Principal Cyber Defense Operations
Tasks
- Coordinate response actions for high severity events
- Define and track detection quality and accuracy metrics
- Define investigative documentation and evidence handling standards
- Determine escalation need for deep dive or activation
- Develop playbooks for new scenarios
- Ensure MITRE ATT&CK coverage for enterprise cloud and AI related techniques
- Ensure complete investigative context for escalations
- Ensure investigations meet legal HR IR requirements
- Ensure playbooks reflect response procedures
- Identify and escalate visibility gaps
- Identify automation opportunities and build automated controls
- Lead post incident detection reviews for continuous improvement
- Lead triage and validation for cloud and AI escalations
- Lead validation of escalations
- Maintain alignment with threat informed detection roadmap
- Oversee triage queues
- Perform QA reviews of investigations and triage decisions
- Provide technical coaching for analysts
- Refine detection logic and signal quality
- Review cloud detections for accuracy and coverage
- Surface detection tooling and workflow gaps
- Translate technical findings into actionable guidance
- Validate AI generated detections for accuracy and usefulness
- Validate SOAR playbooks for correctness and safety
- Validate detection fidelity across cloud and AI signals
Perks/Benefits
- 401k match
- Dependent care FSA match
- Gym and fitness reimbursement
- HSA contribution and match
- Medical, dental, and vision
- Onsite onboarding travel once per quarter
- Paid parental leave
- Remote work
- Tuition assistance
- Uncapped paid time off
- Wellness program incentives
Skills/Tech-stack
AI Driven | AI Driven Detection Models | AI-driven detection | AWS | Anomaly Detection | Azure AD | Behavioral analytics | Cloud Security | Cloud telemetry | Detection Models | Detection engineering | EDR | GCP | Identity Compromise | Incident Response | MITRE ATT&CK | Privilege escalation | SIEM | SOAR | Security operations | Threat Informed Roadmap | Threat Intelligence | Threat detection | Token Abuse
Education
N/A
Related jobs
-
Cyber Security Platform Engineer - Cyber Defense USD 97K-190KAnsible | Availability | Bash | CI/CD | Cloud FunctionsEmployee resource groups | Flexible family care | Paid Holidays | Paid time off | Paid time off for community serviceSenior-level Full TimeDearborn, MI, United States R10h ago
-
Staff Security and AI Engineer USD 239K-270KAI Security | Access Control | Agentic Workflows | Auditability | Automated testing401k match | Child care support | Donation matching | Fertility care support | Fitness and wellness subscription accessSenior-level Full TimeSan Francisco, CA (Hybrid) R18h ago
-
Director, Security & Compliance USD 190K-235KAccess Management | Endpoint Security | GRC | HIPAA | HITRUSTDental insurance | Flexible working hours | Health insurance | Hybrid work | Vision insuranceExecutive-level Full TimeHybrid - Palo Alto, CA | … R21h ago
-
Vulnerability & Exposure Management Engineer USD 152K-190KAWS | Application Security | Automation | Azure | CI/CDMid-level Full TimeRemote - United States R22h ago
-
800-53 | AWS | AWS Artifact | AWS Audit Manager | AWS Security401k plan | Flexible work location | Generous PTO | Health, dental and vision coverage | Mentorship programMid-level Full TimePhiladelphia, PA R1d ago
-
Senior Security Architect - Oklahoma USD 208K-250KApplication Security | Cloud Security | Cybersecurity | Enterprise Architecture | Network SecuritySenior-level Full TimeOklahoma R1d ago
-
Security Research Internship USD 36K-96KAnomaly Detection | Application Security | Application analysis | Exploit Development | Malware analysis401k matching | Accidental death and dismemberment insurance | Dental insurance | FSA | HSAEntry-level InternshipNew York, NY / Seattle, WA … R1d ago
-
800-171 | AWS | Access Management | Adversarial Machine Learning | Anomaly DetectionRemote workMid-level Full TimeUnited States - Remote R1d ago
-
HUD - SOC Manager USD 106K-142KConfiguration Management | Cybersecurity | Cybersecurity Tools | Cybersecurity tools management | DLPPublic Trust Clearance | Remote workMid-level Full TimeUnited States - Remote R1d ago
-
Sr. Principal IAM Security Engineer USD 153K-273KABAC | Access Management | Artifact Trust | Authorization Modeling | Build IdentitiesSenior-level Full TimeAMER - United States - California … R1d ago
-
Physical Security Architect & Practice Lead USD 117K-158KAI Threat Detection | Access Control | Alarm Monitoring | Analog Camera | Architecture drawings401k matching | Bereavement leave | Dental insurance | Disability insurance | Employee assistance programSenior-level Full TimeDenver, CO R2d ago
-
Lead Vulnerability Management Security Engineer USD 145K-155KAPI Integration | Automation | CIS Top 20 | CIS Top 20 Controls | CrowdStrikeEmployee discounts | Growth and development opportunities | Health and wellness programs | Remote work option | Time offSenior-level Full TimeUS - CA Remote Goleta, United … R3d ago
-
Cloud Security | Endpoint protection | Firewall Rules | ISO 27001 | Identity Management401k match | Digital wellness tools | Employee assistance program | Medical, dental, and vision coverage | Paid HolidaysSenior-level Full TimeRemote, United States R4d ago
-
Software Security Engineer USD 121K-176KATO Support | Cloud Security | Container Security | Continuous Security | Continuous Security IntegrationSenior-level Full TimeRemote, US R4d ago
-
Principal DevOps Engineer - Federal USD 182K-260KAWS | Auto Scaling | Blue-Green Deployment | Blue/green | CI/CDSenior-level Full TimeRemote - USA R4d ago
-
Security Engineer - Product & Production Infrastructure USD 204K-281KAWS | Amazon EKS | Application Security | Automation | Azure401k retirement plan | Accident insurance | Connectivity reimbursement | Dental insurance | Employee assistance programSenior-level Full TimeRemote - USA R4d ago
-
AI enrichment | AWS | Alert Tuning | Attacker TTPs | Automation401k matching | Home office stipend | Paid parental leave | Remote-friendly | Unlimited vacationSenior-level Full TimeUS - Remote R4d ago
-
AWS | Access Control | Access Management | Access Security | Active DirectoryContract employment | Remote work optionSenior-level Full TimePittsburgh, PA, United States R4d ago
-
Senior Security Engineer, Red Team USD 159K-235KAdversary Emulation | Command and control | Defense Evasion | Detection and Response | Endpoint Detection and Response401k matching | Basic life insurance | Commuter benefits match | Disability insurance | Family-forming assistanceSenior-level Full TimeUnited States - Remote R4d ago
-
Technical Analyst USD 110KAccess Management | Audit evidence | Authentication | Authorization | Automated Discovery401k | Dental insurance | Educational assistance | Employer Paid Long-term Disability | Employer Paid Short-term DisabilityMid-level Full TimeVA, United States R4d ago
-
SOC Security Analyst L3 USD 81K-150KActive Directory | App Security | Authentication attacks | Business email compromise | Cloud App SecurityMid-level Full TimeHybrid, Sacramento, CA R4d ago
-
Cybersecurity Services Sales Executive USD 206K-309KAccount Management | Account penetration | Asset Management | Business Development | CRM401k | Caregiver leave | Flexible work schedule | Health insurance | Paid time offExecutive-level Full TimeUnited States of America Georgia (remote) R4d ago
-
Principal AI Security Engineer USD 149K-218KAI Security | Adversarial Attacks | CI/CD | CI/CD Security | Cloud SecurityRemote workSenior-level Full TimeRemote, US R4d ago
-
Senior Principal Security Architect USD 149K-224KAWS | Access Management | Azure | CI/CD | Cloud platform401k | Dental insurance | Disability insurance | Employee stock purchase plan | Entertainment discountsSenior-level Full TimeRemote, United States R4d ago
-
Security Engineer II (Application) USD 127K-207KAWS | Application Security | Automation | Cloud Security | Development Lifecycle401k match | Cell phone stipend | Co-working Space Subsidy | Company match donation | Dental insuranceMid-level Full TimeNerdWallet US R4d ago