Head of Cyber Operations - Client Solutions

What You Will Do

• Serve as the technical expert for EDR/MDR/XDR platforms (e.g., CrowdStrike, SentinelOne, Defender, CarbonBlack). Responsibilities include setup, continuous operation, complex query response, and strategic vendor evaluation.
• Demonstrate strong knowledge of consumer and enterprise-grade networking equipment (e.g., Palo Alto, Meraki, Araknis, Fortinet, Eero, Orbi, Google, Aruba) to diagnose and secure home networks.
• Deep knowledge of networking tools (VPN, Network Sniffers), consumer AV (Trend, BitDefender, Norton, McAfee), 2FA variants, and password management (1Password) to assist in the diagnosis and triaging of complex incidents but also to develop and delivery client solutions.
• Maintain deep expert knowledge of Google Workspace and Microsoft 365 (O365), and understand Mobile Device Management (MDM) and Remote Monitoring and Management (RMM) solutions (e.g., JAMF, Kaseya) for growing and scaling the service.
• Act as a technical SME for the Product team, ensuring the BlackCloak product is architected and positioned to never interfere with a client's complex, existing systems.
• Own the planning and execution of complex, large-scale migrations (e.g., swapping all client EDR platforms in under 30 days), ensuring pre-emptive strategic deployment to facilitate seamless transitions.
• Serve as a peer-level expert on Incident Response, working alongside senior staff on complex investigations involving account takeover (email, finance, social media), network breaches, and sophisticated malware/virus analysis.
• Lead the triage process for all incoming cyber, computer, network, and device incidents, establishing the initial root cause, containment strategy, and path to resolution.
• Possess practical experience and deep knowledge of penetration testing methodologies and vulnerability management across diverse client environments.
• Provide expert-level support and solution design for patching, backups, and encryption across all major operating systems: Windows, macOS, iOS, and Android.
• Understand the complex interactions of all deployed client tools (both commercial and proprietary) to anticipate and resolve conflicts or interferences.
• Proactively monitor and assess global cybersecurity, IT, and high-tech news, providing actionable intelligence on how emerging threats and technology impact the BlackCloak service model.
• Maintain a strong understanding of financial crime, identity theft, scams, and fraud targeting executives, classifying these threats as potential "Company Killers" for clients.
• Utilize basic forensic techniques to secure evidence and conduct initial analysis post-incident.

What You Will Need to be Successful

• Minimum 8+ years of progressive experience in cybersecurity, IT, or Security Operations Center (SOC) roles.
• 7+ years of experience in a lead role for complex, hands-on Incident Response (IR) or endpoint security engineering.
• Track record of operationalizing and scaling security services for external customers, ensuring high customer retention rates while driving efficiency and maturity within a client-facing Cyber Operations function
• Expert-level certifications (e.g., GIAC, CISSP) are highly preferred.
• High level of integrity, discretion, and ethical judgment required for handling highly sensitive executive and privacy/security matters.
• Proven ability to manage technical projects end-to-end, especially large-scale migrations or platform deployments.
• Exceptional written and verbal communication skills, capable of explaining complex technical issues clearly to both technicians and executive leadership.
• Willingness to travel for client and company-related events.