Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Fortive

Cyber Defense Lead – Data Security

Fortive

. Lead Americas execution of 24x7 SOC operations, including monitoring, triage, case management, shift handoffs, and escalation to ensure reliable regional coverage and consistent outcomes.

Posted 4/21/2026full-timeRaleigh • North Carolina • 🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies
Cloud

About the role

Key responsibilities & impact
  • Lead Americas execution of 24x7 SOC operations, including monitoring, triage, case management, shift handoffs, and escalation to ensure reliable regional coverage and consistent outcomes.
  • Direct incident response execution and incident management for the Americas, including containment coordination, recovery support, stakeholder communications, and post incident reviews with tracked corrective actions.
  • Serve as incident commander for assigned events, driving rapid decision making, operational tempo, and clear executive ready updates focused on business impact and risk.
  • Provide operational oversight for U.S. Government and CMMC aligned environments, including incident handling expectations, evidence collection standards, and escalation pathways that support contractual and regulatory obligations.
  • Lead DLP response operations and engineering, including alert triage, investigation workflows, escalation criteria, documentation standards, and partnership with Legal, HR, and Privacy for sensitive cases.
  • Partner with Cyber Defense Engineering to improve detection coverage and fidelity across endpoint, identity, cloud, SaaS, email, and network telemetry, including tuning to reduce false positives and increase high confidence detections.
  • Operationalize threat intelligence by translating external and internal signals into prioritized detections, hunts, response actions, and targeted advisories for technical and business stakeholders.
  • Lead threat hunting focused on both security and resilience, identifying control gaps, validating defensive assumptions, and improving readiness for high impact scenarios.
  • Participate in exposure management response with technology owners, driving risk based prioritization, remediation execution, exception handling, and transparent reporting tied to business criticality.
  • Maintain regional metrics and reporting, including time to detect, time to contain, incident trends, alert quality, exposure remediation progress, and recurring driver analysis, using insights to drive measurable improvement.
  • Train and coach staff through playbook walkthroughs, simulations, tabletop exercises, and after action reviews; reinforce disciplined execution and consistent decision making under pressure.
  • Embed security operations standard work into RBS aligned tooling and workflows (runbooks, playbooks, checklists, evidence patterns, and automation) to improve consistency, efficiency, and auditability.
  • Manage relationships with regional service providers and support third party incident response engagements when activated, including coordination, evidence handling, and lessons learned closure.

Requirements

What you’ll need
  • Bachelor’s degree recommended; equivalent experience considered.
  • 7+ years in security operations, incident response, or cyber defense roles with demonstrated leadership in operational execution.
  • Proven experience leading incident management, including coordinating responders, running incident bridges, and delivering clear, timely communications to senior stakeholders.
  • Experience supporting regulated or customer driven security requirements, including U.S. Government environments; familiarity with CMMC and NIST SP 800-171 aligned expectations is preferred.
  • Experience building and running a DLP program across a global organization.
  • Hands-on experience with DLP response workflows and handling sensitive data loss scenarios with appropriate discretion and defensible documentation.
  • Working knowledge of security detection and response across endpoint, identity, cloud, SaaS, email, and network domains, with practical understanding of how telemetry becomes actionable outcomes.
  • Experience operationalizing threat intelligence and leading threat hunting activities that produce measurable improvements (new detections, closed gaps, validated controls, improved readiness).
  • Participation in exposure or vulnerability remediation workflows with infrastructure, cloud, identity, and application teams using risk based prioritization and service level discipline.
  • Strong documentation and communication skills, including the ability to translate technical situations into business impact, risk, and clear decision points.
  • Ability to operate effectively across enterprise and OpCo environments, balancing global consistency with local context across multiple time zones and cultures.
  • Alignment with Ralliant values and the Ralliant Business System (RBS), including continuous improvement, transparency, and ownership.

Benefits

Comp & perks
  • Health insurance
  • 401(k) matching
  • Flexible work hours
  • Paid time off
  • Remote work options

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
incident responseincident managementDLP programthreat intelligencethreat huntingsecurity detectiondata loss preventionevidence collectionrisk prioritizationvulnerability remediation
Soft Skills
leadershipcommunicationdecision makingoperational oversightcoachingdocumentationcollaborationtransparencyadaptabilityproblem solving
Certifications
Bachelor's degreeCMMCNIST SP 800-171