Lead and support security incident response, including triage, investigation, containment, and post-incident reviews.
Analyze and tune EDR, SIEM, and network telemetry alerts to separate false positives from real threats.
Configure and optimize detection tools, including correlation rules, detection logic, and response playbooks.
Implement and maintain identity and access controls, ensuring least-privilege and conditional access standards.
Automate recurring SecOps workflows through scripting and integrations across monitoring and response tools.

Requirements

5+ years in security operations, incident response, or SOC environments.
Strong understanding of threat detection, investigation, and response workflows.
Hands-on experience tuning EDR and SIEM platforms for effective coverage and alerting.
Ability to write detection or hunting queries (e.g., KQL, SPL, SQL-like languages).
Familiarity with IAM principles, cloud security basics, and at least one scripting language (Python, PowerShell, etc.).

Benefits

Health, Dental & Vision (Gold and Platinum with some providers plans fully covered)
Paid parental leave
Alternating day off (every other Monday)
“Off the Grid”, a two week per year paid break for all employees.
Commuter allowance
Company-paid training

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security incident responseEDRSIEMnetwork telemetrydetection toolsscriptingKQLSPLSQLidentity and access controls

Soft Skills

investigationtriagecontainmentpost-incident reviewsautomation