Set technical direction for threat detection and response capabilities across SIEM, cloud-native security platforms, and adjacent security tooling.
Lead threat-model–driven detection strategy, identifying high-risk attack paths and ensuring coverage across cloud, SaaS, endpoint, and identity domains.
Design and own large-scale security automation frameworks, including enrichment, triage, suppression, and response patterns used across the organization.
Architect and evolve scalable telemetry pipelines and logging infrastructure across multi-cloud environments using Infrastructure as Code (IaC).
Serve as a senior escalation point during complex security incidents, driving deep technical analysis and guiding response strategy.
Identify systemic gaps in detection coverage, telemetry ingestion, and automation logic, and lead cross-team efforts to remediate them.
Own and maintain architectural standards, including reference architectures, data flow diagrams, and operating models for detection pipelines.
Influence and mentor engineers across security teams, raising the overall bar for detection engineering, automation, and cloud security practices.
Partner closely with infrastructure, platform, and application teams to ensure security is embedded into cloud design, IAM strategy, and network architecture.
Drive long-term improvements to cloud and infrastructure security posture through scalable detection, configuration standards, and automation.

Requirements

Bachelor’s degree in a relevant technical discipline (or equivalent practical experience)
Proven experience designing and scaling security systems, not just implementing individual detections or automations
Deep familiarity with security automation and orchestration platforms (SOAR), serverless technologies (e.g., Cloud Functions, Lambda), and API-driven integrations
Strong cloud security expertise across AWS, GCP, and/or Azure, with hands-on experience applying cloud-native detection and automation patterns
Advanced proficiency in Python or similar languages, with the ability to design maintainable tooling and debug complex distributed systems
Strong understanding of network and infrastructure security concepts (IAM, segmentation, firewalls, proxies, IDS/IPS) and how they apply at scale
Exceptional written and verbal communication skills, with a focus on technical clarity, design documentation, and decision-making artifacts
Demonstrated ability to operate in ambiguity, influence without authority, and drive initiatives that span multiple teams
Passion for security, curiosity about the threat landscape, and a mindset oriented toward building systems that scale.

Benefits

Health insurance
401K matching plan—1:1 match up to 6% of salary
Employee Stock Purchase Plan - 15% discount off purchase price of LiveRamp stock (U.S. LiveRampers)
Flexible paid time off
Paid parental leave
Comprehensive Benefits Package

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security automationorchestration platformscloud-native detectionInfrastructure as CodePythonnetwork securityIAMsegmentationfirewallsIDS/IPS

Soft Skills

written communicationverbal communicationinfluence without authorityoperating in ambiguitytechnical claritydecision-makingmentoringcollaborationcuriositypassion for security