Job Description

Job Description
The Associate Director serves as the operational leader for Syracuse University’s Security Operations Center (SOC), reporting directly to the Chief Information Security Officer. This role provides day-to-day leadership for security monitoring, incident detection and response, and security awareness initiatives, combining technical security expertise with operational leadership to ensure the SOC functions effectively as the university’s front-line defense against cyber threats.

The Associate Director makes tactical decisions regarding security event classification, escalation, and response actions while maintaining and advancing SOC operating procedures, playbooks, and runbooks and workflows. The role tracks performance metrics and drives continual improvements in detection capabilities and response workflows, while maintaining situational awareness of the university’s security posture and emerging threats.

The position directs two full-time SOC staff members and leads recruitment, onboarding, training, scheduling, evaluation, and professional development of student SOC analysts.
Education and Experience
Bachelor’s degree in information security, Computer Science, Information Technology, or related field, or equivalent professional experience.
Three (3+) plus years of experience in information security operations, security monitoring, or incident response.
Demonstrated experience leading security operations activities or coordinating team efforts.
Experience with security awareness training and phishing simulation platforms.
Experience in higher education or similarly complex IT environment preferred.
Experience mentoring or training junior staff members.
Skills and Knowledge
Working knowledge of security monitoring tools including SIEM, IDS/IPS, and EDR platforms, especially from the Microsoft security stack (Defender, Sentinel, Purview).
Understanding of incident response methodologies and common attack vectors.
Familiarity with compliance frameworks relevant to higher education (NIST 800-53, CIS Controls, FERPA, GLBA, PCI-DSS).
Strong decision-making skills with ability to assess and respond to security events independently.
Excellent written and verbal communication skills with ability to explain technical security concepts to non-technical audiences.
Working knowledge of AI-powered tools and their potential to streamline and improve business processes.
Ability to identify opportunities where AI solutions can reduce manual effort and support data-driven decision-making.
Familiarity with AI assistants (such as Anthropic’s Claude, Microsoft Copilot, ChatGPT, or similar tools) and a willingness to apply them in functional analysis and documentation activities.
Ability to work collaboratively across technical and non-technical teams.
Strong organizational skills with ability to manage multiple priorities and coordinate team activities.
Commitment to continuous learning in the rapidly evolving cybersecurity field.
Responsibilities
SOC Operations Leadership
Provide operational leadership and accountability for all SOC activities including security monitoring, threat detection, incident triage, and initial response.
Make tactical decisions regarding security event classification, escalation, and response actions to ensure timely and effective incident management.
Establish, govern, and continuously advance SOC operating procedures, playbooks, and runbooks to support consistent, scalable, and resilient operations.
Serve as the institutional lead for SOC operations, acting as the primary liaison for operational security matters across IT and campus stakeholders.
Define, track, and report key SOC performance metrics and drive continuous improvement of detection capabilities, response effectiveness, and operational maturity.
Team Coordination and Development
Provide direct supervision of two full-time SOC staff members, assigning work, setting priorities, and ensuring operational coverage.
Lead recruitment, hiring, onboarding, training, scheduling, and professional development of student security analysts to build a scalable security operations talent pipeline.
Cultivate a high-performing, collaborative team culture that promotes accountability, knowledge sharing, continuous learning, and operational excellence.
Security Awareness and Training Programs
Provide operational leadership for the university’s security awareness and training program, including content governance, deployment, compliance tracking, and executive reporting.
Ensure the design, execute, and assess phishing simulation campaigns to measure user risk exposure and drive measurable improvements in security behavior.
Define and report key program metrics, including training completion, phishing susceptibility trends, and overall risk reduction indicators.
Collaborate with Communications, HR, IT, and campus stakeholders to align security awareness initiatives with institutional priorities and evolving threat patterns.
Incident Management and Response
Serve as incident commander for routine and moderate security incidents, coordinating response activities, technical and stakeholder communications, and ensuring timely containment and resolution.
Assess incident severity and escalate significant events to the CISO with clear situational context, risk impact analysis, and recommended response actions.
Lead documentation of incident response activities, facilitate post-incident reviews, and drive implementation of lessons learned to strengthen institutional resilience and response readiness.
Strategic Support and Reporting
Advise and provide operational perspective to support the CISO¿s strategic planning, policy development, risk management, and compliance initiatives.
Develop and deliver regular executive-level reporting on SOC performance, threat trends, incident metrics, and operational risk indicators.
Contribute to security program planning, resource forecasting, and budget discussions to align operational capacity with institutional risk.
Serve as the operational representative for security operations in cross-functional IT initiatives and university governance committees.