Own the strategy and maturity roadmap for corporate monitoring, detection engineering, and operational security metrics. Define logging standards, detection coverage expectations, and measurable performance indicators for the team.
Lead and develop Corporate Security Operations Analysts and the Corporate Threat Hunter & Detection Analyst through coaching, clear performance expectations, and structured feedback. Remove blockers, improve workflows, and ensure the team is focused on high-impact work.
Continuously improve alert quality, detection coverage, triage workflows, and operational automation. Reduce false positives, strengthen telemetry visibility across corporate SaaS and infrastructure, and ensure monitoring outputs are accurate and defensible.
Partner with Security Engineering, IT, Compliance, and leadership to ensure monitoring supports configuration baselines, vulnerability management efforts, and regulatory commitments. Provide clear, actionable insight during investigations and ongoing risk discussions.
Establish consistent operational rhythms for reporting, detection reviews, and after-action analysis. Maintain structured documentation, metric reporting, and continuous improvement processes that strengthen operational maturity over time.

Requirements

5–8+ years of experience in security operations, detection engineering, or incident response, with at least 2+ years leading analysts or technical security teams
Hands-on experience with SIEM and EDR platforms, including alert tuning, dashboard creation, and detection optimization
Demonstrated ability to improve monitoring quality by reducing false positives and increasing meaningful detection coverage
Experience defining and tracking operational metrics (e.g., MTTD, MTTR, alert fidelity, detection coverage) and presenting results to leadership
Strong understanding of enterprise logging across endpoints, identity providers, SaaS platforms, and cloud environments
Familiarity with regulated environments (e.g., CMMC 2.0, NIST 800-53, SOC 2, or similar frameworks) and the role monitoring plays in audit defensibility
Experience supporting incident investigations in coordination with internal stakeholders and external DFIR partners
Proven ability to build structured workflows, documentation standards, and repeatable operational processes
Strong communication skills with the ability to translate technical operational data into clear risk narratives
Sound judgment, steady leadership presence, and the ability to balance operational execution with long-term program improvement.

Benefits

Equity: Share in the company's success.
Flexible Work Environment: Remote work with flexible hours and unlimited PTO.
Comprehensive Health Coverage: Health, dental, vision, and life insurance.
Retirement Plan: 401(k) plan to secure your future.
Parental Leave: 8 weeks at 100% regardless of state.
Company Retreats: Annual company summit trips.
Home Office Budget: $1,000 per year for home office improvements.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security operationsdetection engineeringincident responsealert tuningdashboard creationdetection optimizationoperational metricsenterprise loggingmonitoring qualitytriage workflows

Soft Skills

leadershipcoachingcommunicationstructured feedbackproblem-solvingjudgmentworkflow improvementrisk narrative translationteam developmentcontinuous improvement

Certifications

CMMC 2.0NIST 800-53SOC 2