Lead and coordinate responses to security incidents, including ransomware, host compromise, credential and account compromise, phishing, insider threats, third-party risks, and data spillage while collaborating closely with information security leadership, business stakeholders, and the rest of the incident response team
Produce clear, accurate incident documentation and post‑incident analysis focused on root cause and measurable improvement
Participate in incident response tabletop exercises to identify gaps, enhance skills, and engage stakeholders; review technical reports from vulnerability and penetration testing assessments to identify potential exposure to future incidents
Improve Security Operations practices by contributing to the development, refinement, and maintenance of SOC procedures, playbooks, policies, and guidelines
Assess the effectiveness of security controls and technical risks across hosting environments, and communicate findings clearly to both technical and non-technical stakeholders
Own and act as a subject matter expert for one or more core security tools or platforms, ensuring data quality, reliable operation, and effective use.

Requirements

Undergraduate degree or 3 years equivalent combination of experience of education and experience in a related field
Experience investigating security alerts or incidents involving infrastructure, identity, endpoints, or applications
In-depth knowledge of cloud environments such as AWS, Azure, and/or GCP, with curiosity to deepen cloud security expertise
Experience working in security operations, incident response, or a related defensive security role (preferred)
Familiarity with SIEM platforms (Splunk preferred) and interest in using SOAR tooling such as Tines or other automation functions to improve response workflows (preferred)
Comfort analyzing logs and telemetry data to understand suspicious or unusual behavior (preferred)
Ability to assess technical and business risk and communicate findings clearly (preferred)
Strong written and verbal communication skills, with the ability to explain complex topics to a range of audiences (preferred)

Benefits

A discretionary bonus typically paid annually
Restricted Stock Units granted at time of hire
401(k) match and comprehensive employee benefits package

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident responsesecurity operationscloud securityvulnerability assessmentpenetration testinglog analysisrisk assessmentdata quality managementtechnical documentationpost-incident analysis

Soft Skills

communication skillscollaborationproblem-solvingstakeholder engagementanalytical thinkingattention to detailcuriosityadaptabilityleadershiporganizational skills