FREE ACCESS
5,000–10,000 jobs/day

See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Security Operations Lead
ReplitSecurity Operations Lead managing global SOC functions for 24/7 detection and response capabilities. Overseeing monitoring across multi-cloud environments, collaborating with cross-functional teams.
Posted 7/10/2026full-timeFoster City • California • 🇺🇸 United StatesSenior💰 $220,000 - $325,000 per yearWebsite
Tech Stack
Tools & technologiesAWSAzureCloudGoGoogle Cloud PlatformKubernetesLinuxMacOSPythonSplunk
About the role
Key responsibilities & impact- Lead, mentor, and scale a global SOC team responsible for 24/7 monitoring, alert intake, triage, correlation, and escalation.
- Build operational rigor: processes, runbooks, SLAs, metrics, and quality standards for high-scale environments.
- Cover monitoring across:
- - Cloud infrastructure (GCP, AWS, Azure)
- - Kubernetes/GKE/EKS/AKS clusters
- - SaaS platforms (Google Workspace, GitHub, Slack, Okta, etc.)
- - Endpoints (macOS, Linux, Windows) including EDR/XDR telemetry
- - Developer platforms + CI/CD pipelines
- - AI/ML systems and model-serving workflows.
- Evaluate, adopt, and integrate AI-native SOC technologies for triaging, detection, and correlation.
- Identify opportunities to automate triage, investigations, enrichment, and reporting.
- Own the entire SIEM ecosystem—ingestion, normalization, correlation, enrichment, tuning, dashboards, and metrics.
- Develop high-fidelity detections for:
- - Cloud-native attacks
- - Identity threats and lateral movement
- - SaaS misconfigurations and privilege abuse
- - Endpoint malware/behavior anomalies
- - Insider threats and account takeover patterns.
- Lead day-to-day triage and threat analysis activities, ensuring accurate categorization and prioritization.
- Partner with Cloud Security on cloud posture and preventative controls.
- Work with Compliance/GRC to support SOC 2, ISO 27001, and audit readiness.
Requirements
What you’ll need- 7+ years of experience in Security Operations, with 3+ years in a senior or lead capacity.
- Experience leading or collaborating with 24/7 SOC environments (internal, hybrid, or MSSP).
- Strong experience with SIEM platforms (Chronicle, Splunk, Elastic, Sentinel, Panther, etc.).
- Deep understanding of:
- - Cloud security monitoring (GCP required; AWS/Azure preferred)
- - SaaS security monitoring (Okta, Google Workspace, GitHub, Slack, etc.)
- - Endpoint security telemetry (EDR/XDR tools such as CrowdStrike, SentinelOne, or Defender)
- - Kubernetes and container detection
- Hands-on detection engineering skills, event correlation, threat hunting, and log analysis.
- Familiarity with AI-based SOC platforms and LLM-driven detection/triage tools.
- Strong understanding of identity security, OAuth/OIDC, and API telemetry patterns.
- Experience with SOAR and scripting (Python, Go, Bash).
- Knowledge of MITRE ATT&CK, cloud kill chains, behavioral detections, and detection lifecycle management.
Benefits
Comp & perks- Competitive Salary & Equity
- 401(k) Program with a 4% match (*US Only*)
- Health, Dental, Vision and Life Insurance
- Short Term and Long Term Disability
- Paid Parental, Medical, Caregiver Leave
- Flexible Time Off (FTO) + Holidays
- Commuter Benefits (*In-Office Only*)
- Monthly Wellness Stipend
- Autonomous Work Environment
- In Office Set-Up Reimbursement (*In-Office Only*)
- Quarterly Team Gatherings
- In Office Amenities (*In-Office Only*)
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Security OperationsSIEM PlatformsCloud Security MonitoringEDR/XDR ToolsDetection EngineeringEvent CorrelationThreat HuntingLog AnalysisScripting (Python, Go, Bash)Identity Security
Soft Skills
MentoringCollaborationProblem-SolvingCommunication
Certifications
SOC 2ISO 27001