CrawlJobs Logo

Director, Security Operations and Incident Response

United States, Philadelphia · Job Posted July 04, 2026
Apply Position
Job Link Share

Job Description

At Comcast, we are committed to providing secure and reliable services for our customers, employees, and business partners. As the Director, Security Operations and Incident Response, you will lead the enterprise cyber defense function responsible for detecting, analyzing, hunting, escalating, and responding to cybersecurity threats across Comcast. This role is accountable for scaling Comcast’s Security Operations Center, Security Incident Response Team, threat hunting, and threat detection capabilities to meet a materially changed threat environment. Comcast must be prepared to manage multiple major incidents concurrently, maintain high-quality response under elevated case volume, proactively identify emerging threats, and continuously improve detection coverage across enterprise environments. The Director will provide strategic leadership, executive-level incident command, operational transformation, and cross-functional coordination across Cybersecurity, IT, Legal, Privacy, Communications, Engineering, Product, and business leadership. This leader will also partner closely with engineering teams to improve the tools, data pipelines, dashboards, automations, and workflows used by cyber operators every day. This is a critical leadership role responsible for protecting Comcast, our customers, our workforce, and our network from high-impact cyber threats.

Job Responsibility

  • Lead and scale Comcast’s SOC, Security Incident Response Team, threat hunting, and threat detection functions, ensuring the organization is trained, equipped, and structured to respond effectively to routine security events and major incidents
  • Build the operating model, staffing approach, escalation paths, runbooks, and surge capacity required to manage multiple concurrent major incidents
  • Serve as a senior incident commander for high-severity cybersecurity events, coordinating response across technical teams, business stakeholders, legal, privacy, communications, and executive leadership
  • Lead Comcast’s threat hunting function to proactively identify adversary behavior, emerging attack patterns, control gaps, and high-risk activity before it becomes a major incident. Including leading Purple Team activities
  • Own and mature the enterprise threat detection strategy, including detection coverage, alert fidelity, tuning, detection lifecycle management, and alignment to threat intelligence, adversary tradecraft, and business risk
  • Partner with security engineering, data engineering, platform engineering, and product teams to design and improve the tools, pipelines, dashboards, automations, and case management workflows used by cyber operations teams
  • Drive continuous improvement across SIEM use cases, endpoint detections, cloud detections, identity detections, network telemetry, enrichment pipelines, automation, and analyst workflows
  • Ensure lessons learned from incidents and hunts directly inform new detections, improved runbooks, stronger controls, and better response procedures
  • Develop and continuously improve incident response strategy, severity models, communications protocols, after-action reviews, and remediation tracking
  • Establish executive reporting on incident trends, SOC performance, detection quality, threat hunting outcomes, operational capacity, readiness gaps, and enterprise risk
  • Define and track metrics for mean time to detect, mean time to respond, alert quality, false-positive reduction, detection coverage, incident conversion, hunting outcomes, case volume, backlog, and major-incident readiness
  • Manage relationships with external incident response providers, security vendors, technology partners, and strategic service providers to ensure effective support during critical incidents
  • Ensure SOC, incident response, threat hunting, and detection practices align with regulatory expectations, internal policies, industry frameworks, and enterprise risk management requirements
  • Provide leadership to managers and technical teams, including goal setting, performance management, workforce planning, coaching, and career development
  • Represent Comcast as a senior subject matter expert in security operations, incident response, threat hunting, and threat detection

Requirements

  • 10+ years of relevant cybersecurity experience, including leadership experience in cybersecurity operations, security incident response, threat hunting, threat detection, or enterprise SOC functions in a large, complex environment with at least 5 years of experience managing leaders of people
  • Demonstrated experience managing high-severity cybersecurity incidents, including executive communications, cross functional coordination, containment strategy, remediation oversight, and post-incident improvement
  • This role supports a 24x7 cybersecurity operation and requires availability outside of standard business hours, including nights, weekends, and holidays, during critical incidents and high-severity security events
  • Strong leadership experience building, managing, and scaling technical security teams, including managers, incident responders, SOC analysts, threat hunters, detection engineers, and specialized security professionals
  • Deep technical understanding of modern security operations, including SIEM, EDR, threat intelligence, malware analysis, digital forensics, cloud security, identity security, network security, automation, and detection engineering
  • Experience partnering with engineering teams to build, improve, and operationalize security tools, data platforms, dashboards, automations, telemetry pipelines, and analyst workflows
  • Proven ability to make high-impact decisions under pressure and lead teams through ambiguous, fast-moving security events
  • Experience developing incident response operating models, playbooks, escalation procedures, readiness exercises, metrics, and continuous improvement programs
  • Strong understanding of adversary tradecraft, threat hunting methodologies, detection lifecycle management, and frameworks such as MITRE ATT&CK
  • Strong executive communication skills, including the ability to brief senior leaders on risk, impact, operational status, capacity gaps, and recommended actions
  • Ability to collaborate effectively across Cybersecurity, IT, Legal, Privacy, Compliance, Communications, Engineering, Product, and business leadership
  • Relevant industry certifications preferred, such as CISSP, CISM, GCIH, GCIA, GCFA, GNFA, GMON, or other GIAC certifications

Nice to have

Relevant industry certifications preferred, such as CISSP, CISM, GCIH, GCIA, GCFA, GNFA, GMON, or other GIAC certifications

What we offer

  • Medical, prescription, vision, and dental insurance for eligible employees
  • 401(k) savings plan with dollar-for-dollar matching up to the first 6% of your pay
  • Paid time off including eight observed company holidays and flex time
  • Exclusive perks + discounts, including tuition assistance, commuter benefits and more

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Director, Security Operations and Incident Response

8 matching positions

Director of Security and Safety

Manages security/loss prevention operations on a daily basis. Areas of responsib...
Location
Location
United States , Half Moon Bay
Salary
Salary:
101000.00 - 133000.00 USD / Year
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or GED
  • 4 years experience in the security/loss prevention or related professional area
  • OR: 2-year degree from an accredited university in Criminal Justice or related major
  • 2 years experience in the security/loss prevention or related professional area
Job Responsibility
Job Responsibility
  • Manages security/loss prevention operations on a daily basis
  • Areas of responsibilities include protection of property assets, employees, guests and property, accident and fire prevention and response
  • Ensures that all areas of the property are safe and secure
  • Maintains logs, certifications and documents required by law and Standard Operating Procedures
  • Strives to continually improve guest and employee satisfaction while maximizing the financial performance of the department
  • Assists in the development and implementation of emergency procedures
  • Conducts investigation of all losses of property assets and refers to proper management for disposition
  • Deploys security staff to effectively monitor and protect property assets
  • Comply with all Corporate Loss Prevention safety and security management guidelines and procedures
  • Conduct periodic patrols of entire property and parking areas
What we offer
What we offer
  • Relocation Assistance Available
  • Fulltime
Read More
Arrow Right

Director Cloud Operations & Security

HPE Networking is seeking an experienced and mission-driven Director of Security...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in cybersecurity
  • 5+ years leading multiple teams or managers
  • Strong technical background with ability to read and write code (Python preferred)
  • Experience building or maturing security programs and operational capabilities
  • Proven decision-maker able to act decisively during critical incidents
  • Excellent communicator able to engage engineers, executives, and cross-functional partners
  • Ability to operate with high autonomy and minimal supervision
  • Experience leading teams through major security incidents
  • Deep expertise in Identity & Access Management at scale, particularly in AWS and GCP environments
Job Responsibility
Job Responsibility
  • Define and lead a unified security operations strategy across Detection & Response, IT Security, IAM, and Cyber Threat Intelligence
  • Mature and expand the Cyber Threat Intelligence program
  • Own the identity and access management strategy across corporate systems and cloud infrastructure
  • Partner with Security, Engineering, IT, Legal, Trust & Safety, and executive leadership
  • Ensure measurable outcomes and accountability across all four security domains
  • Maintain strong technical depth to evaluate designs, challenge assumptions, and guide engineering decisions
  • Engage hands-on when necessary
  • Promote automation, scalability, and reliability across security operations
  • Advise leadership on security risks, threat landscape, and operational health
  • Provide executive visibility into security posture, investments, and key risks
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Director of Security and Safety

Manages security/loss prevention operations on a daily basis. Areas of responsib...
Location
Location
Canada , Toronto
Salary
Salary:
79000.00 - 112000.00 USD / Year
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or GED
  • 4 years experience in the security/loss prevention or related professional area
  • 2-year degree from an accredited university in Criminal Justice or related major
  • 2 years experience in the security/loss prevention or related professional area
Job Responsibility
Job Responsibility
  • Manages security/loss prevention operations on a daily basis
  • Areas of responsibilities include protection of property assets, employees, guests and property, accident and fire prevention and response
  • Ensures that all areas of the property are safe and secure
  • Maintains logs, certifications and documents required by law and Standard Operating Procedures
  • Strives to continually improve guest and employee satisfaction while maximizing the financial performance of the department
  • Assists in the development and implementation of emergency procedures
  • Conducts investigation of all losses of property assets and refers to proper management for disposition
  • Deploys security staff to effectively monitor and protect property assets
  • Comply with all Corporate Loss Prevention safety and security management guidelines and procedures
  • Conduct periodic patrols of entire property and parking areas
What we offer
What we offer
  • Bonus Eligible
  • Fulltime
Read More
Arrow Right

Director of Security and Safety

JOB SUMMARY Manages security/loss prevention operations on a daily basis. Areas...
Location
Location
United States , Singer Island
Salary
Salary:
89000.00 - 123000.00 USD / Year
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or GED
  • 4 years experience in the security/loss prevention or related professional area.
  • 2-year degree from an accredited university in Criminal Justice or related major
  • 2 years experience in the security/loss prevention or related professional area.
Job Responsibility
Job Responsibility
  • Manages security/loss prevention operations on a daily basis. Areas of responsibilities include protection of property assets, employees, guests and property, accident and fire prevention and response.
  • Ensures that all areas of the property are safe and secure.
  • Maintains logs, certifications and documents required by law and Standard Operating Procedures.
  • Strives to continually improve guest and employee satisfaction while maximizing the financial performance of the department.
  • Assists in the development and implementation of emergency procedures.
  • Conducts investigation of all losses of property assets and refers to proper management for disposition.
  • Deploys security staff to effectively monitor and protect property assets.
  • Comply with all Corporate Loss Prevention safety and security management guidelines and procedures.
  • Conduct periodic patrols of entire property and parking areas.
  • Recognize success across areas of responsibility.
What we offer
What we offer
  • Bonus Eligible
  • Fulltime
Read More
Arrow Right

Director of Security and Safety

Manages security/loss prevention operations on a daily basis. Areas of responsib...
Location
Location
United States , Dallas
Salary
Salary:
78000.00 - 105000.00 USD / Year
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or GED
  • 4 years experience in the security/loss prevention or related professional area OR 2-year degree from an accredited university in Criminal Justice or related major
  • 2 years experience in the security/loss prevention or related professional area
Job Responsibility
Job Responsibility
  • Manages security/loss prevention operations on a daily basis
  • protection of property assets, employees, guests and property
  • accident and fire prevention and response
  • ensures that all areas of the property are safe and secure
  • maintains logs, certifications and documents required by law and Standard Operating Procedures
  • strives to continually improve guest and employee satisfaction while maximizing the financial performance of the department
  • assists in the development and implementation of emergency procedures
  • conducts investigation of all losses of property assets and refers to proper management for disposition
  • deploys security staff to effectively monitor and protect property assets
  • comply with all Corporate Loss Prevention safety and security management guidelines and procedures
What we offer
What we offer
  • Relocation Assistance Available
  • Fulltime
Read More
Arrow Right

Security Director - SOC operations

The Security Director - SOC Operations will lead the development and implementat...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 15+ years of progressive experience in cybersecurity operations
  • At least 7+ years in a leadership/management role
  • Bachelor's degree in Cybersecurity, Information Technology, Criminal Justice, or a related field
  • Master's degree is a plus
  • Must hold at least one relevant professional certification such as CISSP, CISA, CISM, or CRISC
  • Deep understanding of cybersecurity principles, incident response methodologies, threat intelligence, and a wide range of security technologies and frameworks
  • Strong leadership, team management, and problem-solving skills
  • Excellent verbal and written communication skills
Job Responsibility
Job Responsibility
  • Develop and implement a holistic cybersecurity strategy that aligns with business objectives
  • Lead day-to-day SOC operations, including 24/7 monitoring, threat detection, analysis, and incident response
  • Develop and maintain incident response plans and procedures
  • Build and mature a full lifecycle vulnerability management program
  • Oversee IAM strategies and operations
  • Provide leadership and operational expertise across various security domains
  • Ensure adherence to relevant security regulations and standards
  • Recruit, mentor, and develop a high-performing security team
  • Serve as the primary point of contact for security incidents
  • Oversee and Track Finances for entire Security Division
Read More
Arrow Right

Security Director - SOC operations

The Security Director - SOC Operations will be responsible for developing and im...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 15+ years of progressive experience in cybersecurity operations
  • At least 7+ years in a leadership/management role
  • Bachelor's degree in Cybersecurity, Information Technology, Criminal Justice, or a related field
  • Must hold at least one relevant professional certification such as CISSP, CISA, CISM, or CRISC
  • Deep understanding of cybersecurity principles, incident response methodologies, threat intelligence, and a wide range of security technologies and frameworks
  • Strong leadership, team management, and problem-solving skills
  • Excellent verbal and written communication skills
Job Responsibility
Job Responsibility
  • Develop and implement a holistic cybersecurity strategy that aligns with business objectives
  • Lead day-to-day SOC operations, including 24/7 monitoring, threat detection, analysis, and incident response
  • Build and mature a full lifecycle vulnerability management program
  • Oversee IAM strategies and operations
  • Provide leadership and operational expertise across various security domains
  • Ensure adherence to relevant security regulations and standards
  • Recruit, mentor, and develop a high-performing security team
  • Serve as the primary point of contact for security incidents
  • Oversee and Track Finances for entire Security Division
  • Fulltime
Read More
Arrow Right

Associate Director of Security Operations

High-Impact Technical Leadership Role. My client is a leading global financial i...
Location
Location
United Kingdom , London
Salary
Salary:
110000.00 - 130000.00 GBP / Year
thisisiceberg.com Logo
Iceberg Cyber Security
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven leadership in security operations, ideally with SOC/incident response background
  • Technically credible and confident stepping into high-pressure situations
  • Experience in large, complex, global organisations
  • Financial services experience preferred
  • outside FS must understand regulated environments
  • Strong understanding of three lines of defence and practical risk/control frameworks
  • Ability to develop teams and influence senior stakeholders
  • Experience driving cyber transformation, improving processes, and using data to guide decisions
Job Responsibility
Job Responsibility
  • Shaping the organisation’s global security capability
  • Leading a small, high-performing team
  • Influencing critical decisions
  • Driving improvements across security processes, tooling, and operations
  • Stepping in confidently when high-pressure situations arise
  • Steering cyber transformation initiatives
  • Ensuring the team uses data to make smarter, faster decisions
  • Continuously strengthening the company’s security posture
What we offer
What we offer
  • Bonus
Read More
Arrow Right