Design, implement, and continuously mature critical security programs, acting as the primary technical owner for Data Loss Prevention (DLP) to safeguard sensitive company data across the environment.
Engineer and optimize our Security Information and Event Management (SIEM) platform. Oversee log ingestion strategies, write complex custom detection rules, and leverage scripting (e.g., Python, PowerShell) to automate alert triage and response workflows.
Lead proactive vulnerability hunting and assessment initiatives. Continuously evaluate infrastructure weaknesses and partner closely with IT and infrastructure teams to drive and track remediation of identified risks.
Act as the primary technical responder and incident commander during security events. Perform deep-dive forensic analysis, coordinate technical investigations, and guide cross-departmental teams through containment, eradication, and post-incident reviews.
Evaluate, deploy, and maintain the operational security tech stack. Ensure tools integrate seamlessly with the existing environment, continuously tuning them to reduce false positives and maximize return on investment.
Serve as a subject matter expert and technical mentor within the broader technology organization, fostering a culture of security awareness and collaborative risk mitigation.

5+ years of dedicated experience in Cybersecurity, with at least 3 years focusing heavily on Security Engineering, Incident Response, or advanced Security Operations.
Proven track record operating successfully as a senior individual contributor, technical lead, or system architect.
Deep, hands-on expertise in engineering and tuning enterprise SIEM solutions (e.g. Sentinel), and DLP platforms (e.g. Nightfall).
Proficiency in scripting languages (such as Python, PowerShell, or Bash) specifically for security automation, data parsing, and API integrations.
Strong practical understanding of network protocols, threat actor tactics, techniques, and procedures (TTPs), and the MITRE ATT&CK framework.
Advanced, practitioner-focused industry certifications such as GCFA (GIAC Certified Forensic Analyst), GCIA (GIAC Certified Intrusion Analyst), OSCP (Offensive Security Certified Professional), or CISSP.

Security Operations Lead

Key skills