Director, Security Operations

About LastPass

LastPass delivers Secure Access Essentials, helping individuals and organizations manage and protect access to AI, applications, and credentials straight from the browser. Trusted by more than 100,000 businesses and millions of users worldwide, LastPass blends strong security with everyday simplicity. From discovering unapproved AI and applications to reducing login friction and securing credentials across the business, LastPass helps teams and individuals stay productive, minimize risk, and remain prepared as their environments evolve.

Director, Security Operations

In this role, you will own the strategy, operations, and continuous evolution of LastPass's Security Operations. You will set the direction for how LastPass detects, responds to, and recovers from security incidents - translating threat intelligence into a mature, high-performing program that shapes the company's security posture and protects customer trust.

About the team

The Security Operations team is the frontline of LastPass's security - responsible for detecting threats, leading investigations, and driving incident response across the full technology estate. We are a globally distributed team combining deep technical expertise with a strong culture of collaboration, continuous improvement, and AI-assisted tooling to operate at speed and scale.

Who will you work with?

As Director of Security Operations, you will partner closely with the CISO, Platform and Software Engineering, Cloud Security, Cyber Defence team, GRC, Legal, and Communications teams. Externally, you will engage with vendors, threat intelligence partners, industry CERTs, and law enforcement as needed. You will also manage and develop a team of experienced Response Analysts.

What are some of the exciting challenges you will be working on?

• Own and drive the strategy, roadmap, and maturation of LastPass's Security Operations function - translating the threat landscape into a multi-year program plan that scales with the business
• Lead all response operations across the full incident lifecycle, from detection and triage through containment, eradication, recovery, and post-incident review
• Build, develop, and retain a high-performing team of analysts and engineers - setting clear performance expectations, career development pathways, and a culture of operational excellence
• Partner with the CISO, Legal, and Communications to manage high-severity incidents, coordinating executive response and fulfilling regulatory notification obligations
• Define and own detection and response program metrics, SLAs, and reporting frameworks - providing the CISO and board with clear, evidence-based visibility into program maturity and risk posture
• Champion the integration of AI-assisted triage, automation pipelines, and Detection-as-Code methodologies to reduce analyst toil and drive down mean-time-to-respond
• Establish and maintain strategic relationships with external partners - including threat intelligence vendors, law enforcement, and industry information-sharing groups — to strengthen LastPass's situational awareness