Deputy Chief Information & Security - Officer Operations

Scope:  The Senior Director, Cyber Security Operations (Deputy CISO - Operations) leads the tactical execution of cybersecurity operations across the enterprise, with a focus on detection, response, and secure architecture. This role is responsible for managing the Security Operations Center (SOC), Incident Response (IR), and Security Architecture & Engineering (SAE), including coverage of enterprise infrastructure, cloud environments, and product ecosystems. The Deputy CISO – Operations also owns the hybrid SOC model, integrating internal teams with MSSP/MDR partners to deliver 24/7 visibility and rapid response.

Responsibilities:

• Define and execute a strategy to mature Dentsply Sirona’s Detection and Response capabilities into a modern, hybrid Detection and Response organization responsible for 24/7 coverage across enterprise, cloud, and product ecosystems. 
• Provide day-to-day leadership and oversight of internal Detection and Response teams, while governing MSSP/MDR partners to ensure accountability, integration, and performance aligned to business needs. 
• Serve as Incident Commander for major cybersecurity incidents and product-related breaches, coordinating both internal and external resources to minimize impact and ensure timely containment and recovery. 
• Build and maintain tailored detection, prevention, and response capabilities mapped to the MITRE ATT&CK and D3FEND frameworks, spanning IT, OT, cloud, and product telemetry. 
• Drive automation across detection, triage, and response using SOAR platforms; develop and manage automated playbooks for enterprise and product environments. 
• Analyze incident trends, threat intelligence, and operational metrics to identify systemic issues and enable informed decision-making across Cybersecurity and the broader Global Security function. 
• Oversee documentation governance, ensuring all SOC/IR policies, procedures, runbooks, playbooks, and engineering standards remain current and aligned with evolving threats, compliance, and business priorities. 
• Define and report performance metrics and KPIs for Detection and Response effectiveness, including time to detect (TTD), time to respond (TTR), SOC coverage, MSSP SLA adherence, and product monitoring uptake. 
• Leadership.  Lead by example. Oversee experienced level senior leaders and professionals. Advise team(s) on complex matters. Lead the performance feedback process, sets performance and development goals, regularly provides feedback. Develop, motivate, inspire, and empower others. Recognize success and make hard decisions.
• Mentor, coach, and grow a high-performance team culture across SOC, IR, and Security Architecture & Engineering (SAE), ensuring career development and role clarity. 
• Drive fusion and integration with Product Security, Information Technology, Legal, Privacy, and Communications to ensure a unified threat detection and incident response capability across the enterprise and product lines. 
• Coordinate with product engineering teams and MSSP partners to onboard product telemetry, enrich contextual detections, and build product-specific IR playbooks. 
• Engage with external consultants and technical service providers to support escalated investigations, penetration tests, red team exercises, and readiness assessments. 
• Additional responsibilities as assigned by the CISO to support strategic and operational cybersecurity initiatives

Education and Experience:

• Education:  Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related technical field  (Substitution: 5 years of directly relevant experience may be substituted for a bachelor’s degree)

Years and Type of Experience (Desired):

• At least 10 years of experience in cybersecurity operations, incident response, or security architecture
• At least 10 years of experience leading cybersecurity teams, including direct leadership of managers and cross-functional teams
• Demonstrated experience managing MSSP/MDR providers or operating in a hybrid SOC model
• Strong familiarity with:
• NIST CSF 2.0 and NIST SP 800-61 (Incident Handling Guide)
• MITRE ATT&CK framework
• CIS Controls v8.1
• Ability to write clear strategy and process documentation and experience championing new initiatives 
• Ability to lead thru influence, bring people together and effectively resolve conflicts 
• Experience hiring globally, managing, developing and retaining top cybersecurity talent 

(Preferred)

• Master’s degree in Cybersecurity, Business Administration (MBA), or a related discipline (Substitution:  10 years of directly relevant experience may be substituted for master's degree)
• One or more industry-recognized certifications:
  • CISSP – Certified Information Systems Security Professional
  • CISM – Certified Information Security Manager
  • GIAC certifications (e.g., GCIA, GCIH, GNFA)
  • OSCP – Offensive Security Certified Professional
• Hands-on experience with:
  • SOAR platform deployment and playbook development
  • Security monitoring for connected products, cloud, and OT/IoT environments
• Familiarity with ISO/IEC 27001 and incident reporting requirements under HIPAA, GDPR, SEC, or FDA 524B
  • Ability to lead effectively under pressure and during high-impact cyber incidents 
  • Ability to communicate technical concepts to non-technical and executive stakeholders 
  • Ability to align day-to-day operations with strategic cybersecurity and business objectives 
  • Ability to collaborate across IT, product, engineering, legal, compliance, and business teams 
  • Ability to build scalable and continuously improving detection and response capabilities 
  • Ability to prioritize and manage multiple competing demands in a global enterprise environment

• Knowledge
  • Deep understanding of cybersecurity operations, incident response, and threat detection methodologies 
  • Expertise in cybersecurity frameworks such as NIST CSF 2.0, NIST SP 800-61, MITRE ATT&CK, MITRE D3FEND, and CIS Controls v8.1 
  • Strong knowledge of SIEM, SOAR, EDR/XDR, IAM, and network defense technologies 
  • Familiarity with secure cloud and hybrid architecture, including AWS and Azure 
  • Understanding of regulatory and industry standards (HIPAA, GDPR, ISO/IEC 27001, FDA 524B) 
  • Awareness of product security risks, telemetry integration, and monitoring for connected or regulated devices
• Skills:
  • Leadership and team development, including direct management of managers and cross-functional technical teams
  • Advanced incident handling and cyber crisis management, including executive-level communication
  • MSSP/MDR management and hybrid SOC operations oversight
  • Detection engineering and threat analysis across enterprise and product environments
  • SOAR platform integration and automation of response playbooks
  • Development and maintenance of response documentation, runbooks, and playbooks
  • Operational metrics analysis and data-driven decision-making
  • Program and project management in complex, fast-paced environments
  • Abilities and Competencies
  • Ability to lead effectively under pressure and during high-impact cyber incidents 
  • Ability to communicate technical concepts to non-technical and executive stakeholders 
  • Ability to align day-to-day operations with strategic cybersecurity and business objectives 
  • Ability to collaborate across IT, product, engineering, legal, compliance, and business teams 
  • Ability to build scalable and continuously improving detection and response capabilities 
  • Ability to prioritize and manage multiple competing demands in a global enterprise environment 
  • Strategic Thinking – Applies experience, knowledge, and perspective of business and external or global factors to create new perspectives and fresh thinking.
  • Understands current skills, developments and trends in the industry; uses this information to anticipate and problem solve for customer needs.
  • Adheres to the requirements, standards and regulations that govern the way we do business.
  • Is authentic and transparent, even when it means admitting knowledge gaps or mistakes.
  • Internationally and culturally aware
  •  Experience with communications and change management.
  • Strategic focus with the ability to also operate tactically when needed
  • Exceptional Analytical thinking with effective judgment and decision-making capabilities
  • A positive approach and a can-do attitude in a fast-paced environment.