Director, Security Operations

This is a fully remote position, open to applicants in Portugal.

📋 Description

• Take ownership of and steer the strategy, roadmap, and advancement of LastPass's Security Operations function - converting the threat landscape into a multi-year program that scales with the business.

• Oversee all response operations throughout the entire incident lifecycle, from detection and triage to containment, eradication, recovery, and post-incident review.

• Build, nurture, and retain a high-performing team of analysts and engineers - establishing clear performance expectations, career development pathways, and fostering a culture of operational excellence.

• Collaborate with the CISO, Legal, and Communications teams to manage high-severity incidents, coordinating executive responses and meeting regulatory notification requirements.

• Define and maintain metrics, SLAs, and reporting frameworks for the detection and response program - delivering clear, evidence-based insights regarding program maturity and risk posture to the CISO and board.

• Advocate for the adoption of AI-assisted triage, automation pipelines, and Detection-as-Code methodologies to minimize analyst workload and decrease mean-time-to-respond.

• Establish and uphold strategic partnerships with external entities - including threat intelligence providers, law enforcement, and industry information-sharing groups — to enhance LastPass's situational awareness.

• Work collaboratively across Business Technology, Cloud Security, and Platform Engineering to ensure unified detection coverage and coordinated response capabilities across the entire technology estate.

⛳️ Requirements

• Demonstrated experience in security operations, including senior leadership responsibility for an incident response or cyber defense function at scale.

• Proven capability to build, lead, and cultivate high-performing security teams - including managing through managers - in a fast-paced, high-stakes environment.

• Advanced, hands-on expertise in the CSIRT/SOC domain: digital forensics, threat intelligence, malware analysis, network analysis, or incident handling across cloud-native and hybrid infrastructures.

• Expert-level understanding of security frameworks such as MITRE ATT&CK, NIST CSF, and the SANS incident response lifecycle, with demonstrated application in real-world program design.

• Established track record of engaging executive leadership, legal counsel, and external stakeholders during significant security incidents, including regulatory and board-level communication.

• Strategic thinker capable of converting complex threat landscapes into clear program priorities and articulating risk in business terms to non-technical audiences.

• Functions with calm authority under pressure - able to drive decisive, coordinated actions during high-severity incidents while maintaining team morale and stakeholder confidence.

• Cultivates influence across organizational boundaries, achieving security outcomes through cross-functional collaboration without relying solely on positional authority.

🏝️ Benefits

• Competitive compensation.

• Flexible Paid Time Off policies, which include, but are not limited to: Quarterly Self-Care Days (4 additional paid days off annually) and Volunteer Days.

• Parental leave.

• Comprehensive health coverage, inclusive of dependents.

• Support for home office setup.

• Free LastPass Families account for up to 5 members.

• Ongoing learning and development opportunities, including an annual learning stipend for your growth.

• Peer-to-peer recognition via Motivosity.

• Employee Assistance Program for well-being support.

• Remote work stipend to assist with home office needs.

• Options for Short-Term or Remote-Centric Work Arrangements for added flexibility.