&CK framework and detection engineering practices
• Relevant certifications (e.g., CISSP, GCIA, GCIH, CISM)

What Success Looks Like

• Security incidents are detected and responded to quickly and effectively
• Vulnerabilities are remediated within defined SLAs
• Alert quality improves and false positives decrease over time
• Security operations processes are efficient, scalable, and well-documented
• Stakeholders have clear visibility into operational security risk
• Security controls are operating effectively with minimal audit findings

In addition to semi-monthly salary payments, this position is also eligible for an annual incentive bonus based on individual and company performance.  Yearly incentive bonus target 35% of base salary.

How to Apply:

Apply through the official Best Egg Lever application flow.
Apply Now
View Job Details