
51 - 200 employees
Founded 2014
đ° $1.5M Series A on 2015-08
The standards for how to remotely access a piece of operational technology have changed quite a bit since 2014. Now, safely accessing equipment requires a moving target defense network, a disposable intermediate component, a zero-trust architecture, and comprehensive monitoring.
đ April 8
đşđ¸ United States â Remote
đľ $136k - $155k / year
â° Full Time
đ Senior
đĄď¸ Security Operations
Improve your chances of getting an interview by checking your resume score before you apply.

51 - 200 employees
Founded 2014
đ° $1.5M Series A on 2015-08
The standards for how to remotely access a piece of operational technology have changed quite a bit since 2014. Now, safely accessing equipment requires a moving target defense network, a disposable intermediate component, a zero-trust architecture, and comprehensive monitoring.
⢠Own the log ingestion pipeline end-to-end: identify gaps, build feeds, validate parsing, maintain coverage dashboards ⢠Close the federal logging gap and stand up commercial logging across AWS, Azure, Entra ID, and SaaS ⢠Activate and configure SecOps SOAR capabilities including Domain-Wide Delegation, marketplace integrations, and bidirectional response actions ⢠Build and maintain SOAR playbooks for major incident types such as phishing, malware, account compromise, lateral movement, and cloud-specific threats ⢠Develop and maintain operational dashboards for SOC metrics, alert volumes, MTTA/MTTR, and coverage status ⢠Manage Google SecOps RBAC ⢠Build and deploy production detection rules mapped to MITRE ATT&CK within the first year ⢠Develop custom parsers for AWS-native security services including GuardDuty, Security Hub, Inspector, WAF, CloudTrail, and VPC Flow Logs ⢠Establish a detection lifecycle including proposal, testing, deployment, tuning, and retirement ⢠Conduct quarterly detection quality reviews to measure false positive rates, coverage gaps, and rule health ⢠Develop alert threshold optimization to reduce noise and analyst fatigue ⢠Drive SentinelOne deployment across Azure VMs in commercial environments and all federal endpoints ⢠Configure and operationalize Cloud Funnel for log export into Google SecOps ⢠Build correlation rules between EDR alerts and SIEM detections ⢠Manage SentinelOne RBAC groups and policy configuration ⢠Coordinate with IT on agent deployment, health monitoring, and version management ⢠Serve as senior escalation point for SOC incidents, ensuring investigations are thorough and reports include root cause, remediation actions, credential rotation plans, and follow-up timelines ⢠Improve MTTA and MTTR through process optimization, better tooling, and analyst development ⢠Lead quarterly tabletop exercises and after-action reviews ⢠Maintain and improve incident response runbooks for all major incident categories ⢠Integrate incident response workflows with Jira Service Management for tracking and escalation ⢠Operationalize monthly scanning cadence across all environments using tools such as Nessus, AWS Inspector, and Azure Defender ⢠Define and enforce remediation SLAs by severity: Critical within 72 hours, High within 7 days, Medium within 30 days ⢠Build consolidated vulnerability dashboards in Google SecOps ⢠Track SLA compliance and report metrics to the CISO ⢠Coordinate remediation with engineering and infrastructure teams ⢠Serve as primary technical interface with MSSP partner for 24/7 SOC coverage ⢠Define and hold the MSSP accountable to SLAs, alert quality, and escalation procedures ⢠Review MSSP deliverables such as dashboards, reports, and playbooks for quality and completeness ⢠Manage the transition from the previous MSSP and ensure no coverage gaps ⢠Provide day-to-day technical direction to SOC analysts by setting priorities, assigning tasks, and reviewing work products ⢠Ensure incident response reports, playbooks, and dashboards meet quality standards before delivery to leadership or external stakeholders ⢠Drive OKR execution for SOC-related objectives including logging coverage, detection counts, incident response metrics, and vulnerability SLA compliance ⢠Identify skill gaps and development opportunities for junior analysts ⢠Establish and enforce SOC processes that are documented, repeatable, and auditable
⢠6+ years of experience in security operations, detection engineering, or SIEM/SOAR engineering ⢠Hands-on experience with Google SecOps (Chronicle) or equivalent enterprise SIEM such as Splunk, Sentinel, or QRadar, with Chronicle strongly preferred ⢠Production experience with SentinelOne, CrowdStrike, or a comparable EDR platform ⢠Deep knowledge of AWS security services including GuardDuty, Security Hub, Inspector, CloudTrail, WAF, and Config ⢠Experience building detection rules mapped to the MITRE ATT&CK framework ⢠SOAR playbook development and automation experience ⢠Demonstrated ability to lead without formal authority by setting direction for peers or junior analysts ⢠Strong incident response skills with experience writing complete reports for executive and external audiences ⢠Understanding of NIST 800-53 controls, particularly Audit, System Integrity, and Incident Response families ⢠Excellent written communication skills
⢠136K-155K base + equity and performance bonus eligible, depending on experience and location ⢠Full medical, vision, and dental insurance ⢠Generous PTO ⢠Remote-first culture with flexible hours ⢠Opportunity to protect critical infrastructure at scale ⢠Work with patented, cutting-edge security technology ⢠Direct ownership of SOC maturation ⢠Collaborative team with military, federal, and private sector expertise
Apply Nowđ March 17
Director Cybersecurity Operations leading SOC operations for a technology-driven recruitment agency. Overseeing incident response and managing security intelligence platforms while reporting to the Chief Information Security Officer.
đşđ¸ United States â Remote
đľ $180k - $240k / year
â° Full Time
đ Senior
đĄď¸ Security Operations
đ March 13
Security Engineer focusing on security automation and engineering practices at Conduent. Collaborating with cross-functional teams to enhance global cybersecurity capabilities and streamline incident response.
đşđ¸ United States â Remote
đľ $91k - $120k / year
đ° Venture Round on 2009-01
â° Full Time
đĄ Mid-level
đ Senior
đĄď¸ Security Operations
đŚ H1B Visa Sponsor
đ March 6
Senior Security Software Engineer designing and delivering secure, scalable integration services connecting the cyber ecosystem at GM. Responsible for driving architecture and mentoring developers.
đşđ¸ United States â Remote
đľ $125.2k - $158.6k / year
đ° $500M Grant on 2024-07
â° Full Time
đ Senior
đĄď¸ Security Operations
đŚ H1B Visa Sponsor
đ February 18
Senior Security Engineer at Sword Health safeguarding cloud infrastructure and applications. Ensuring robust security measures, incident response, and continuous improvement for AI-centric healthcare.
đ February 14
Senior Cybersecurity Engineer developing secure platforms and managing cloud environments. Collaborating with SecOps teams to enhance cybersecurity practices and safeguard GMâs information assets.
đşđ¸ United States â Remote
đľ $125.2k - $158.6k / year
đ° $500M Grant on 2024-07
â° Full Time
đ Senior
đĄď¸ Security Operations
đŚ H1B Visa Sponsor