Director of Security Operations (US-Remote)
CDK

About Us
CDK Global is a leading provider of cloud-based software to dealerships and Original Equipment Manufacturers ("OEMs") across automotive and related industries. The Company's cloud-based, software as a service ("SaaS") platform enables dealerships to manage their end-to-end business operations including the acquisition, sale, financing, insuring, repair, and maintenance of vehicles. By automating and streamlining critical workflows, the integrated platform of modern solutions enables dealers to sell and service more vehicles by creating simple and convenient experiences for customers and improves their financial and operational performance.

The Role
The Director of Security Operations is accountable for protecting enterprise assets through 24x7 security monitoring, incident detection, and response capabilities. This leader will build and mature the security operations function, oversee a team and drive continuous improvement of detection and response capabilities across cloud and on-premises environments. This individual will establish metrics, enhance automation, and partner with business stakeholders to reduce organizational risk.

The Director of Security Operations is accountable for detecting security incidents in CDK systems through automated monitoring, response capabilities, and data-driven posture improvement. This leader will drive security automation initiatives, implement AI/ML-powered detection tools, and orchestrate automated incident response workflows to scale security operations effectively while reducing manual effort.

The role requires balancing strategic initiatives with day-to-day operational demands while ensuring compliance with industry regulations.

*This is a US-Remote based role*

Essential Functions and Key Responsibilities:
Leadership & Strategy:

• Exemplify security principles and culture
• Develop and execute the security operations strategy
• Effectively partner across security, technology, and business teams
• Lead the security operations team, manage security technology and services
• Develop effective metrics and use them to drive meaningful improvements
• Develop and provide relevant reports to executive leadership and customers

Threat and Incident Detection:

• Oversee the detection, investigation, and response to security incidents
• Develop and manage adoption of security monitoring standards and guidelines
• Drive continuous improvement in CDK's detection capability using automation, threat and anomaly detection, coverage assurance, and external threat intelligence
• Develop threat hunting and forensics practices within the team to further expand detection capabilities

Incident Response:

• Develop, exercise, test, and continuously improve the incident response plan
• Develop incident response playbooks and drive response playbook automation, regularly test playbook effectiveness and drive improvement
• Lead response to significant security incidents in accordance with the incident response plan, and effectively coordinate with internal and external parties
• Assure plans/procedures/playbooks coverage for likely security incident scenarios
• Assure 24x7x365 incident response coverage and escalation processes
• Regularly update the list of likely security incident scenarios using external threat intelligence, collaboration with internal technology teams, and other data sources

Security Posture Improvement:

• Use offensive security techniques and exercises to identify security gaps and drive remediation
• Regularly practice incident response plans and procedures in collaboration with internal and external stakeholders
• Assure that regular offensive security exercises are used to test all relevant technology platforms at CDK
• Collaborate with GRC, technology, and business teams to carry out a comprehensive risk assessment and remediation strategy

Required Qualifications and Skills:

• Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred); or an equivalent experience
• 8+ years in cybersecurity, with at least 3 years in a leadership role in security operations
• Strong background in security monitoring, automation, and incident response, preferably in a complex SaaS environment
• Experience with SIEM tools, process automation, cloud environment monitoring, IDS/IPS, firewalls, EDR solutions, MDR/MSSP providers
• Proven experience automating security operations

Salary Range: $200,000 - $230,000

CDK Global is committed to fair and equitable compensation practices. Compensation packages are based on several factors, including but not limited to skills, experience, certifications, and work location. The total compensation package for this position may also include annual performance bonus, benefits and/or other applicable incentive compensation plans.We offer Medical, dental, and vision benefits in addition to:

• Paid Time Off (PTO)
  
• 401K Matching Program
  
• Tuition Reimbursement
  

At CDK, we believe inclusion and diversity are essential in inspiring meaningful connections to our people, customers and communities. We are open, curious and encourage different views, so that everyone can be their best selves and make an impact.

CDK is an Equal Opportunity Employer committed to creating an inclusive workforce where everyone is valued. Qualified applicants will receive consideration for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, creed or religion, age, disability (including pregnancy), results of genetic testing, service in the military, veteran status or any other category protected by law.

Applicants for employment in the US must be authorized to work in the US. CDK may offer employer visa sponsorship to applicants.

---