Responsibilities
- Lead investigations into security incidents, ensuring rapid containment, root cause identification, and coordination across teams.
- Offer expert direction on SIEM architecture, detection rules, and integration of security technologies including EDR, email and web gateways, and cloud security controls.
- Improve monitoring processes to enhance alert accuracy, minimize false alarms, and increase coverage across systems.
- Analyze data from logs, telemetry, threat intelligence, and past cases to detect trends, new threats, and potential business impacts.
- Formulate and implement technical and strategic recommendations that guide immediate defenses and long-term security operations.
- Enhance SOC performance through deployment of new tools, automation, AI-driven workflows, and refined response playbooks measured by clear KPIs.
- Stay ahead of evolving threats and regulatory updates that could impact organizational risk posture.
- Support team growth by sharing knowledge, demonstrating effective communication during high-pressure situations, and fostering a learning culture.
- Work closely with Technology, Legal and Privacy, Risk & Compliance teams, as well as vendors and external service providers.
- Serve as a recognized expert on technical, policy, and compliance matters within the cybersecurity domain.
- Keep certifications current and maintain expertise through participation in training, conferences, and professional education.
- Inform colleagues and leadership about new risks, industry best practices, and operational considerations.
Work Arrangement
Remote (Worldwide)
Other
- Cameras must be on during all virtual interviews.
- AI tools are not permitted to be used by the candidate during any part of the interview process.
- Offers are contingent upon a satisfactory background check which may include ID verification.
