Culture & Careers

About Vancord

Founded in 2004, Vancord is a full-service Managed Service and Cyber Security Provider headquartered in the Northeastern United States. Vancord successfully combines the power of execution, strategy, and partnership to deliver multi-faceted Information Technology and Cyber Security services to our valued customers. We build strong partnerships with startups, manufacturers, higher education, state and municipal governments, and other diverse organizations.

Who we look for

Vancord seeks talented, engaging candidates to expand its virtual Information Security Office (vISO). This service helps organizations large and small to mature their information security program and preparedness by functioning as a virtual Information Security Officer or advising customer staff in that position. We are eager to expand our team with individuals who can provide astute, actionable security guidance for the diverse organizations that make up the Vancord customer base.

In contrast to virtual CISO offerings of our competitors, the vISO service is delivered as a team. Most engagements embed Vancord to develop strategy in partnership with customer executives or directors. Candidates for this position will serve as the primary customer contact, responsible for developing a trusted relationship, delivering expert guidance, liaising with other customer staff/departments, and executing or coordinating identified work.

Some discussions are more operations focused, covering deeply technical subjects to analyze specific issues and provide tactical guidance. Candidates must be able to straddle this line with ease, dynamically adapting to the appropriate audience and acting as a translator across customer teams for organizational security needs.

Vancord specifically seeks individuals who can demonstrate excellent communication skills. Candidates must adapt guidance in the moment to the audience, consider organizational culture and team dynamics, understand and navigate organizational power structures.

Common responsibilities include:

• Development, refinement, and sustainment of an information security program
• Executive level reporting to convey security initiatives, compliance status, and organizational needs
• Authorship of organizational/departmental policies and procedures
• Maintenance of compliance data and status of security controls
• Vendor risk review and management
• Third party attestations to represent customer security practices (e.g., for cyber liability insurance application/renewal)
• Guidance and triage assistance to evaluate security events
• Security awareness training and outreach to bolster customer staff vigilance to meet compliance obligations
• Mentorship and coaching of customer staff to elevate security acumen and familiarity
• Risk management and tracking
• Authorship of guidance for broad distribution to customer staff members

Ideal candidate characteristics and abilities:

• Current or former CISO, CIO, information security architect, virtual equivalent (e.g., vCISO), or combined work experience in mid-sized organizations
• Ability to learn and accommodate organizational culture of each customer
• CISSP, CISM, GIAC certification, or combination of work and experience
• Demonstrable familiarity with compliance landscape across areas such as NIST 800-171/800-53/CSF, CMMC, HIPAA, GLBA, data privacy
• Understanding of vulnerability measurement, triage, prioritization, and risk management
• Competence in data security governance, classification, and related safeguards
• Familiarity across multiple industries and disciplines
• Refined written communication skills
• Ability to adapt to a varied audience on the fly, including the ability to translate needs and build bridges between unrelated departments
• Professional background that includes technical engineering work
• Keen awareness that security is ever evolving and requires balance

In keeping with the team-driven approach, other applicants who work in close conjunction with similar roles are also encouraged to apply if they demonstrate competence in engaging across organization business units. Previous association with organizations in manufacturing, legal, healthcare, or higher education is a benefit for demonstrable domain knowledge.

In this role, individuals will be expected to provide objective advice rather than sell specific services. Customer needs for new projects, products, and services will be facilitated by separate sales staff.

Remote work is the norm for most engagements with Vancord’s vISO service. Occasional travel to customer sites is likely (e.g., for executive reporting, tabletop exercises, etc.).

Compensation commensurate with experience.

Job Summary:

We are seeking a versatile and experienced automation developer to join our team. The ideal candidate will specialize in building robust automation solutions across diverse platforms and APIs, streamlining operations across various departments including security, managed services, finance, sales, and more. Proficiency in Python is essential, and candidates with a background in managing and operating IT systems are preferred. Familiarity with defensive security, offensive security, or general IT practices is highly desirable.

Key Responsibilities:

• Develop, test, deploy, and maintain solutions utilizing automation tools and code across security, infrastructure, finance, sales, MSP operations, and other departments.
• Integrate automation workflows leveraging APIs from platforms such as CrowdStrike Falcon, Microsoft Defender, Elastic SIEM, and various internal and external business systems.
• Collaborate closely with our SOC, offensive security, MSP, finance, sales, and IT infrastructure teams to identify automation opportunities and implement solutions.
• Ensure that automation systems are reliable, scalable, maintainable, and properly documented.
• Continuously monitor, improve, and troubleshoot automated processes.
• Contribute to operational efficiency improvements, innovation, and strategic automation initiatives across the entire business.
• Provide technical support, training, and guidance to colleagues in automation solutions.

Qualifications:

• Experience designing, building, and managing automation workflows.
• Strong Python programming skills with experience developing custom integrations and scripts.
• Familiarity with automation and orchestration platforms such as Torq, Tines, Cortex XSOAR, Swimlane, or similar.
• Experience integrating and automating multiple tools, cloud services, business applications, and APIs.
• Strong understanding of IT infrastructure, cybersecurity principles, and operational best practices.
• Strong problem-solving skills with a proactive approach to troubleshooting and continuous improvement.
• Experience identifying and integrating AI or machine learning solutions to enhance business processes.
• Experience implementing Infrastructure-as-Code or other X as Code solutions using tools like Terraform, as well as familiarity with structured data formats like YAML or JSON

Preferred Qualifications:

• Familiarity with SIEM and log management platforms such as Elastic, Sentinel, Splunk, or similar tools.
• Experience with cloud security and infrastructure automation in Azure and AWS.
• Experience or certifications in offensive security, penetration testing, cloud security, managed detection and response, or related fields.
• Ability to provide examples of past projects or code samples demonstrating relevant experience.

Join Vancord:

If you are passionate about automation, cybersecurity, and innovation, and thrive in a collaborative and dynamic environment, we’d like to hear from you. Apply today to join a team dedicated to significantly enhancing security operations and business efficiency.

Job Summary:

Vancord is seeking a Senior Security Engineer to serve as our SOC Lead. This is primarily a leadership position within the Security Operations Center; in addition, it is a role that safeguards our customers, protects our reputation, and upholds the trust that countless organizations place in Vancord every single day.

This person will balance technical depth and client success. You will guide our security analyst team, help engineer our detection strategies, shape our response posture, and represent the very best of Vancord’s operational security excellence.

Key Responsibilities

• Operations & Technical Execution
  • Lead, mentor, and uplift a team of SOC analysts whose work directly protects customers.
  • Serve as the senior escalation point for complex investigations, high-severity incidents, and real-time decision making.
  • Develop training, playbooks, and performance goals to ensure analysts thrive.
  • Refine and maintain detection and response workflows in tools such as Elastic Security, Microsoft Defender XDR, Microsoft Sentinel, CrowdStrike Falcon, and Torq (SOAR).
  • Design and maintain the telemetry pipelines, normalization workflows, and automation triggers that power our SOC.
  • Be a mentor to the analyst group.
• Customer Success & Relationship Management
  • Serve as a point of contact for escalations and customer communications during major incidents. Excellent customer relations & communication skills are a must.
  • Partner with the strategic consulting team and customer success teams to ensure client needs are met and exceeded.
  • Represent the SOC internally and externally, championing best practices, emerging threats, and the importance of strong telemetry hygiene.
  • Present SOC metrics, incident summaries, and operational improvements to customers in a clear, executive-ready format.
• Strategic Contributions
  • Contribute to SOC2 compliance and internal process maturity.
  • Provide feedback to Product and Engineering teams to improve Vancord’s Vantage MDR.
  • Stay ahead of emerging threats, industry best practices, and technology evolutions.

Required Qualifications

• 5+ years of experience in a SOC, Incident Response, or security observability environment.
• 3+ years of senior-level technical experience guiding analysts, leading investigations, or operating as a technical lead.
• Strong knowledge of SIEM, EDR, SOAR, and security telemetry (Elastic, Sentinel, Defender, CrowdStrike, SentinelOne, etc.).
• Demonstrated ability to lead and mentor technical teams.
• Strong communication skills, with the ability to present to executives and customers under pressure.
• Experience building runbooks, playbooks, or process documentation.
• Experience managing vulnerabilities, threat intelligence, and emerging threats.
• Experience using programming languages such as Python to automate security tasks.
• A strong understanding of data pipelines, normalization, and security observability.

Preferred Qualifications

• Advanced Detection & Telemetry Engineering: Expertise designing large-scale detection architectures, authoring advanced correlation logic, building ECS-aligned pipelines, and operating SIEM/EDR platforms such as Elastic, Defender, Sentinel, and CrowdStrike.
• Automation & Tooling Mastery: Proven ability to engineer SOC automation through SOAR platforms and Python-based tooling, including enrichment pipelines, ETL workflows, and data-stream integrations that measurably reduce manual workload and MTTR.
• Threat Intelligence, Threat Hunting & Incident Command: Deep experience conducting structured hunts, developing threat intelligence-driven detections, and leading major incident response events with clear executive communication and real-time decision making.
• Security Architecture & MSSP/MDR Experience: Strong understanding of cloud, endpoint, and identity telemetry; experience operating in high-velocity MSSP/MDR environments; and familiarity with SOC2/ISO/NIST frameworks, customer communications, and operational maturity programs.