Director, Security Operations

LastPass delivers Secure Access Essentials, helping individuals and organizations manage and protect access to AI, applications, and credentials straight from the browser. Trusted by more than 100,000 businesses and millions of users worldwide, LastPass blends strong security with everyday simplicity.

LastPass is looking for a Director, Security Operations. In this role, you will own the strategy, operations, and continuous evolution of LastPass's Security Operations. You will set the direction for how LastPass detects, responds to, and recovers from security incidents - translating threat intelligence into a mature, high-performing program that shapes the company's security posture and protects customer trust.

About the team: The Security Operations team is the frontline of LastPass's security - responsible for detecting threats, leading investigations, and driving incident response across the full technology estate. We are a globally distributed team combining deep technical expertise with a strong culture of collaboration, continuous improvement, and AI-assisted tooling to operate at speed and scale.

As Director of Security Operations, you will partner closely with the CISO, Platform and Software Engineering, Cloud Security, Cyber Defence team, GRC, Legal, and Communications teams. Externally, you will engage with vendors, threat intelligence partners, industry CERTs, and law enforcement as needed. You will also manage and develop a team of experienced Response Analysts.

What are some of the exciting challenges you will be working on?

• Own and drive the strategy, roadmap, and maturation of LastPass's Security Operations function - translating the threat landscape into a multi-year program plan that scales with the business.
• Lead all response operations across the full incident lifecycle, from detection and triage through containment, eradication, recovery, and post-incident review.
• Build, develop, and retain a high-performing team of analysts and engineers - setting clear performance expectations, career development pathways, and a culture of operational excellence.
• Partner with the CISO, Legal, and Communications to manage high-severity incidents, coordinating executive response and fulfilling regulatory notification obligations.
• Define and own detection and response program metrics, SLAs, and reporting frameworks - providing the CISO and board with clear, evidence-based visibility into program maturity and risk posture.
• Champion the integration of AI-assisted triage, automation pipelines, and Detection-as-Code methodologies to reduce analyst toil and drive down mean-time-to-respond.
• Establish and maintain strategic relationships with external partners - including threat intelligence vendors, law enforcement, and industry information-sharing groups — to strengthen LastPass's situational awareness.
• Collaborate across Business Technology, Cloud Security, and Platform Engineering to ensure cohesive detection coverage and coordinated response capability across the full technology estate.

What does it take to work at LastPass?

• Proven experience in security operations, including senior leadership ownership of an incident response or cyber defense function at scale.
• Proven ability to build, lead, and develop high-performing security teams - including managing through managers - in a fast-paced, high-stakes environment.
• Advanced, hands-on knowledge of the CSIRT/SOC discipline: digital forensics, threat intelligence, malware analysis, network analysis, or incident handling across cloud-native and hybrid infrastructure.
• Expert-level command of security frameworks including MITRE ATT&CK, NIST CSF, and the SANS incident response lifecycle, with demonstrated application in real-world program design.
• Proven track record of engaging executive leadership, legal counsel, and external stakeholders during major security incidents, including regulatory and board-level communication.
• Strategic thinker who can translate complex threat landscapes into clear program priorities and communicate risk in business terms to non-technical audiences.
• Operates with calm authority under pressure - able to drive decisive, coordinated action during high-severity incidents while sustaining team morale and stakeholder confidence.
• Builds influence across organizational boundaries, driving security outcomes through cross-functional alignment without relying on positional authority.

It's great, but not required:

• Experience in the password management, identity security, or SaaS security product domain.
• Background in red team operations, adversary simulation, or threat hunting as a complement to defensive program leadership.
• Proficiency in Python or PowerShell to drive automation and accelerate detection and response workflows, or experience managing teams and programs who perform these functions.

Why LastPass?

• Market-leading password manager.
• High-growth, collaborative environment with inclusive teams.
• Remote-first culture.
• Competitive compensation.
• Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days.
• Parental leave.
• Comprehensive health coverage, including dependents.
• Home office setup support.
• LastPass Families free account for up to 5 members.
• Continuous learning and development opportunities, including an annual learning stipend to invest in your growth.
• Peer-to-peer recognition through Motivosity.
• Employee Assistance Program for well-being support.
• Remote work stipend to support your home office needs.
• Short-Term or Remote-Centric Work Arrangements for added flexibility.

Unlock your potential with us - your skills, experience, and unique perspective matter more than just checking the boxes. Apply today, and let's build the future together! We’re building an inclusive community that reflects the people of all races, genders, sexual orientations, national origins, backgrounds, and perspectives who share our world.