Director, Ransomware Detect & Respond

Halcyon is seeking an experienced Director, Ransomware Detect & Respond (RDR) to build, lead, and manage our 24/7/365 Security Operations Center. You will own all aspects of continuous monitoring of our anti-ransomware platform, ensuring real-time visibility into ransomware threats and guiding customers through detection and mitigation. This role requires a strategic thinker who can establish scalable processes, build a high-performing team of SOC analysts, and collaborate closely with product, engineering, and support functions to keep customers safe. Architect and implement a world-class, round-the-clock operations center focused exclusively on ransomware monitoring, detection, and customer support. Develop and maintain standard operating procedures (SOPs), runbooks, and escalation playbooks that ensure consistent, high-quality triage of alerts and customer engagements. Define and track key performance indicators (SLAs, MTTR , detection coverage, alert accuracy) to measure SOC effectiveness and drive continuous improvement. Recruit, mentor, and manage a team of SOC analysts—creating clear career paths, training programs, and certification goals. Foster a culture of accountability, collaboration, and continuous learning within the RDR team, ensuring analysts understand evolving ransomware tactics and our product’s telemetry. Conduct regular exercises (e.g., tabletop drills, alert-handling simulations) to validate readiness and refine processes.