Job Description

Who We Are

At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.

The Role

Key Responsibilities

1. Strategic Leadership & Governance

Define, articulate, and execute the

CDC vision, mission, and transformation roadmap

, ensuring alignment with organizational and client security objectives. Drive

strategic modernization

of SOC operations, integrating

GenAI, agentic AI, and advanced automation

into detection, response, and threat analysis workflows. Lead

governance forums

with client stakeholders, including CISOs, Risk Officers, and IT Service Leadership, to align cybersecurity operations with

business risk and compliance frameworks (ISO 27001, NIST, GDPR, PCI-DSS)

. Own the

CDC's performance framework

, including key metrics such as

MTTD, MTTR, containment rate, automation coverage, and SLA adherence

. Establish and maintain a robust

RACI and operational model

, ensuring seamless collaboration across global teams and technology towers.

2. Service Delivery Oversight

Oversee

24x7x365 security operations

, spanning multiple towers --

SOC, Incident Response, Threat Hunting, Platform Engineering, and Automation

. Ensure

operational excellence

through rigorous SLA tracking, escalation management, RCA reviews, and continuous improvement initiatives. Drive

incident governance

and ensure rapid containment and remediation for high-severity incidents. Ensure coordination across L1-L3 Analysts, Incident Managers, SMEs, and Platform Owners for unified response and reporting. Foster a proactive defense culture through

threat hunting programs, purple teaming, and use case optimization

. Implement structured processes for

audit readiness, compliance adherence, and client reporting consistency

.

3. People & Capability Management

Lead a team of

100+ cybersecurity professionals

, including:


+ ~16+ L1 SOC Analysts
+ ~20+ L2 Engineers (SOC, IR, Endpoint, Network, DLP, IAM)
+ L3 SMEs (Threat Hunters, IR, Engineering, AppSec, Data Protection, DevSecOps)
+ Automation Engineers, GenAI Developers, and Content Engineers
Drive

workforce planning, succession management, and leadership development

across the CDC organization. Establish structured programs for

talent enablement, certification (SC-200, CISSP, CEH, AZ-500), and GenAI cross-skilling

. Create a culture of

continuous learning, operational discipline, and innovation

, aligned with the principles of

Kyndryl's "Operate with Intelligence" model

. Conduct

periodic competency reviews

and align resource capacity with delivery demand.

4. Technology & Platform Integration

Oversee the integration, health, and performance of core CDC platforms, including:


+

Microsoft Sentinel (SIEM)

+

Azure Logic Apps (SOAR)

+

Defender XDR Suite (EDR/NDR)

+

Security Copilot Agents (AI-assisted analysis)

+

Vulnerability Management Tools (Qualys, Tenable, etc.)

+

DLP, CASB, IAM, and AppSec tools

Ensure

end-to-end telemetry coverage

, optimized detection engineering, and cross-platform interoperability. Partner with

AI and Automation Leads

to expand use of

predictive analytics, agentic AI, and self-healing workflows

within SOC operations. Validate technology roadmaps, manage OEM escalations, and track upgrade and patch cycles in coordination with platform teams. Establish and maintain

KPIs for platform availability, use case efficacy, and automation ROI

.

5. Reporting & Stakeholder Engagement

Report to the

Account Delivery Partner Executive

and maintain strong engagement with:


+ Client CISOs, Risk Officers, and Business Security Leaders
+ Internal Service Delivery Managers (Network, Cloud, Workplace, ITSM)
+ Global Incident Managers and Operations Heads
Conduct

Monthly Business Reviews (MBRs)

and

Quarterly Business Reviews (QBRs)

, presenting insights on:


+ Threat landscape and emerging trends
+ SLA/KPI performance and improvement actions
+ Operational risks, compliance posture, and investment opportunities
Deliver

executive dashboards

via

Power BI or Kyndryl Bridge

, highlighting security effectiveness, automation gains, and strategic roadmap progress. Support

contract renewals, RFPs, and presales engagements

, demonstrating measurable value realization from CDC services.

6. Continuous Improvement & Transformation

Champion

Cyber Defense maturity model (CDMM)

and continuous improvement programs to enhance process and tool effectiveness. Drive

service optimization initiatives

to reduce manual efforts through GenAI-assisted playbooks, auto-RCA generation, and intelligent alert correlation. Establish a

Cyber Innovation Cell

within CDC to incubate use cases around AI-driven anomaly detection, automated decision-making, and self-defending infrastructure. Benchmark SOC performance against

industry best practices (Gartner, MITRE ATT&CK, ENISA)

to ensure competitive maturity. Collaborate with

engineering and architecture teams

for platform scalability, integration, and resilience.

Who You Are

Proven experience leading

large-scale Cyber Defense Centers or Managed SOC operations

with 24x7 delivery responsibility. Strong understanding of

SOC, IR, Threat Hunting, VM, and AppSec

operations and toolchains. Deep technical familiarity with

Microsoft Sentinel, Defender, Azure Logic Apps, KQL, EDR/XDR platforms, and automation pipelines

. Strategic understanding of

Zero Trust, AI/GenAI, and agentic SOC transformation models

. Demonstrated success in

client engagement, contract governance, and SLA management

. Experience with

process frameworks

(NIST 800-61, ITIL v4, ISO 27035, MITRE ATT&CK). Strong financial and operational acumen to manage

P&L, budgets, and utilization targets

.

Being You

Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.

What You Can Expect

With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.

Get Referred!

If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.