Principal Cyber Defense Operations
Tasks
- Coordinate response actions for high severity events
- Define and track detection quality and accuracy metrics
- Define investigative documentation and evidence handling standards
- Determine escalation need for deep dive or activation
- Develop playbooks for new scenarios
- Ensure MITRE ATT&CK coverage for enterprise cloud and AI related techniques
- Ensure complete investigative context for escalations
- Ensure investigations meet legal HR IR requirements
- Ensure playbooks reflect response procedures
- Identify and escalate visibility gaps
- Identify automation opportunities and build automated controls
- Lead post incident detection reviews for continuous improvement
- Lead triage and validation for cloud and AI escalations
- Lead validation of escalations
- Maintain alignment with threat informed detection roadmap
- Oversee triage queues
- Perform QA reviews of investigations and triage decisions
- Provide technical coaching for analysts
- Refine detection logic and signal quality
- Review cloud detections for accuracy and coverage
- Surface detection tooling and workflow gaps
- Translate technical findings into actionable guidance
- Validate AI generated detections for accuracy and usefulness
- Validate SOAR playbooks for correctness and safety
- Validate detection fidelity across cloud and AI signals
Perks/Benefits
- 401k match
- Dependent care FSA match
- Gym and fitness reimbursement
- HSA contribution and match
- Medical, dental, and vision
- Onsite onboarding travel once per quarter
- Paid parental leave
- Remote work
- Tuition assistance
- Uncapped paid time off
- Wellness program incentives
Skills/Tech-stack
AI Driven | AI Driven Detection Models | AI-driven detection | AWS | Anomaly Detection | Azure AD | Behavioral analytics | Cloud Security | Cloud telemetry | Detection Models | Detection engineering | EDR | GCP | Identity Compromise | Incident Response | MITRE ATT&CK | Privilege escalation | SIEM | SOAR | Security operations | Threat Informed Roadmap | Threat Intelligence | Threat detection | Token Abuse
Education
N/A
Related jobs
-
Cyber- Security Operations Security Architect USD 102K-234KAntivirus | Browser extensions | Cloud Security | Email Whitelisting | Endpoint protection401k matching | Employee assistance program | Fertility adoption and surrogacy support | Identity protection | Legal servicesSenior-level Full TimeRemote, United States R13h ago
-
Incident Response Analyst III USD 94K-148KCause analysis | Code Automation | Detection engineering | Digital forensics | EDRSenior-level Full TimeWaltham, Massachusetts, United States R14h ago
-
Security Engineer USD 122K-162KAWS | Bash | CIS Benchmarks | CloudFormation | ComplianceContinuous learning | On-call rotation | Supportive team environmentMid-level Full TimeUSA (remote) R15h ago
-
Mid-level Full TimeUS- remote R15h ago
-
Principal Engineer - Secure by Design; AppDev/SDLC/Crypto CTO/DCMS Security Solution Architect USD 305KAI Security | Access Management | Application Security | Cloud Security | Container Security401k plan | Commuter benefits | Disability benefits | Health benefits | Life insuranceSenior-level Full Time112265-NJ-MetroPark, Iselin, United States R1d ago
-
Security Engineer USD 98K-228KAWS | Application Security | Authentication | Authorization | Burp SuiteHybrid work | Remote workMid-level Full TimeRemote (US), United States R1d ago
-
Staff Security Engineer USD 160K-200KAI Security | AWS | Application Security | Authentication | Authorization401k match | Company-sponsored events | Flexible work policy | Global workforce | Paid parkingSenior-level Full TimeAustin, Texas R2d ago
-
Senior Security Engineer, Enterprise SaaS USD 153K-186KAccess Management | Alert triage | Automation | Cloud Security | Configuration Management401k match | Counseling services | Dental insurance | Dependent Care Flexible Spending Account | Fertility benefitsSenior-level Full TimeNew York, NY or Remote R3d ago
-
Staff Cloud Security Engineer USD 197K-296KAI Risk Management Framework | AI/ML | AI/ML Security | AKS | AWS401k matching | Dental insurance | Employee discounts | Medical insurance | Paid time offSenior-level Full TimeUnited States, Remote R3d ago
-
Director, Security Operations USD 180K-230K800-53 | Advanced Analytics | Alert Tuning | Automation | Cloud SecurityExecutive-level Full TimeWork from home, VA, United States R3d ago
-
Principal Software Engineer - Integration USD 190K-260KAI Driven | AI-driven Testing | API Design | API Keys | AWS401 K | Employee assistance program | Employee discount program | Life insurance | Medical, dental & vision coverageSenior-level Full TimeUnited States - Remote R4d ago
-
Manager, Cybersecurity Fusion Center USD 144K-180KAlert Tuning | Case Development | Detection engineering | EDR | False positive reduction401k employer match | Remote-first | Unlimited paid time off | Workplace flexibilityMid-level Full TimeHome Office, United States R4d ago
-
365 Security | Active Directory | Active Directory Security | Antivirus Management | Detection and ResponseDental insurance | Free RTD pass | Health insurance | Life insurance | Long-term disabilitySenior-level Full TimeAuraria Campus, United States R4d ago
-
Senior-level Full TimeUS: USA Remote, United States R4d ago
-
VP, Chief Information Security Officer (CISO) USD 257K-322KAI Security | AI Security Operations | Access Management | Automation frameworks | CNAPP401k match | Company holidays | Dental insurance | Health insurance | Paid time offExecutive-level Full TimeUS Remote R4d ago
-
Senior Detection Engineer USD 192K-242KAWS | Azure | Cloud platform | Continuous Delivery | Continuous integrationEquity grant | Flexible work location | Remote workSenior-level Full TimeUnited States - Remote R4d ago
-
Product Security Engineering Manager USD 176K-242K800-53 | AWS | Application Security | Architecture Review | AzureMid-level Full TimeRemote - US R4d ago
-
Lead Security Engineer USD 220K-260KAudit Logging | CMEK | Cloud key management | Compliance Management | DLP401k | Flexible spending account | Health insurance | Hybrid work | Office equipment allowanceSenior-level Full TimeMountain View, California, United States R4d ago
-
Sr. Embedded Detection Analyst USD 170K-205KAI tools | Alert Correlation | Cause analysis | Data Analysis | Detection engineeringSenior-level Full TimeRemote - USA R5d ago
-
Security Analyst Support Intern USD 50K-60KCPanel | Customer support | FTP | Information security | Network Security401k match | Overtime pay | Paid HolidaysEntry-level InternshipUnited States - Remote R5d ago
-
Senior Principal, Vulnerability Management USD 145K-203KAsset tagging | Business Impact Analysis | Business impact | CIS Controls | Change Management401k employer match | Comprehensive health benefits | Educational assistance | Flexible vacation policy | Leadership development academiesSenior-level Full TimeAny city, TX, US, 99999 R5d ago
-
Cyber Software Engineer USD 57K-104KAI in Cybersecurity | Adversary simulation | Agentic AI | Architecture Search | Binary AnalysisMid-level Full Time6314 Remote/Teleworker US, United States R5d ago
-
Principal Product Security Leader USD 164K-246K800-53 | Attack Surface Analysis | Attack surface | Authentication | BluetoothSenior-level Full TimeRemote, United States R5d ago
-
Platform Professional Services Consultant (Remote) USD 95K-140KAWS | Active Directory | Alerts | Authentication | Automation Scripting401k | Competitive vacation and holidays | Employee networks | Limited travel | Paid adoption leaveMid-level Full TimeUSA TX Remote, United States R5d ago
-
Detection Engineer USD 82K-121KAWS GuardDuty | AWS Inspector | AWS Security | AWS Security Hub | AWS Security LakeRemote work option | Rotating on-call schedule | Training and continuous improvementMid-level Full TimeRemote- United States R5d ago