Key skills
AIAnalyticsIAMEntra IDOktaSSOSaaSLeadershipCommunicationNetwork Security
About this role
Role Overview
- Own the design, configuration, and ongoing improvement of endpoint protection and EDR tooling across the organization
- Administer and optimize zero-trust networking and identity tooling (policy design, tuning, and operational resiliency)
- Partner with IT to define and execute IAM strategy (joiner/mover/leaver, privileged access, MFA, conditional access, SSO)
- Establish operational standards (runbooks, playbooks, SLAs) for corporate security tooling and support workflows
- Leverage automation and AI-driven capabilities to reduce manual effort and improve detection, response speed, and consistency
- Lead incident response planning, execution, and post-incident reviews; drive improvements based on lessons learned
- Develop and tune detections (alerts, rules, behavioral analytics) and ensure high signal-to-noise monitoring
- Own threat intelligence collection, analysis, and internal dissemination; translate intel into actionable controls
- Coordinate cross-functional response efforts (IT, Engineering, HR, Legal, vendors) during security events
- Perform root-cause analysis for recurring security issues and drive corrective and preventative actions
- Own security training and phishing simulation programs; analyze results and improve effectiveness over time
- Serve as escalation point for internal security requests and support tickets; improve user experience of security controls
- Provide security guidance to teams to enable productivity while maintaining appropriate risk controls
- Define, track, and report KPIs that measure control effectiveness (coverage, MTTD/MTTR, phishing resilience, patch/EDR compliance)
- Communicate security posture, risks, and trends to leadership with clear recommendations and prioritized roadmaps
- Identify and deliver improvements to visibility, automation, scalability, and resilience of security operations
Requirements
- 6+ years of experience in corporate IT, security engineering, or security operations
- Hands-on expertise with endpoint protection/EDR, identity security, and network security controls in modern SaaS environments
- Strong experience with zero-trust technologies and identity platforms (e.g., Zscaler; Okta or Entra ID; conditional access/MFA/SSO)
- Demonstrated experience leading incident response activities end-to-end, including post-incident remediation and control improvements
- Experience building or maturing threat intelligence, detection engineering, and security monitoring programs
- Ability to automate operational tasks (e.g., scripting, SOAR-like workflows, API integrations) to improve scale and reliability
- Excellent communication skills, strong judgment, and a collaborative mindset; comfortable partnering cross-functionally with IT, HR, Engineering, and vendors
- Proven ability to prioritize effectively, operate with high ownership, and drive measurable improvements to security outcomes
- Bachelor’s degree in Information Security, Computer Science, Information Systems, or equivalent practical experience
- Relevant certifications are a plus (e.g., Security+, SSCP, CISSP, GIAC, vendor certifications for identity/EDR/zero-trust)
Benefits
- Comprehensive Benefits Including health, dental, and vision insurance
- A 401(k) plan with company match
- Generous paid time off to support your well-being
- Flexible Work Environment Whether remote, hybrid, or in-office