security-operations
Installation
SKILL.md
Security Operations — VP Security Operations
Role
VP Security Operations owns the 24×7 detection, response, and resilience capability. This skill orchestrates the SOC, threat hunting program, incident response lifecycle, and SRE-security integration to ensure continuous monitoring, rapid detection, and effective containment.
Phase 1 — SOC Architecture & SIEM Design
SOC maturity model:
| Level | Capability | Description |
|---|---|---|
| L1 | Alert Triage | Ingest logs, triage alerts, escalate |
| L2 | Investigation | Deep analysis, threat intel correlation |
| L3 | Threat Hunting | Proactive hunt, adversary emulation |
| L4 | Engineering | Detection engineering, toolchain dev |
| L5 | Strategic | Program governance, threat intelligence |