Key skills
CloudCyber SecuritySaaSCloud SecurityWAF
About this role
Role Overview
- Configure, administer, and continuously tune security technologies to support prevention, detection, response, and recovery capabilities, including SIEM, EDR, IDS/IPS, WAF, vulnerability scanning tools, and cloud security platforms.
- Monitor security logs, alerts, and telemetry across on-premises and cloud environments; analyze anomalous activity and escalate or respond in accordance with established procedures.
- Investigate and respond to security alerts and incidents in production environments, performing threat hunting, root cause analysis, containment, eradication, and recovery activities.
- Maintain, update, and test incident response playbooks and procedures aligned with modern cybersecurity frameworks (including NIST 800-61); document lessons learned and implement improvements.
- Define, track, and report operational security metrics, including alert trends, incident volumes, response times, and control effectiveness.
- Support internal and external security audits and compliance assessments by providing operational evidence, incident documentation, and control validation artifacts.
- Support backup, recovery, and system resilience capabilities as part of information system contingency and business continuity planning.
- Collaborate cross-functionally with Engineering, IT, Cloud Operations, and Compliance teams to remediate vulnerabilities, strengthen security controls, and improve detection coverage.
- Develop and maintain clear, accurate documentation of security configurations, processes, investigations, and system changes to support knowledge sharing and operational continuity.
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, Information Security, Information Systems, or a related field (preferred).
- Certifications Security+, Network+, or equivalent (required).
- CySA+, GCIA, GCED, or equivalent (preferred).
- 3–7 years of experience in security operations, incident response, defensive security, or a related field.
- Experience coordinating and responding to security incidents in production environments.
- Experience working with SaaS or cloud-native security technologies and platforms.
- Strong understanding of security operations, incident response methodologies, and defensive security controls.
- Demonstrated ability to analyze security threats and respond effectively under time-sensitive and high-pressure conditions.
- Hands-on experience administering and supporting security technologies (SIEM, EDR, IDS/IPS, WAF, and related platforms).
- Strong analytical, problem-solving, and documentation skills.
- Ability to communicate technical findings clearly to technical and non-technical stakeholders.
Tech Stack
- Cloud
- Cyber Security
Benefits
- Comprehensive health insurance
- Dental insurance
- Vision insurance
- Flexible Time Off
- 401(k) plan