Cybersecurity Lead

qode.world

Cybersecurity Lead at Incedo leading blue team operations and incident response. Overseeing cybersecurity detection tools and coordinating red team simulations.

Posted 6/10/2026full-timeCalifornia • California • 🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies

AWSAzureCloudCyber SecurityGoogle Cloud PlatformPythonSplunk

About the role

Key responsibilities & impact

Lead and oversee the management, configuration, and tuning of security detection and response platforms, including:
- SIEM (e.g., Splunk, PANW, or Azure Sentinel)
- EDR/XDR (e.g., CrowdStrike, SentinelOne, Microsoft Defender)
- SOAR automation platforms
- Network IDS/IPS, NDR, and threat intelligence platforms (TIPs)
Ensure all detection tools are integrated for end-to-end visibility across endpoints, cloud environments, and production systems
Define standards for log collection, parsing, and correlation to enhance alert accuracy and reduce false positives
Drive continuous tuning of detection rules, signatures, and use cases to align with MITRE ATT&CK and emerging threats
Collaborate with IT and Engineering teams to ensure security telemetry is fully integrated into cloud and CI/CD environments
Oversee threat hunting, alert triage, and incident response playbook execution across the security stack
Partner with DevOps and infrastructure teams to embed security monitoring hooks into hybrid environments and new deployments
Design and conduct controlled adversary emulation exercises to test detection and response capabilities
Execute attack chains including phishing, privilege escalation, persistence, and lateral movement using real-world TTPs
Develop and maintain custom adversary scripts and payloads to simulate targeted threats
Lead or co-lead major incident response efforts, coordinating containment, investigation, and recovery
Build and maintain detailed incident response runbooks, integrating lessons learned from purple team exercises
Conduct root cause analysis and lead retrospectives that drive measurable improvements in detection and resilience
Integrate threat intelligence and forensic insights into detection content and defensive playbooks.
Plan and execute adversarial simulations that validate threat detection, alert fidelity, and incident response readiness

Requirements

What you’ll need

Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
8+ years of cybersecurity experience, with proven leadership across Blue, Red, or Purple Team operations
Demonstrated ownership of enterprise security detection tools, including SIEM, EDR/XDR, SOAR, and threat intel platforms
Strong understanding of MITRE ATT&CK, Cyber Kill Chain, and threat emulation frameworks.
Deep technical expertise in one or more of the following areas:
- Endpoint and network forensics
- Cloud security monitoring (AWS, Azure, GCP)
- Scripting and automation (Python, PowerShell, Bash)
- Security engineering in hybrid or production environments
Proven ability to lead incident response and purple team exercises from start to finish
Certifications such as OSCP, GCFA, GCIH, GPEN, GXPN, or GCTI highly desirable
Strong communication and leadership skills, with ability to engage both executive stakeholders and technical teams

Benefits

Comp & perks

🌐 Worldwide ❌ Jobs You've Hidden ⭐️ Saved Jobs ✅ Applied Jobs ✉️ Email Alerts 👤 Account qode.world Website LinkedIn All Job Openings 11 - 50 employees 🤖 Artificial Intelligence 👥 HR Tech 🎯 Recruiter Artificial Intelligence
HR Tech
Recruitment qode. world is a company that leverages artificial intelligence to revolutionize the recruiting process. Their platform allows users to find candidates by sourcing data from billions of data points worldwide and provides data-driven insights. Users can connect with candidates directly through the platform, conduct customized AI-led interviews, and get comprehensive assessments. The service also integrates easily with LinkedIn, enhancing the talent pool and facilitating direct communication with candidates listed there. Qode. world offers additional recruiting services to assist in hiring for niche or senior roles. They are praised for their effectiveness in streamlining the hiring process and delivering quick results. Cybersecurity Lead Job not on LinkedIn 🔥 1 hour ago 🏢🏡 California – Hybrid ⏰ Full Time 🟠 Senior 👮‍♂️ Cybersecurity / Security Engineer AWS Azure Cloud Cyber Security Google Cloud Platform Python Splunk Apply Now Find Hiring Managers Customize resume + cover letter Report problem ☆ Save ☑️ Mark as applied ❌ Hide 📋 Description
Lead and oversee the management, configuration, and tuning of security detection and response platforms, including:
- SIEM (e.g., Splunk, PANW, or Azure Sentinel)
- EDR/XDR (e.g., CrowdStrike, SentinelOne, Microsoft Defender)
- SOAR automation platforms
- Network IDS/IPS, NDR, and threat intelligence platforms (TIPs)
Ensure all detection tools are integrated for end-to-end visibility across endpoints, cloud environments, and production systems
Define standards for log collection, parsing, and correlation to enhance alert accuracy and reduce false positives
Drive continuous tuning of detection rules, signatures, and use cases to align with MITRE ATT&CK and emerging threats
Collaborate with IT and Engineering teams to ensure security telemetry is fully integrated into cloud and CI/CD environments
Oversee threat hunting, alert triage, and incident response playbook execution across the security stack
Partner with DevOps and infrastructure teams to embed security monitoring hooks into hybrid environments and new deployments
Design and conduct controlled adversary emulation exercises to test detection and response capabilities
Execute attack chains including phishing, privilege escalation, persistence, and lateral movement using real-world TTPs
Develop and maintain custom adversary scripts and payloads to simulate targeted threats
Lead or co-lead major incident response efforts, coordinating containment, investigation, and recovery
Build and maintain detailed incident response runbooks, integrating lessons learned from purple team exercises
Conduct root cause analysis and lead retrospectives that drive measurable improvements in detection and resilience
Integrate threat intelligence and forensic insights into detection content and defensive playbooks.
Plan and execute adversarial simulations that validate threat detection, alert fidelity, and incident response readiness 🎯 Requirements
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
8+ years of cybersecurity experience, with proven leadership across Blue, Red, or Purple Team operations
Demonstrated ownership of enterprise security detection tools, including SIEM, EDR/XDR, SOAR, and threat intel platforms
Strong understanding of MITRE ATT&CK, Cyber Kill Chain, and threat emulation frameworks.
Deep technical expertise in one or more of the following areas:
- Endpoint and network forensics
- Cloud security monitoring (AWS, Azure, GCP)
- Scripting and automation (Python, PowerShell, Bash)
- Security engineering in hybrid or production environments
Proven ability to lead incident response and purple team exercises from start to finish
Certifications such as OSCP, GCFA, GCIH, GPEN, GXPN, or GCTI highly desirable
Strong communication and leadership skills, with ability to engage both executive stakeholders and technical teams Apply Now 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score Similar Jobs Facility Security Officer 🕒 6 days ago EEOC 1001 - 5000 🏛️ Government 📋 Compliance 🌍 Social Impact Website LinkedIn All Job Openings Facility Security Officer coordinating and monitoring sensitive security programs for the DoD. Ensuring compliance with security policies and acting as a liaison with management and outside agencies. 🏢🏡 California – Hybrid 💵 $55.3k - $126k / year ⏰ Full Time 🟡 Mid-level 🟠 Senior 👮‍♂️ Cybersecurity / Security Engineer View More Security Engineer Jobs 🌐 Worldwide Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or support@remoterocketship.com Search Search Jobs by country Search jobs by city Search jobs by job title Search entry-level jobs Search junior-level jobs Search senior-level jobs Search jobs by tech stack Search jobs by contract type Search remote internships Search remote part-time jobs Remote jobs Anywhere in the World Companies Hiring Anywhere in the World Companies Hiring Sales People Anywhere in the World Companies Hiring Software Engineers Anywhere in the World Resources Advice Tips for finding remote jobs Interview questions and answers Resume examples Cover letter examples Post a job Affiliates Privacy policy Terms of service Job board SEO course AI Apply Copilot OpenClaw job finder Jobs by Country Remote jobs anywhere in the world (Worldwide remote jobs) Remote jobs United States Remote jobs Australia Remote jobs Brazil Remote jobs Canada Remote jobs France Remote jobs Ireland Remote jobs Germany Remote jobs Netherlands Remote jobs Spain Remote jobs UK Popular Jobs Remote data analyst jobs Remote customer support jobs Remote executive assistant jobs Remote marketing jobs Remote product designer jobs Remote product manager jobs Remote project manager jobs Remote recruiter jobs Remote sales jobs Remote software engineer jobs Jobs by Type Remote full-time jobs Remote part-time jobs Remote contract jobs Remote internship jobs Remote entry-level jobs Remote jobs with no experience required Remote junior jobs (1-3 years of experience) Digital nomad jobs Remote jobs with no degree required Freelance remote jobs Temporary remote jobs Remote jobs hiring now Stay at home mom jobs

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SIEMEDRXDRSOARNetwork IDSIPSNDRthreat intelligencescriptingautomation

Soft Skills

leadershipcommunicationcollaborationincident responseroot cause analysisproblem-solvingengagementteamworkadaptabilitycritical thinking

Certifications

OSCPGCFAGCIHGPENGXPNGCTI