Director of Security Operations

Best Egg is a market-leading, tech-enabled financial platform helping people build financial confidence through a variety of installment lending solutions and financial health tools. We aim to help customers make smart financial decisions and stay on track, so they can be money confident no matter what life throws at them.
We offer top-tier benefits and growth opportunities in a culture built on our core values:

Put People First – We foster an inclusive, flexible, and fun workplace.
Create Clarity – Open communication drives trust and results.
Get Things Done – We focus, prioritize, and deliver with excellence.
Deliver with Heart – We lead with kindness, humility, and strong teamwork.
Listen to Our Customers – Their needs drive our innovation.

Barclays has entered into an agreement to acquire Best Egg with closing expected to take place in Q2 2026. This acquisition will give us the resources and capital to continue on our mission and drive our strategy forward. With an aligned culture, lower cost of funds, and increased employee growth opportunities across a global brand, we are excited about the future of the Best Egg brand under the Barclays umbrella.
We are looking for collaborative, innovative team players who like to solve problems. There will also be immense opportunities for those willing to dive in. If you're inspired by growth and want to make a real difference, Best Egg is the place for you.

We’re proud to be an equal opportunity employer committed to building a diverse, inclusive team.

About the Role

The Director of Security Operations is responsible for the leadership, execution, and continuous improvement of Best Egg’s cybersecurity operations program. This role owns the day-to-day operational effectiveness of security controls, ensuring the organization can detect, respond to, and remediate threats in a timely and efficient manner.

This position leads Security Operations (SOC), Incident Response, Vulnerability Management, and threat detection capabilities, and serves as the primary escalation point for operational security events. The Director partners closely with Technology, Infrastructure, Engineering, IAM, and Technology Risk to ensure security controls are operating effectively and aligned to the organization’s risk posture.

This is a critical leadership role focused on execution, operational maturity, and measurable security outcomes within a regulated fintech environment.

Key Responsibilities:
Security Operations Leadership

• Own end-to-end security operations including SOC, monitoring, and detection capabilities

• Oversee SIEM, EDR, and logging programs to ensure effective threat detection and response

• Manage internal and third-party security operations providers (e.g., MSSP)

• Continuously improve alert quality, detection coverage, and operational efficiency

Incident Response & Event Management

• Act as technology incident commander for security events and incidents

• Lead operational response including triage, containment, eradication, and recovery

• Ensure incidents are managed in accordance with established procedures and SLAs

• Escalate critical and high-risk incidents to the CISO with clear analysis and recommendations

• Lead post-incident reviews and drive continuous improvement actions

Vulnerability Management

• Own the operational lifecycle of vulnerability management including scanning, prioritization, and remediation tracking

• Ensure adherence to defined remediation timelines and SLAs

• Coordinate penetration testing activities and validation of remediation efforts

• Provide visibility into vulnerability risk and remediation progress

Threat Detection & Monitoring

• Oversee logging and monitoring programs to ensure comprehensive visibility across the environment

• Drive development and tuning of detection use cases and alert logic

• Ensure effective integration of threat intelligence into detection and response processes

Phishing & Threat Response Operations

• Oversee operational response to phishing and email-based threats

• Ensure timely triage, analysis, and mitigation of reported phishing activity

• Partner with the Manager, Information Security on phishing trends and control improvements

Operational Control Effectiveness

• Ensure security controls are operating effectively across monitoring, incident response, vulnerability management, and access enforcement

• Identify control gaps, breakdowns, or inefficiencies and drive remediation

• Escalate systemic control issues and risks to the CISO and Technology Risk

Metrics, Reporting & Continuous Improvement

• Develop and maintain operational metrics and KPIs (e.g., MTTR, vulnerability SLAs, alert volumes)

• Provide regular reporting on security operations performance and risk trends

• Identify opportunities to improve automation, tooling, and processes

Collaboration & Leadership

• Lead and mentor security operations personnel

• Partner with Infrastructure, Engineering, DevSecOps, and Technology teams to implement and improve controls

• Support audits, regulatory assessments, and evidence requests related to security operations

Required Qualifications:
• Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)

• 7+ years of experience in cybersecurity, with a focus on security operations, incident response, or SOC leadership

• Experience managing security monitoring, SIEM, and incident response programs

• Strong understanding of vulnerability management and threat detection

• Experience operating in regulated environments (PCI, FFIEC, or similar)

• Strong leadership, communication, and decision-making skills

Preferred Qualifications:
• Experience managing or partnering with MSSPs or outsourced SOC providers

• Experience with cloud security (AWS preferred)

• Familiarity with MITRE ATT&CK framework and detection engineering practices

• Relevant certifications (e.g., CISSP, GCIA, GCIH, CISM)

What Success Looks Like:
• Security incidents are detected and responded to quickly and effectively

• Vulnerabilities are remediated within defined SLAs

• Alert quality improves and false positives decrease over time

• Security operations processes are efficient, scalable, and well-documented

• Stakeholders have clear visibility into operational security risk

• Security controls are operating effectively with minimal audit findings

Best Egg celebrates diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better we will grow.

Employee Benefits
Best Egg offers many additional benefits for our employees, including (but not limited to):
· Pre-tax and post-tax retirement savings plans with a competitive company matching
program
· Generous paid time-off plans including vacation, personal/sick time, paid short--
term and long-term disability leaves, paid parental leave, and paid company
holidays
· Multiple health care plans to choose from, including dental and vision options
· Flexible Spending Plans for Health Care, Dependent Care, and Health
Reimbursement Accounts
· Company-paid benefits such as life insurance, wellness platforms, employee
assistance programs, and Health Advocate programs
· Other great discounted benefits include identity theft protection, pet insurance,
fitness center reimbursements, and many more!