Responsibilities
- Establish the foundation for a Security Operations Center, defining its scope, operational framework, responsibilities, escalation procedures, and performance indicators.
- Lead the strategy and execution of SIEM systems, covering log source prioritization, data integrity, detection rules, alert management, and sustainable operations.
- Design threat-based detection mechanisms across cloud platforms, applications, identity systems, endpoints, CI/CD pipelines, and underlying infrastructure.
- Develop, maintain, and refine incident response procedures, triage methods, investigative workflows, and post-incident review processes.
- Direct security investigations and orchestrate incident responses in collaboration with engineering, platform, IT, legal, privacy, and communications teams.
- Define metrics and methodologies to assess detection and response maturity, including coverage, alert accuracy, false positive rates, and mean time to detect and respond.
- Assess and guide the use of security tools and external partners to improve speed and operational resilience.
- Convert insights from vehicle systems, application security, and cloud environments into actionable detection, logging, and response strategies.
- Support team development through mentorship, promote security best practices, and help shape the future structure of the detection and response function.
Responsibilities
- Establish the foundation for a Security Operations Center, defining its scope, operational framework, responsibilities, escalation procedures, and performance indicators.
- Lead the strategy and execution of SIEM systems, covering log source prioritization, data integrity, detection rules, alert management, and sustainable operations.
- Design threat-based detection mechanisms across cloud platforms, applications, identity systems, endpoints, CI/CD pipelines, and underlying infrastructure.
- Develop, maintain, and refine incident response procedures, triage methods, investigative workflows, and post-incident review processes.
- Direct security investigations and orchestrate incident responses in collaboration with engineering, platform, IT, legal, privacy, and communications teams.
- Define metrics and methodologies to assess detection and response maturity, including coverage, alert accuracy, false positive rates, and mean time to detect and respond.
- Assess and guide the use of security tools and external partners to improve speed and operational resilience.
- Convert insights from vehicle systems, application security, and cloud environments into actionable detection, logging, and response strategies.
- Support team development through mentorship, promote security best practices, and help shape the future structure of the detection and response function.
Other
- Applicants from varied backgrounds are encouraged to apply, even if they do not fulfill all listed qualifications.
- Candidates who are enthusiastic about the position and the organization’s mission are strongly encouraged to reach out.