Reports to: Chief Security Officer

Location: Remote US

Compensation Range: $220,000 to $240,000 base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do

We are seeking a strategic leader to own the future of Detection Engineering & Threat Hunting at Huntress. As a Director, you will manage multiple sub-teams (via Managers) and serve as a trusted advisor to the Sr. Dir of Threat Detection and Response.

Your mission is to align the DE&TH function with the broader company strategy. As we scale, you will determine the structural, technological, and budgetary requirements needed to maintain superior detection efficacy. You will own the relationship with the Product organization. Ensuring that our defensive strategy evolves faster than the adversaries we protect against.

Responsibilities

• Strategy & Vision: Set the direction, strategy, and vision for the entire DE&TH function. You will define the team’s 12-18-month prioritization.
• Manage a team of Managers: You will manage at least two teams or sub-teams via other managers. Your focus is on developing their leadership capabilities, enabling them to execute effectively, and holding them accountable for the health and output of their team.
• Budgeting & Planning: Propose and own plans for budgeting, execution, and hiring. You will develop capacity models to ensure our team’s growth aligns with our overall growth, presenting these resource needs to executive leadership.
• Cross-Functional Leadership: Strategize with senior leaders across Product, Engineering, and Security. You are a key stakeholder in the company’s direction, advocating for the telemetry and architectural changes required to support future detection use cases.
• Systemic Problem Solving: Identify and surface patterns to leadership regarding root causes of problems. You anticipate future challenges and own the delivery of solutions before they become bottlenecks.
• Culture & Standards: Exemplify and hold others accountable to the management standards of the company. You are responsible for creating a diverse, inclusive, and high-performing culture across the entire function.

What You Bring To The Team

• Strategic Leadership: 5+ years of experience in cybersecurity, with significant experience managing managers. You have led large, high-priority projects that impacted the company’s direction.
• Visionary Thinking: You can look past the current quarter. You understand the “Macro” of the threat landscape and can translate that into a “Micro” plan for your teams.
• Business Acumen: You understand how a SOC fits into the business model. You can articulate the ROI of detection engineering and threat hunting to non-technical stakeholders and manage a department budget.
• Force Multiplier: You excel at empowering others. You don’t solve problems for your team; you build the structures and frameworks that allow your team to solve problems themselves while you focus on accountability and scalability.

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

ABOUT OPORTUN

Oportun (Nasdaq: OPRT) is a mission-driven financial services company that puts its members’ financial goals within reach. With intelligent borrowing, savings, and budgeting capabilities, Oportun empowers members with the confidence to build a better financial future. Since inception, Oportun has provided more than $21.3 billion in responsible and affordable credit, saved its members more than $2.5 billion in interest and fees, and helped its members set aside an average of more than $1,800 annually.

WORKING AT OPORTUN

Working at Oportun means enjoying a differentiated experience of being part of a team that fosters a diverse, equitable and inclusive culture where we all feel a sense of belonging and are encouraged to share our perspectives. This inclusive culture is directly connected to our organization’s performance and ability to fulfill our mission of delivering affordable credit to those left out of the financial mainstream. We celebrate and nurture our inclusive culture through our employee resource groups.

POSITION SUMMARY

The Information Security Governance & Awareness Senior Analyst supports and advances the organization’s information security governance and security awareness programs through policy lifecycle management, governance analysis, regulatory mapping, metrics reporting, and targeted security education initiatives.

This role is responsible for coordinating and contributing to the development, maintenance, review, approval, and publication of information security policies, standards, procedures, and related governance documentation. The Senior Analyst applies critical thinking and sound judgment to assess governance documentation against regulatory and framework requirements and helps identify potential gaps, inconsistencies, or improvement opportunities.

The ideal candidate possesses strong technical writing and analytical skills, excellent English language comprehension, attention to detail, and the ability to translate complex security and regulatory concepts into clear, actionable governance documentation and awareness communications.

This role also supports organizational security culture initiatives through audience-appropriate awareness content, phishing simulation activities, and security education support aligned to organizational risks and business objectives.

RESPONSIBILITIES

Security Governance & Policy Management

• Manage and support the lifecycle of information security policies, standards, procedures, and related governance documentation.
• Coordinate document reviews, stakeholder collaboration, approvals, renewals, attestations, and publication timelines.
• Track policy review schedules, exceptions, approvals, versioning, and governance workflow activities.
• Interpret and map regulatory and framework requirements to organizational governance documents and controls.
• Support governance alignment efforts related to:
  • PCI-DSS v4.0.1
  • NIST Cybersecurity Framework (CSF) 2.0
  • SOC 2
  • SOX
  • FTC Safeguards Rule and related FTC requirements
• Review governance documentation for clarity, consistency, completeness, enforceability, and alignment with regulatory and organizational requirements.
• Identify potential governance gaps, conflicting requirements, outdated language, or process inconsistencies and recommend improvements.
• Ensure governance documentation appropriately distinguishes between policies, standards, procedures, guidelines, and supporting controls.
• Draft, edit, and maintain governance documentation using concise, professional, and active-voice writing principles.
• Support audit, assessment, and compliance activities through governance documentation review and evidence coordination.
• Maintain governance repositories, templates, and document management systems.

Security Awareness & Education

• Support the organization’s security awareness and education initiatives for technical and non-technical audiences.
• Develop and maintain targeted awareness communications, training materials, and educational content aligned to organizational risks and emerging threats.
• Apply adult learning and communication principles to tailor awareness messaging to intended audiences and business contexts.
• Coordinate and support phishing simulation campaigns, including reporting, trend analysis, and user follow-up activities.
• Assist with measuring awareness participation, phishing resilience, and program effectiveness metrics.
• Collaborate with stakeholders to identify awareness gaps and support awareness improvement initiatives.

Metrics, Reporting & Program Support

• Develop and maintain governance and awareness program dashboards, recurring reports, and operational metrics.
• Produce reporting related to:
  • Policy lifecycle compliance
  • Review and approval timeliness
  • Governance exceptions
  • Security awareness participation
  • Phishing simulation trends
  • Governance process effectiveness
• Analyze governance and awareness trends to identify operational risks, recurring issues, or process improvement opportunities.
• Build and maintain reusable governance templates, reporting assets, and process documentation.
• Support governance committee preparation, leadership reporting, and cross-functional governance initiatives.
• Contribute to governance process improvement and operational efficiency efforts.

REQUIREMENTS

• Bachelor’s degree in Information Security, Cybersecurity, Information Systems, Risk Management, English, Communications, or related field; or equivalent practical experience.
• 3–5 years of experience in information security governance, compliance, policy management, technical writing, security awareness, or related areas.
• Strong working knowledge of security and regulatory frameworks including PCI-DSS, NIST CSF, SOC 2, SOX, and FTC requirements.
• Demonstrated ability to read, interpret, and map regulatory requirements to governance documentation and organizational controls.
• Excellent technical writing, editing, and English language comprehension skills.
• Strong critical thinking and analytical skills, including the ability to identify governance gaps, inconsistencies, or improvement opportunities.
• Strong understanding of the distinctions between policies, standards, procedures, guidelines, and controls.
• Experience developing metrics, dashboards, and recurring governance or compliance reporting.
• Familiarity with phishing simulation platforms and security awareness practices.
• Strong organizational, stakeholder coordination, and project management skills.
• Ability to manage multiple priorities and deadlines in a cross-functional environment.

Preferred Qualifications

• Experience supporting governance, risk, and compliance (GRC) programs in regulated industries.
• Understanding of adult learning principles and audience-based communication strategies.
• Experience supporting audits, assessments, and evidence collection activities.
• Familiarity with GRC platforms, workflow management tools, or document management systems.
• Experience in financial services, fintech, or highly regulated environments preferred.
• Relevant certifications such as:
  • Security+
  • CISSP
  • CISA
  • CRISC
  • PCI ISA

#LI-REMOTE

#LI-SS1

We are proud to be an Equal Opportunity Employer and consider all qualified applicants for employment opportunities without regard to race, age, color, religion, gender, national origin, disability, sexual orientation, veteran status or any other category protected by the laws or regulations in the locations where we operate.

California applicants can find a copy of Oportun’s CCPA Notice here:  https://oportun.com/privacy/california-privacy-notice/.

We will never request personal identifiable information (bank, credit card, etc.) before you are hired. We do not charge you for pre-employment fees such as background checks, training, or equipment. If you think you have been a victim of fraud by someone posing as us, please report your experience to the FBI’s Internet Crime Complaint Center (IC3).

Company Description

CREATIVITY IS OUR SUPERPOWER. It’s our heritage and it’s also our future. Because we don’t just make toys. We create innovative products and experiences that inspire fans, entertain audiences and develop children through play. Mattel is at its best when every member of our team feels respected, included, and heard—when everyone can show up as themselves and do their best work every day. We value and share an infinite range of ideas and voices that evolve and broaden our perspectives with a reach that extends into all our brands, partners, and suppliers.

Job Description

About the Role

The Security Engineer – Endpoint & Identity Threat Protection (EDR / ITP) is responsible for implementing, maintaining, and optimizing advanced endpoint detection and identity threat protection capabilities across Mattel’s global environment. This mid-level role focuses on enhancing detection accuracy, improving response efficiency, and strengthening the organization’s overall cyber defense posture. The engineer will work closely with cross-functional teams to ensure endpoint and identity protection tools are effectively integrated, monitored, and tuned to safeguard enterprise systems and data from emerging threats.

Roles and Responsibilities

• Deploy, manage, and optimize Endpoint Detection and Response (EDR) and Identity Threat Protection (ITP) platforms across Mattel’s enterprise.
• Develop and fine-tune behavioral analytics, detection logic, and response rules to identify and mitigate malicious activity targeting endpoints and identities.
• Collaborate with Security Operations and Incident Response teams to investigate, contain, and remediate threats in a timely and coordinated manner.
• Integrate EDR and ITP technologies with SIEM, SOAR, and other enterprise systems to enhance threat detection, visibility, and automation.
• Contribute to the design and implementation of endpoint and identity threat protection controls aligned with Mattel’s cybersecurity strategy.
• Partner with IT, Infrastructure, and Security Architecture teams to support endpoint hardening, secure configuration management, and policy enforcement.
• Ensure compliance of endpoint and identity controls with internal security standards and external regulatory requirements.
• Perform ongoing analysis of endpoint telemetry, identity logs, and behavioral data to identify patterns and optimize detection efficacy.
• Collaborate with engineering teams to improve agent performance, health, and interoperability across platforms and systems.
• Maintain and update operational documentation, playbooks, and standard procedures for endpoint and identity threat protection workflows.
• Participate in post-incident reviews to identify root causes, improve detection coverage, and strengthen response processes.
• Evaluate and recommend emerging endpoint and identity protection tools, techniques, and automation strategies to enhance defense capabilities.

Qualifications

Skills and Qualifications

Required:

• 3–5+ years of experience in cybersecurity engineering, focusing on endpoint and identity threat protection solutions.
• Hands-on experience managing enterprise-grade EDR and ITP platforms such as CrowdStrike, SentinelOne, Defender for Endpoint, or similar.
• Proficiency in detection engineering — developing custom detection logic, correlation rules, and behavioral analytics for endpoint and identity-based threats.
• Strong understanding of endpoint operating systems (Windows, macOS, Linux) and common adversary tactics including privilege escalation and lateral movement.
• Experience integrating endpoint and identity controls with SIEM, SOAR, and automation workflows to improve operational efficiency.
• Knowledge of identity and access management frameworks such as Azure AD, Okta, SSO, and MFA.
• Experience performing threat analysis using IOC/IOA data, event correlation, and telemetry investigation.
• Proficiency in scripting or automation (Python, PowerShell, or equivalent) for detection tuning, enrichment, or response orchestration.
• Solid understanding of endpoint policy management, application allowlisting, device control, and system hardening best practices.
• Excellent analytical and communication skills with the ability to collaborate effectively across technical and non-technical teams.

Preferred:

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
• Certifications such as ISC2 CC, GIAC GSEC, GCED, GCIA, or CompTIA CySA+.
• Experience with hybrid endpoint environments spanning on-premises, cloud, and virtual infrastructure (AWS, Azure, GCP).
• Familiarity with the MITRE ATT&CK framework for mapping detections and validating coverage.
• Hands-on experience with SOAR or automation frameworks to streamline response processes.
• Experience contributing to detection and response process improvement initiatives in global enterprises.

Shift Timings:

This position operates during 10:00 – 18:00 PST (22:30 – 06:30 IST), Monday through Friday, with emergency on-call duties as required.

Additional Information

Don’t meet every single requirement? At Mattel, we are dedicated to an inclusive workplace and a culture of belonging. If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or other roles.

How We Work:

We are a purpose driven company aiming to empower generations to explore the wonder of childhood and reach their full potential. We live up to our purpose employing the following behaviors:

• We collaborate: Being a part of Mattel means being part of one team with shared values and common goals. Every person counts and working closely together always brings better results. Partnership is our process and our collective capabilities is our superpower.
• We innovate: At Mattel we always aim to find new and better ways to create innovative products and experiences. No matter where you work in the organization, you can always make a difference and have real impact. We welcome new ideas and value new initiatives that challenge conventional thinking.
• We execute: We are a performance-driven company. We strive for excellence and are focused on pursuing best-in-class outcomes. We believe in accountability and ownership and know that our people are at their best when they are empowered to create and deliver results.

Our Approach to Flexible Work:

We embrace a flexible work model designed to empower a culture of growth, optimism, and wellbeing, where every employee can reach their full potential. Combining purposeful in-person collaboration with flexibility, our focus is to optimize performance and drive connection for moments that matter.

Who We Are:

Mattel is a leading global toy and family entertainment company and owner of one of the most iconic brand portfolios in the world. We engage consumers and fans through our franchise brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, Thomas & Friends, UNO, Masters of the Universe, Matchbox, Monster High, MEGA and Polly Pocket, as well as other popular properties that we own or license in partnership with global entertainment companies. Our offerings include toys, content, consumer products, digital and live experiences. Our products are sold in collaboration with the world’s leading retail and ecommerce companies. Since its founding in 1945, Mattel is proud to be a trusted partner in empowering generations to explore the wonder of childhood and reach their full potential.

Mattel’s award-winning workplace culture has been recognized by Forbes, Fast Company, Newsweek, Great Place to Work, TIME, and more.

Visit us at https://jobs.mattel.com/ and www.instagram.com/MattelCareers.

Mattel is an Equal Opportunity Employer where we want you to bring your authentic self to work every day. We welcome all job seekers, and all applicants will receive consideration for employment.

Videos to watch:

The Culture at Mattel

Corporate Philanthropy

Company Description

CREATIVITY IS OUR SUPERPOWER. It’s our heritage and it’s also our future. Because we don’t just make toys. We create innovative products and experiences that inspire fans, entertain audiences and develop children through play. Mattel is at its best when every member of our team feels respected, included, and heard—when everyone can show up as themselves and do their best work every day. We value and share an infinite range of ideas and voices that evolve and broaden our perspectives with a reach that extends into all our brands, partners, and suppliers.

The Team:

Job Description

About the Role

The Sr Security Engineer – Endpoint & Identity Threat Protection (EDR / ITP) is responsible for engineering, deploying, and optimizing advanced detection and response technologies that safeguard Mattel’s global enterprise. This senior technical role focuses on proactive endpoint detection, response automation, and identity threat protection, helping to strengthen the organization’s cyber defense posture. The position requires deep technical expertise across endpoint and identity protection technologies, strong collaboration skills, and a commitment to continuous improvement through automation, analytics, and security modernization initiatives.

Roles and Responsibilities

• Engineer, deploy, and maintain enterprise Endpoint Detection and Response (EDR) and Identity Threat Protection (ITP) platforms across Mattel’s environments.
• Develop, tune, and optimize behavioral analytics and detection logic to identify, prevent, and respond to malicious activity targeting endpoints and identities.
• Collaborate with Security Operations and Incident Response teams to investigate, contain, and remediate security incidents effectively and efficiently.
• Integrate EDR and ITP technologies with SIEM, SOAR, and threat intelligence platforms to improve visibility, automation, and response capabilities.
• Contribute to the architecture, implementation, and continuous enhancement of endpoint and identity threat protection strategies in alignment with Mattel’s cybersecurity goals.
• Partner with IT, Infrastructure, and Security Architecture teams to support secure configuration management, policy enforcement, and system hardening across all endpoints.
• Ensure endpoint and identity protection controls align with corporate security policies, compliance mandates, and global regulatory standards.
• Perform advanced telemetry analysis, detection validation, and post-incident investigations to improve detection fidelity and reduce false positives.
• Collaborate with Engineering, Cloud, and Infrastructure teams to ensure endpoint tools operate effectively across hybrid and cloud environments.
• Develop and maintain documentation, operational standards, and playbooks for endpoint and identity threat protection workflows.
• Participate in post-incident reviews to identify gaps, lessons learned, and opportunities to enhance security processes.
• Evaluate emerging endpoint and identity threat protection technologies and contribute to technical proof-of-concept initiatives to support security modernization.

Qualifications

Required:

• 5–7+ years of experience in cybersecurity engineering, with a focus on endpoint and identity threat protection in enterprise environments.
• Demonstrated expertise managing enterprise-grade EDR and ITP platforms such as CrowdStrike, SentinelOne, Defender for Endpoint, or similar solutions.
• Strong technical knowledge of endpoint operating systems (Windows, macOS, Linux) and adversary tactics, techniques, and procedures (TTPs).
• Experience designing and optimizing detection logic, behavioral rules, and custom correlation within EDR and identity systems.
• Proficiency in integrating endpoint and identity threat protection solutions with SIEM, SOAR, and automation platforms.
• In-depth understanding of identity and access management (IAM) frameworks such as Azure AD, Okta, SSO, and MFA.
• Experience in IOC and IOA analysis, enrichment, and use of threat intelligence for proactive defense and detection tuning.
• Hands-on experience in scripting or automation using PowerShell, Python, or equivalent languages for workflow orchestration and data enrichment.
• Strong understanding of endpoint configuration, policy management, application allowlisting, and device control.
• Excellent communication and collaboration skills with the ability to work effectively across global and cross-functional teams.

Preferred:

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
• Certifications such as GSEC, SSCP, GCED, GCIA, or CompTIA CySA+.
• Experience supporting hybrid endpoint environments across on-premises, cloud (AWS, Azure, GCP), and virtualized systems.
• Familiarity with the MITRE ATT&CK framework for mapping detections, validating coverage, and improving response maturity.
• Hands-on experience with SOAR or orchestration platforms to enhance threat detection and response workflows.
• Knowledge of modern endpoint protection trends, AI/ML-based detection models, and zero-trust security principles.

Shift Timings:

This position operates during 05:00 – 14:00 PST (17:30 – 02:30 IST), Monday through Friday, with emergency on-call duties as required.

Additional Information

Don’t meet every single requirement? At Mattel, we are dedicated to an inclusive workplace and a culture of belonging. If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or other roles.

How We Work:

We are a purpose driven company aiming to empower generations to explore the wonder of childhood and reach their full potential. We live up to our purpose employing the following behaviors:

• We collaborate: Being a part of Mattel means being part of one team with shared values and common goals. Every person counts and working closely together always brings better results. Partnership is our process and our collective capabilities is our superpower.
• We innovate: At Mattel we always aim to find new and better ways to create innovative products and experiences. No matter where you work in the organization, you can always make a difference and have real impact. We welcome new ideas and value new initiatives that challenge conventional thinking.
• We execute: We are a performance-driven company. We strive for excellence and are focused on pursuing best-in-class outcomes. We believe in accountability and ownership and know that our people are at their best when they are empowered to create and deliver results.

Our Approach to Flexible Work:

We embrace a flexible work model designed to empower a culture of growth, optimism, and wellbeing, where every employee can reach their full potential. Combining purposeful in-person collaboration with flexibility, our focus is to optimize performance and drive connection for moments that matter.

Who We Are:

Mattel is a leading global toy and family entertainment company and owner of one of the most iconic brand portfolios in the world. We engage consumers and fans through our franchise brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, Thomas & Friends, UNO, Masters of the Universe, Matchbox, Monster High, MEGA and Polly Pocket, as well as other popular properties that we own or license in partnership with global entertainment companies. Our offerings include toys, content, consumer products, digital and live experiences. Our products are sold in collaboration with the world’s leading retail and ecommerce companies. Since its founding in 1945, Mattel is proud to be a trusted partner in empowering generations to explore the wonder of childhood and reach their full potential.

Mattel’s award-winning workplace culture has been recognized by Forbes, Fast Company, Newsweek, Great Place to Work, TIME, and more.

Visit us at https://jobs.mattel.com/ and www.instagram.com/MattelCareers.

Mattel is an Equal Opportunity Employer where we want you to bring your authentic self to work every day. We welcome all job seekers, and all applicants will receive consideration for employment.

Videos to watch:

The Culture at Mattel

Corporate Philanthropy

Reports to: Chief Security Officer

Location: Remote US

Compensation Range: $220,000 to $240,000 base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do

We are seeking a strategic leader to own the future of Detection Engineering & Threat Hunting at Huntress. As a Director, you will manage multiple sub-teams (via Managers) and serve as a trusted advisor to the Sr. Dir of Threat Detection and Response.

Your mission is to align the DE&TH function with the broader company strategy. As we scale, you will determine the structural, technological, and budgetary requirements needed to maintain superior detection efficacy. You will own the relationship with the Product organization. Ensuring that our defensive strategy evolves faster than the adversaries we protect against.

Responsibilities

• Strategy & Vision: Set the direction, strategy, and vision for the entire DE&TH function. You will define the team’s 12-18-month prioritization.
• Manage a team of Managers: You will manage at least two teams or sub-teams via other managers. Your focus is on developing their leadership capabilities, enabling them to execute effectively, and holding them accountable for the health and output of their team.
• Budgeting & Planning: Propose and own plans for budgeting, execution, and hiring. You will develop capacity models to ensure our team’s growth aligns with our overall growth, presenting these resource needs to executive leadership.
• Cross-Functional Leadership: Strategize with senior leaders across Product, Engineering, and Security. You are a key stakeholder in the company’s direction, advocating for the telemetry and architectural changes required to support future detection use cases.
• Systemic Problem Solving: Identify and surface patterns to leadership regarding root causes of problems. You anticipate future challenges and own the delivery of solutions before they become bottlenecks.
• Culture & Standards: Exemplify and hold others accountable to the management standards of the company. You are responsible for creating a diverse, inclusive, and high-performing culture across the entire function.

What You Bring To The Team

• Strategic Leadership: 5+ years of experience in cybersecurity, with significant experience managing managers. You have led large, high-priority projects that impacted the company’s direction.
• Visionary Thinking: You can look past the current quarter. You understand the “Macro” of the threat landscape and can translate that into a “Micro” plan for your teams.
• Business Acumen: You understand how a SOC fits into the business model. You can articulate the ROI of detection engineering and threat hunting to non-technical stakeholders and manage a department budget.
• Force Multiplier: You excel at empowering others. You don’t solve problems for your team; you build the structures and frameworks that allow your team to solve problems themselves while you focus on accountability and scalability.

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

Hello! We're Teya. Teya is a payment and software service provider, headquartered in London serving small, local businesses across Europe.

Credit Acceptance is proud to be an award-winning company recognized both locally and nationally across multiple workplace categories.

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

This role will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. The Associate will partner closely with experienced Project Leads and be assigned specific technical segments to provide client-ready deliverables.

The role will facilitate security assessments and possibly other advanced-level Continuous Monitoring Activities within cloud-based environments. To succeed in this position, the Associate will need a strong understanding of technical system security controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls.

What You’ll Do

• Work closely with senior members to support audit preparation and document assessments against prescribed sets of criteria
• Execute, examine, interview, and test procedures in accordance with the proper control or compliance system
• Ensure cybersecurity policies are adhered to an that required controls are implemented
• Validate respective information system security plans to ensure that appropriate control requirements are met
• Take charge of identifying information sources, gathering and interpreting data, and ensuring diligent and accurate data and note capturing of customer interviews
• Pursue and corroborates conclusions derived from inquiry procedures
• Proactively drafts and documents audit planning and reporting material for peer review at appropriate milestones throughout the engagement lifecycle
• Adhere to pre-defined project timelines and communicates possible changes to the schedule or scope of work
• Understand how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each deliverable
• Provide advice to the client on various matters related to the assessment/audit and effectively requests or communicates technical requirements to a non-technical audience
• Support and maintain positive collaborative relationships with clients and stakeholders
• Maintain industry expertise by studying for and achieving industry recognized certifications

What You’ll Bring

• Strong written and verbal communication skills including the ability to explain security controls to a non-technical audience
• Strong personal initiative to appropriately manage time and meet deadlines
• High attention to detail and quality
• Computer and typing skills that permit rapid data collection and note taking
• Ability to participate and support meetings to small or large groups
• Public speaking and emerging executive presence
• Inquisitive and curious nature with the ability to effectively probe for deeper information
• Diplomatic and broad minded
• Strong technical researcher
• An introductory understanding of IT security technologies including cloud architecture and application security, firewalls, access management, and data protection
• Educational or work experience involving IT Security and/or IT Audit principles
• Bachelor’s degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in Information Systems or Business.

Bonus Points

• Experience as an IT Consultant, IT auditor, Business Analyst, or similar role
• Experience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform)
• At least one information security certification, such as CCSK or CompTIA Security+ (or willing to obtain one of these certifications)
• Amazon Web Services (AWS) Certified Cloud Practitioner

$53,000 - $92,000 a year

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

#LI-TF1

#LI-Remote

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.

What You’ll Do

• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value
• Develop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls
• Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Maintains strong depth of knowledge in one or more cybersecurity frameworks.
• Prepare, review and approve  assessment reports.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Ensures quality products and services are delivered on time.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Interfaces with clients through entire engagement, interacting with all levels of client organizations
• Establish and maintain positive collaborative relationships with clients and stakeholders
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
• Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales.
• Draft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment
• Leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements
• Assess security vulnerabilities against the appropriate security frameworks
• Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured
• Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification
• Educate and interpret compliance activities for clients
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable
• Remote work environment
• Travel 20%

What You’ll Bring

• Bachelor’s degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
• Five to ten (5-10) years of experience as a consultant within professional IT services
• Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
• Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
• Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
• Experience with virtualization or cloud technologies
• Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
• Knowledge of information security related solutions, tools, and utilities
• Excellent verbal and written skills
• Willing to travel up to 20%

Must have an active CISSP and one of the following certifications:

• Cisco Certified Network Associate Security (CCNA Security)
• Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)
• Cybersecurity Analyst (CySA+)
• GIAC Certified Incident Handler (GCIH)
• GIAC Systems and Network Auditor (GSNA)
• GIAC Certified Intrusion Analyst (GCIA)
• Certified Information Systems Auditor (CISA)
• Certified Information System Security Professional or Associate (CISSP or Associate)
• Certified Secure Software Lifecycle Professional (CSSLP)
• Certified Information Systems Security Officer (CISSO)
• CyberSec First Responder (CFR)
• CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)
• CompTIA Cloud+ (Cloud+)
• Global Industrial Cyber Security Professional (GICSP)
• Securing Cisco® Networks with Threat Detection Analysis (SCYBER)
• BCR Cyber Technical Proficiency Testing Activity

Bonus Points

• Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)

$86,000 - $148,000 a year

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.

What You’ll Do

• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value
• Develop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls
• Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Maintains strong depth of knowledge in one or more cybersecurity frameworks.
• Prepare, review and approve  assessment reports.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Ensures quality products and services are delivered on time.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Interfaces with clients through entire engagement, interacting with all levels of client organizations
• Establish and maintain positive collaborative relationships with clients and stakeholders
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
• Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales.
• Draft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment
• Leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements
• Assess security vulnerabilities against the appropriate security frameworks
• Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured
• Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification
• Educate and interpret compliance activities for clients
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable
• Remote work environment
• Travel 20%

What You’ll Bring

• Bachelor’s degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
• Five to ten (5-10) years of experience as a consultant within professional IT services
• Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
• Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
• Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
• Experience with virtualization or cloud technologies
• Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
• Knowledge of information security related solutions, tools, and utilities
• Excellent verbal and written skills
• Willing to travel up to 20%

Must have an active CISSP and one of the following certifications:

• Cisco Certified Network Associate Security (CCNA Security)
• Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)
• Cybersecurity Analyst (CySA+)
• GIAC Certified Incident Handler (GCIH)
• GIAC Systems and Network Auditor (GSNA)
• GIAC Certified Intrusion Analyst (GCIA)
• Certified Information Systems Auditor (CISA)
• Certified Information System Security Professional or Associate (CISSP or Associate)
• Certified Secure Software Lifecycle Professional (CSSLP)
• Certified Information Systems Security Officer (CISSO)
• CyberSec First Responder (CFR)
• CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)
• CompTIA Cloud+ (Cloud+)
• Global Industrial Cyber Security Professional (GICSP)
• Securing Cisco® Networks with Threat Detection Analysis (SCYBER)
• BCR Cyber Technical Proficiency Testing Activity

Bonus Points

• Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)

$86,000 - $148,000 a year

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.

What You’ll Do

• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value
• Develop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls
• Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Maintains strong depth of knowledge in one or more cybersecurity frameworks.
• Prepare, review and approve  assessment reports.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Ensures quality products and services are delivered on time.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Interfaces with clients through entire engagement, interacting with all levels of client organizations
• Establish and maintain positive collaborative relationships with clients and stakeholders
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
• Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales.
• Draft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment
• Leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements
• Assess security vulnerabilities against the appropriate security frameworks
• Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured
• Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification
• Educate and interpret compliance activities for clients
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable
• Remote work environment
• Travel 20%

What You’ll Bring

• Bachelor’s degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
• Five to ten (5-10) years of experience as a consultant within professional IT services
• Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
• Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
• Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
• Experience with virtualization or cloud technologies
• Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
• Knowledge of information security related solutions, tools, and utilities
• Excellent verbal and written skills
• Willing to travel up to 20%

Must have an active CISSP and one of the following certifications:

• Cisco Certified Network Associate Security (CCNA Security)
• Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)
• Cybersecurity Analyst (CySA+)
• GIAC Certified Incident Handler (GCIH)
• GIAC Systems and Network Auditor (GSNA)
• GIAC Certified Intrusion Analyst (GCIA)
• Certified Information Systems Auditor (CISA)
• Certified Information System Security Professional or Associate (CISSP or Associate)
• Certified Secure Software Lifecycle Professional (CSSLP)
• Certified Information Systems Security Officer (CISSO)
• CyberSec First Responder (CFR)
• CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)
• CompTIA Cloud+ (Cloud+)
• Global Industrial Cyber Security Professional (GICSP)
• Securing Cisco® Networks with Threat Detection Analysis (SCYBER)
• BCR Cyber Technical Proficiency Testing Activity

Bonus Points

• Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)

$86,000 - $148,000 a year

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About UsRed Cell Partners is an incubation firm building and investing in rapidly scalable technology-led companies that are bringing revolutionary advancements to market in three distinct practice areas: healthcare, cyber, and national security.

Figma is growing our team of passionate creatives and builders on a mission to make design accessible to all. Figma’s platform helps teams bring ideas to life—whether you’re brainstorming, creating a prototype, translating designs into code, or iterating with AI. From idea to product, Figma empowers teams to streamline workflows, move faster, and work together in real time from anywhere in the world. If you’re excited to shape the future of design and collaboration, join us!

Figma’s Security team is growing, and we’re looking for a Security Operations Manager to lead the strategy and execution of our security operations program. In this role, you’ll build and scale the systems, processes, and tooling that help protect Figma and our community. You’ll partner closely with Security Engineering, Platform Security, IT, GRC, and Legal to strengthen our detection and response capabilities, improve operational resilience, and help shape the future of our DART and SOC functions.

This is a full time role that can be held from one of our US hubs or remotely in the United States.

What you’ll do at Figma:

• Own Figma’s security monitoring and incident response program, from detection engineering through post-incident review and continuous improvement
• Build and automate security operations workflows, including alert triage, enrichment, investigation, and response actions using SOAR and custom tooling
• Develop and maintain incident response run books, escalation procedures, and communication plans for security events of varying severity
• Lead incident response preparedness initiatives, including tabletop exercises, red team engagements, and response capability assessments
• Improve the effectiveness of our SIEM and SOAR platforms by reducing noise, increasing signal fidelity, and closing detection coverage gaps
• Build and operationalize threat intelligence capabilities to identify adversary behaviors, prioritize investments, and strengthen detection and response programs
• Partner with Legal, Privacy, and Communications teams to support breach notification and regulatory response obligations during significant security incidents
• Drive security operations strategy through vendor management, operational metrics, and cross-functional initiatives spanning IAM, vulnerability management, DLP, and exposure reduction

We’d love to hear from you if you have:

• 7+ years of experience in security operations, incident response, or a related security engineering function
• Hands-on experience building and automating detection and response workflows using scripting, APIs, or security automation platforms
• Deep expertise with SIEM and SOAR technologies in a cloud-native or SaaS environment
• Demonstrated success building, scaling, or significantly improving a detection and response program
• Experience leading complex security incidents and partnering with Legal, Privacy, and business stakeholders during high-impact events

While it’s not required, it’s an added plus if you also have:

• Operated in a public company environment with SOX, ISO 27001, SOC 2, or FedRAMP requirements
• Applied AI risk management frameworks such as NIST AI RMF, OECD AI Principles, or ISO 42001
• Utilized AI-powered tools to automate security operations workflows and improve team efficiency

At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Pay Transparency Disclosure

If based in Figma’s San Francisco or New York hub offices, this role has the annual base salary range stated below.

Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information.

Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement.  Figma also offers sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales roles. Figma’s compensation and benefits are subject to change and may be modified in the future.

Annual Base Salary Range:

$185,000—$296,000 USD

At Figma we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our product and our community to flourish. Figma is an equal opportunity workplace - we are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity/expression, veteran status , or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

We will work to ensure individuals with disabilities are provided reasonable accommodation to apply for a role, participate in the interview process, perform essential job functions, and receive other benefits and privileges of employment. If you require accommodation, please reach out to accommodations-ext@figma.com. These modifications enable an individual with a disability to have an equal opportunity not only to get a job, but successfully perform their job tasks to the same extent as people without disabilities.

Examples of accommodations include but are not limited to:

• Holding interviews in an accessible location
• Enabling closed captioning on video conferencing
• Ensuring all written communication be compatible with screen readers
• Changing the mode or format of interviews

To ensure the integrity of our hiring process and facilitate a more personal connection, we require all candidates keep their cameras on during video interviews. Additionally, if hired you will be required to attend in person onboarding.

By applying for this job, the candidate acknowledges and agrees that any personal data contained in their application or supporting materials will be processed in accordance with Figma’s Candidate Privacy Notice.

Figma is growing our team of passionate creatives and builders on a mission to make design accessible to all. Figma’s platform helps teams bring ideas to life—whether you’re brainstorming, creating a prototype, translating designs into code, or iterating with AI. From idea to product, Figma empowers teams to streamline workflows, move faster, and work together in real time from anywhere in the world. If you’re excited to shape the future of design and collaboration, join us!

Figma’s GRC team helps build and maintain trust with our users, regulators, business partners, and the organizations that rely on Figma every day. We partner across the company to strengthen security, manage risk, maintain compliance, and scale the programs that support our continued growth.

We’re growing our team and looking for security, risk, and compliance professionals across several disciplines. Whether your expertise is in compliance, risk management, governance, GRC tooling, or customer trust, you’ll have the opportunity to build programs, improve processes, and help shape how Figma scales security and trust.

Roles we hire for on this team:

• Compliance Management
  • Lead compliance and certification programs across security and regulatory frameworks
  • Manage audit cycles, partner with external assessors, and drive audit readiness initiatives
  • Improve controls, processes, and evidence management practices across the organization
• Security Risk Management
  • Build and maintain risk and controls frameworks that support Figma’s security posture
  • Assess, prioritize, and communicate security risks across the business
  • Develop third-party risk management strategies and enterprise risk reporting programs
• Policy & Governance
  • Manage the lifecycle of organizational security policies, standards, and procedures
  • Drive policy awareness and stakeholder engagement across the company
  • Ensure governance practices align with regulatory requirements and business objectives
• GRC Platforms & Enablement
  • Select, implement, and optimize GRC platforms and supporting workflows
  • Scale evidence collection, reporting, and program management capabilities
  • Identify opportunities to automate and streamline GRC operations
• Customer Trust
  • Support customer trust and business enablement activities across the sales lifecycle
  • Manage security knowledge bases, customer-facing documentation, and trust publications
  • Respond to customer security inquiries, audits, and questionnaires

This is a full time role that can be held from one of our US hubs or remotely in the United States.

What you’ll do at Figma:

• Lead compliance programs across frameworks such as SOC 2, ISO 27001, FedRAMP, SOX ITGC, GDPR, and NIS2
• Manage external audits and certification activities while partnering with auditors and assessors
• Build and maintain risk and controls frameworks, including common control frameworks that support multiple certifications
• Conduct risk and gap assessments and drive remediation efforts across technical and business stakeholders
• Improve control effectiveness and operational efficiency through rationalization and process optimization
• Implement and optimize GRC platforms that scale evidence collection and program management
• Maintain security policies and governance processes that align with organizational risk objectives
• Support customer trust initiatives, including security questionnaires, audits, and customer-facing security communications

We’d love to hear from you if you have:

• 4+ years of experience in information security, compliance, risk management, or a related field
• Hands-on experience supporting security and compliance frameworks such as SOC 2, ISO 27001, FedRAMP, PCI-DSS, or SOX ITGC
• Experience leading or supporting audits and partnering with external assessors
• Demonstrated ability to conduct assessments, drive remediation efforts, and manage cross-functional initiatives
• Exceptional written and verbal communication skills across technical, business, and executive audiences
• Demonstrated ability to improve processes, manage competing priorities, and build strong cross-functional partnerships

While it’s not required, it’s an added plus if you also have:

• Operated in a public company environment with SOX ITGC requirements
• Supported FedRAMP authorization, SSP development, 3PAO coordination, or continuous monitoring activities
• Earned security or risk certifications such as CISA, CISSP, CISM, or CRISC
• Implemented or administered GRC platforms such as Vanta, Drata, or similar tools
• Scaled security, compliance, or risk programs in a high-growth environment

At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Pay Transparency Disclosure

If based in Figma’s San Francisco or New York hub offices, this role has the annual base salary range stated below.

Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information.

Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement.  Figma also offers sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales roles. Figma’s compensation and benefits are subject to change and may be modified in the future.

Annual Base Salary Range:

$153,000—$296,000 USD

At Figma we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our product and our community to flourish. Figma is an equal opportunity workplace - we are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity/expression, veteran status , or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

We will work to ensure individuals with disabilities are provided reasonable accommodation to apply for a role, participate in the interview process, perform essential job functions, and receive other benefits and privileges of employment. If you require accommodation, please reach out to accommodations-ext@figma.com. These modifications enable an individual with a disability to have an equal opportunity not only to get a job, but successfully perform their job tasks to the same extent as people without disabilities.

Examples of accommodations include but are not limited to:

• Holding interviews in an accessible location
• Enabling closed captioning on video conferencing
• Ensuring all written communication be compatible with screen readers
• Changing the mode or format of interviews

To ensure the integrity of our hiring process and facilitate a more personal connection, we require all candidates keep their cameras on during video interviews. Additionally, if hired you will be required to attend in person onboarding.

By applying for this job, the candidate acknowledges and agrees that any personal data contained in their application or supporting materials will be processed in accordance with Figma’s Candidate Privacy Notice.

Figma is growing our team of passionate creatives and builders on a mission to make design accessible to all. Figma’s platform helps teams bring ideas to life—whether you’re brainstorming, creating a prototype, translating designs into code, or iterating with AI. From idea to product, Figma empowers teams to streamline workflows, move faster, and work together in real time from anywhere in the world. If you’re excited to shape the future of design and collaboration, join us!

Figma’s Security team is growing, and we’re looking for a Security Operations Manager to lead the strategy and execution of our security operations program. In this role, you’ll build and scale the systems, processes, and tooling that help protect Figma and our community. You’ll partner closely with Security Engineering, Platform Security, IT, GRC, and Legal to strengthen our detection and response capabilities, improve operational resilience, and help shape the future of our DART and SOC functions.

This is a full time role that can be held from one of our US hubs or remotely in the United States.

What you’ll do at Figma:

• Own Figma’s security monitoring and incident response program, from detection engineering through post-incident review and continuous improvement
• Build and automate security operations workflows, including alert triage, enrichment, investigation, and response actions using SOAR and custom tooling
• Develop and maintain incident response run books, escalation procedures, and communication plans for security events of varying severity
• Lead incident response preparedness initiatives, including tabletop exercises, red team engagements, and response capability assessments
• Improve the effectiveness of our SIEM and SOAR platforms by reducing noise, increasing signal fidelity, and closing detection coverage gaps
• Build and operationalize threat intelligence capabilities to identify adversary behaviors, prioritize investments, and strengthen detection and response programs
• Partner with Legal, Privacy, and Communications teams to support breach notification and regulatory response obligations during significant security incidents
• Drive security operations strategy through vendor management, operational metrics, and cross-functional initiatives spanning IAM, vulnerability management, DLP, and exposure reduction

We’d love to hear from you if you have:

• 7+ years of experience in security operations, incident response, or a related security engineering function
• Hands-on experience building and automating detection and response workflows using scripting, APIs, or security automation platforms
• Deep expertise with SIEM and SOAR technologies in a cloud-native or SaaS environment
• Demonstrated success building, scaling, or significantly improving a detection and response program
• Experience leading complex security incidents and partnering with Legal, Privacy, and business stakeholders during high-impact events

While it’s not required, it’s an added plus if you also have:

• Operated in a public company environment with SOX, ISO 27001, SOC 2, or FedRAMP requirements
• Applied AI risk management frameworks such as NIST AI RMF, OECD AI Principles, or ISO 42001
• Utilized AI-powered tools to automate security operations workflows and improve team efficiency

At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Pay Transparency Disclosure

If based in Figma’s San Francisco or New York hub offices, this role has the annual base salary range stated below.

Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information.

Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement.  Figma also offers sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales roles. Figma’s compensation and benefits are subject to change and may be modified in the future.

Annual Base Salary Range:

$185,000—$296,000 USD

At Figma we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our product and our community to flourish. Figma is an equal opportunity workplace - we are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity/expression, veteran status , or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

We will work to ensure individuals with disabilities are provided reasonable accommodation to apply for a role, participate in the interview process, perform essential job functions, and receive other benefits and privileges of employment. If you require accommodation, please reach out to accommodations-ext@figma.com. These modifications enable an individual with a disability to have an equal opportunity not only to get a job, but successfully perform their job tasks to the same extent as people without disabilities.

Examples of accommodations include but are not limited to:

• Holding interviews in an accessible location
• Enabling closed captioning on video conferencing
• Ensuring all written communication be compatible with screen readers
• Changing the mode or format of interviews

To ensure the integrity of our hiring process and facilitate a more personal connection, we require all candidates keep their cameras on during video interviews. Additionally, if hired you will be required to attend in person onboarding.

By applying for this job, the candidate acknowledges and agrees that any personal data contained in their application or supporting materials will be processed in accordance with Figma’s Candidate Privacy Notice.

Figma is growing our team of passionate creatives and builders on a mission to make design accessible to all. Figma’s platform helps teams bring ideas to life—whether you’re brainstorming, creating a prototype, translating designs into code, or iterating with AI. From idea to product, Figma empowers teams to streamline workflows, move faster, and work together in real time from anywhere in the world. If you’re excited to shape the future of design and collaboration, join us!

Figma’s GRC team helps build and maintain trust with our users, regulators, business partners, and the organizations that rely on Figma every day. We partner across the company to strengthen security, manage risk, maintain compliance, and scale the programs that support our continued growth.

We’re growing our team and looking for security, risk, and compliance professionals across several disciplines. Whether your expertise is in compliance, risk management, governance, GRC tooling, or customer trust, you’ll have the opportunity to build programs, improve processes, and help shape how Figma scales security and trust.

Roles we hire for on this team:

• Compliance Management
  • Lead compliance and certification programs across security and regulatory frameworks
  • Manage audit cycles, partner with external assessors, and drive audit readiness initiatives
  • Improve controls, processes, and evidence management practices across the organization
• Security Risk Management
  • Build and maintain risk and controls frameworks that support Figma’s security posture
  • Assess, prioritize, and communicate security risks across the business
  • Develop third-party risk management strategies and enterprise risk reporting programs
• Policy & Governance
  • Manage the lifecycle of organizational security policies, standards, and procedures
  • Drive policy awareness and stakeholder engagement across the company
  • Ensure governance practices align with regulatory requirements and business objectives
• GRC Platforms & Enablement
  • Select, implement, and optimize GRC platforms and supporting workflows
  • Scale evidence collection, reporting, and program management capabilities
  • Identify opportunities to automate and streamline GRC operations
• Customer Trust
  • Support customer trust and business enablement activities across the sales lifecycle
  • Manage security knowledge bases, customer-facing documentation, and trust publications
  • Respond to customer security inquiries, audits, and questionnaires

This is a full time role that can be held from one of our US hubs or remotely in the United States.

What you’ll do at Figma:

• Lead compliance programs across frameworks such as SOC 2, ISO 27001, FedRAMP, SOX ITGC, GDPR, and NIS2
• Manage external audits and certification activities while partnering with auditors and assessors
• Build and maintain risk and controls frameworks, including common control frameworks that support multiple certifications
• Conduct risk and gap assessments and drive remediation efforts across technical and business stakeholders
• Improve control effectiveness and operational efficiency through rationalization and process optimization
• Implement and optimize GRC platforms that scale evidence collection and program management
• Maintain security policies and governance processes that align with organizational risk objectives
• Support customer trust initiatives, including security questionnaires, audits, and customer-facing security communications

We’d love to hear from you if you have:

• 4+ years of experience in information security, compliance, risk management, or a related field
• Hands-on experience supporting security and compliance frameworks such as SOC 2, ISO 27001, FedRAMP, PCI-DSS, or SOX ITGC
• Experience leading or supporting audits and partnering with external assessors
• Demonstrated ability to conduct assessments, drive remediation efforts, and manage cross-functional initiatives
• Exceptional written and verbal communication skills across technical, business, and executive audiences
• Demonstrated ability to improve processes, manage competing priorities, and build strong cross-functional partnerships

While it’s not required, it’s an added plus if you also have:

• Operated in a public company environment with SOX ITGC requirements
• Supported FedRAMP authorization, SSP development, 3PAO coordination, or continuous monitoring activities
• Earned security or risk certifications such as CISA, CISSP, CISM, or CRISC
• Implemented or administered GRC platforms such as Vanta, Drata, or similar tools
• Scaled security, compliance, or risk programs in a high-growth environment

At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Pay Transparency Disclosure

If based in Figma’s San Francisco or New York hub offices, this role has the annual base salary range stated below.

Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information.

Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement.  Figma also offers sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales roles. Figma’s compensation and benefits are subject to change and may be modified in the future.

Annual Base Salary Range:

$153,000—$296,000 USD

At Figma we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our product and our community to flourish. Figma is an equal opportunity workplace - we are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity/expression, veteran status , or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

We will work to ensure individuals with disabilities are provided reasonable accommodation to apply for a role, participate in the interview process, perform essential job functions, and receive other benefits and privileges of employment. If you require accommodation, please reach out to accommodations-ext@figma.com. These modifications enable an individual with a disability to have an equal opportunity not only to get a job, but successfully perform their job tasks to the same extent as people without disabilities.

Examples of accommodations include but are not limited to:

• Holding interviews in an accessible location
• Enabling closed captioning on video conferencing
• Ensuring all written communication be compatible with screen readers
• Changing the mode or format of interviews

To ensure the integrity of our hiring process and facilitate a more personal connection, we require all candidates keep their cameras on during video interviews. Additionally, if hired you will be required to attend in person onboarding.

By applying for this job, the candidate acknowledges and agrees that any personal data contained in their application or supporting materials will be processed in accordance with Figma’s Candidate Privacy Notice.

MongoDB’s Security Assurance team is on a mission to make MongoDB one of the world’s most trusted technology vendors. We are doing this in two ways. First, we provide customers with the clear, concise and accurate information about the security of our products that customers require to use our products. Second, we serve as trusted security SMEs to MongoDB’s field teams.

The InfoSec Analyst I is an independent contributor role. This role is vital to the Security Assurance team’s mission and is responsible for coordinating completion of customer due diligence reviews as well as helping MongoDB’s field personnel answer complex customer security questions.

We are looking to speak to candidates who are based in Dublin for our hybrid working model.

Responsibilities:

• Actively manage the Assurance team’s queue to ensure requests are handled promptly
• Complete customer security reviews. Help other team members complete reviews as necessary
• Help customer facing personnel respond to customer security questions
• Monitor relevant channels and answer in scope questions when possible, or escalate to more senior team members
• Proactively maintain the team’s knowledgebase
• Proactively recommend improvements in team processes and tooling to team leadership
• Share relevant and actionable customer feedback with team leadership
• Help coordinate development of customer facing response to high-profile supply chain events including critical severity CVEs that may affect MongoDB or its vendors
• Lead complex projects to help build, scale and train the team
• Serve as an internal subject matter expert on MongoDB product security topics, assurance trends, customer concerns, and emerging regulations
• Design and deliver internal enablement training on security posture and compliance topics for teams across the organization

Requirements:

• 2 to 3 years of experience in Information Security
• BS in Computer Science, Information Systems, or equivalent experience
• Direct exposure to at least one major framework or regulation such as ISO 27001, SOC2, CSA or DORA is preferred
• Basic understanding of public cloud technologies including IAM, encryption, network security and tenant isolation
• Strong communication skills, with the ability to present security concepts to technical and non-technical stakeholders up to and including at the executive levels
• Ability to coordinate and manage multiple urgent requests simultaneously while effectively collaborating with SMEs across various time zones
• A self-starter with a strong desire to grow into a trusted authority on the security of MongoDB and its products

Success in this Role Means:

• Within 3 months - Have a solid understanding of MongoDB’s product portfolio, core security posture, and the Security Assurance team’s procedures and tooling; reliably triage incoming requests; independently complete customer security reviews with guidance from more senior team members; monitor key internal channels and answer straightforward in‑scope questions
• Within 6 months - Independently own end‑to‑end completion of most standard customer security reviews; serve as a trusted partner to customer‑facing teams by helping them respond to complex security questions; make measurable contributions to the team knowledgebase and playbooks; proactively identify and help implement improvements to team processes and tooling
• Within 12 months - Be recognized as a trusted subject matter expert on MongoDB’s product portfolio, security posture and common customer concerns; complete complex projects that materially improve review quality, throughput, or customer experience; consistently surface relevant, actionable customer feedback that can influence Security roadmaps

About MongoDB

MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the data platformbase for the AI era, enabling buildersinnovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform, the most widely available, globally distributed data platformbase on the market, helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud data platformbase and is available across AWS, Google Cloud, and Microsoft Azure.

With offices worldwide and over 670,000 customers, including 75% of the Fortune 100 and AI-native startups, relying on MongoDB for their most important applications, we’re powering the next era of software.

Our compass at MongoDB is our Leadership Commitment, guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB.

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

MongoDB is an equal opportunities employer.

Req ID: 2273456141

About ProArch:

At ProArch, we partner with businesses around the world to turn big ideas into better outcomes through IT services that span cybersecurity, cloud, data, AI, and app development.

We’re 400+ team members strong across 3 countries (we call ourselves ProArchians)—and here’s what connects us all:

• A love for solving real business problems
• A belief in doing what’s right

What’s it like to work here?

• You’ll keep growing. You’ll work alongside domain experts who love to share what they know.
• You’ll be supported, heard, and trusted to make an impact.
• You’ll take on projects that touch industries, communities, and lives.
• You’ll have the time to focus on what matters most in your life outside of work.

At ProArch, you’ll be part of teams that design and deliver technology solutions solving real business challenges for our clients. With services spanning AI, Data, Application Development, Cybersecurity, Cloud & Infrastructure, and Industry Solutions, your work may involve building intelligent applications, securing business‑critical systems, or supporting cloud migrations and infrastructure modernization.

Every role here contributes to shaping outcomes for global clients and driving meaningful impact. You’ll collaborate with experts across data, AI, engineering, cloud, cybersecurity, and infrastructure—solving complex problems with creativity, precision, and purpose. You’ll join a culture rooted in technology, curiosity, and continuous learning. A place where we move fast, trust you to make an impact, encourage innovation, and support your growth.

About Position:

At ProArch, a leader in IT security consulting with presence in the US, UK, and India, we are looking for a skilled L3 SOC Analyst / Incident Response Analyst to join our Security Operations Center (SOC) team. In this critical role, you will be responsible for advanced incident detection, investigation, and response to complex cybersecurity threats. Leveraging your extensive experience and expertise, you will lead incident response activities, perform deep-dive analysis, and coordinate with cross-functional teams to mitigate risks and strengthen our security posture. If you thrive in a dynamic, fast-paced environment and are passionate about defending organizations against sophisticated cyber threats, this position is ideal for you.Role Summary

ProArch are seeking a highly skilled and technically strong L3 SOC Analyst / Incident Response Analyst to operate within a Managed Security Services Provider (MSSP) environment, supporting multiple customer environments across diverse industries.

This role is heavily focused on:

• Incident Response
• Threat Investigation
• Detection Engineering
• DFIR Operations
• SOC Automation
• Threat Hunting
• Security Platform Engineering
• Response Workflow Optimization

The ideal candidate combines strong incident response expertise, deep Microsoft security platform knowledge, hands-on detection engineering capability, and SOC automation experience within a fast-paced MSSP environment.

This is not a traditional alert-monitoring SOC Analyst role. The position requires strong investigative, analytical, and response-oriented cybersecurity capabilities.

Key Responsibilities

1. Incident Response & Threat Investigation

• Lead and support advanced security incident investigations across multiple customer environments

Perform:

• Threat triage and validation
• IOC analysis and threat correlation
• Endpoint and identity investigations
• Email security investigations
• Cloud security incident analysis
• Root cause analysis

Investigate and respond to:

• Account compromise incidents

• Business Email Compromise (BEC)

• Malware and ransomware activity

• Privilege escalation

• Lateral movement activity

• Suspicious cloud and identity-based attacks

• Advanced phishing and social engineering campaigns

• Coordinate containment, remediation, and recovery activities with customer and internal teams

• Support high-severity incident escalation handling and response coordination

• Provide detailed investigation findings, timelines, impact assessments, and response recommendations

• Conduct proactive threat hunting and threat validation activities where required

• Support digital forensics and evidence collection activities when applicable

2. Detection Engineering & SIEM Operations

Design, develop, and maintain advanced detection rules across:

• Microsoft Sentinel
• Microsoft Defender XDR

Develop and optimize:

• KQL queries
• Analytics rules
• Correlation logic
• Detection use cases

Perform:

• Detection tuning

• False positive reduction

• Behavioral baselining

• Threat-based detection improvements

• Build and maintain reusable detection content and query libraries

• Support proactive detection engineering initiatives aligned with emerging threats and attacker techniques

• Leverage threat intelligence and MITRE ATT&CK mapping to improve detection coverage

3. SOC Automation & SOAR Engineering

Design and implement SOC automation workflows using:

• Microsoft Sentinel Playbooks
• Logic Apps
• SOAR platforms
• API-driven integrations

Build workflows for:

• Alert enrichment

• Incident routing

• Automated containment actions

• Threat intelligence enrichment

• Ticket synchronization

• Investigation acceleration

• Develop scalable automation frameworks to improve SOC operational efficiency

• Support continuous optimization of SOC workflows and automation coverage

• Create automation standards and reusable workflow templates across customer environments

4. Microsoft Security Platform Operations

Provide hands-on operational support, investigation, tuning, administration, and engineering for:

• Microsoft Defender for Endpoint (MDE)
• Microsoft Defender XDR
• Microsoft Defender for Identity (MDI)
• Microsoft Defender for Office 365 (MDO)
• Microsoft Defender for Cloud Apps (MDCA)
• Microsoft Purview
• Microsoft Identity Protection / Entra ID
• Microsoft Sentinel

5. AI Security & Modern Threat Operations

Support detection and response activities related to:

• AI-orchestrated attacks

• Identity-based attacks

• Cloud-native threats

• Advanced phishing and social engineering campaigns

• Leverage AI-assisted SOC operations and automation capabilities where applicable

• Support modern detection strategies aligned with evolving attacker techniques

• Evaluate opportunities to integrate AI-driven efficiencies into detection, investigation, and response workflows

6. Client & Operational Support

• Participate in customer incident discussions and escalation calls when required

• Support onboarding of new customer environments and security integrations

• Maintain:

• Investigation playbooks

• SOPs

• Workflow documentation

• Operational runbooks

• Detection documentation

Collaborate closely with:

• SOC Operations

• Security Engineering

• Vendors

• Consulting teams

• Customer stakeholders

• Support operational improvement initiatives across SOC and DFIR functions

Required Qualifications

Education

• Bachelor’s Degree / Graduation in: Computer Science/Information Technology/Cybersecurity or related technical field is mandatory
• Relevant cybersecurity and automation-focused certifications will be considered an added advantage.

Experience

• 6-9 years of overall cybersecurity experience

Strong hands-on experience in:

• Incident Response

• Threat Investigation

• SOC Operations

• Detection Engineering

• DFIR activities

• Prior Incident Response Analyst experience is highly preferred

• Experience working within MSSP environments preferred

• Experience supporting or collaborating with US-based teams/vendors preferred

• Proven hands-on experience with SOAR platforms in enterprise or MSSP environments

• Strong experience designing and implementing SOC automation workflows from scratch

• Experience supporting enterprise Security Operations Center (SOC) environments

• Experience with detection engineering and SIEM rule development

Required Technical Skills

Security Platforms & Technologies

Strong hands-on experience with:

• Microsoft Defender for Endpoint (MDE)
• Microsoft Defender XDR
• Microsoft Defender for Identity (MDI)
• Microsoft Defender for Office 365 (MDO)
• Microsoft Defender for Cloud Apps (MDCA)
• Microsoft Purview
• Microsoft Identity Protection / Entra ID
• CrowdStrike Falcon
• Threat Intelligence platforms
• Microsoft Sentinel (Mandatory)
• Defender XDR SIEM operations (Mandatory)
• Graph API
• Datto Autotask or equivalent ticketing systems
• Email security solutions
• Endpoint Detection & Response (EDR) platforms
• Identity and authentication platforms
• Cloud security technologies
• Detection Engineering & Automation

Strong experience creating:

• Detection rules
• Analytics rules
• KQL queries
• Detection tuning and fine-tuning

Experience with:

• SOC workflow design
• SOC automation
• SOAR engineering
• API integrations
• Workflow orchestration

Understanding of:

MITRE ATT&CK

• Threat detection methodologies
• Threat hunting methodologies
• AI-driven attack techniques
• AI use cases in SOC operations

Scripting & Technical Skills

Preferred experience with:

• PowerShell
• Python
• REST APIs
• Logic Apps
• KQL (Mandatory)

Preferred Certifications

• Microsoft SC-200
• Microsoft SC-401
• Microsoft AZ-500
• Microsoft SC-900
• Microsoft SC-100
• CISSP
• Security Automation / SOAR Automation / SOAR Certifications

Soft Skills & Work Style

• Strong verbal and written communication skills with the ability to work effectively across technical and non-technical teams
• Excellent collaboration and stakeholder coordination skills across SOC Operations, Engineering, Consulting, Vendors, and Leadership teams
• Strong documentation and technical writing capabilities for investigations, workflows, SOPs, and operational procedures
• Ability to work independently in a remote-first, multicultural, and fast-paced MSSP environment
• Self-driven, proactive, and highly organized with strong ownership and accountability
• Strong analytical, troubleshooting, and problem-solving skills
• Comfortable managing multiple projects, priorities, and operational initiatives simultaneously
• Team-oriented mindset with the ability to operate effectively as an individual contributor
• Professional communication and coordination skills for working with US-based teams and vendors
• Adaptable and flexible to evolving operational and business requirements

Working Model

• Rotational Shift (US Business Hours or After Hours)
• Remote-first operational model
• Participation in on-call escalation rotation for critical incidents when required

What Success Looks Like

• High-quality incident investigations and response handling
• Improved detection fidelity and reduced false positives
• Increased SOC automation coverage and operational efficiency
• Faster containment and response coordination
• Consistent and high-quality incident response across customer environments
• Strong collaboration across SOC, Engineering, and Customer teams
• Continuous improvement of detection, automation, and DFIR capabilities

Life @ ProArch

• At ProArch, we believe our people are the key to our success. That’s why we foster an environment where every employee—known proudly as a ProArchian—can grow, thrive, and make a meaningful impact.
• We empower employees to develop at their own pace through Career Pathways, a clear and supportive guide to professional progression.
• Our culture is one of positivity, inclusivity, and respect. Titles don’t define how we treat each other— every ProArchian is valued equally, and collaboration across roles and teams is the norm.
• We understand that great work starts with balance. That’s why we prioritize work-life harmony, offering flexible work schedules and encouraging time for what matters most.
• Beyond the workplace, ProArchians actively give back—organizing volunteer efforts and charitable initiatives that empower the communities we call home.
• And because we know that extraordinary efforts deserve recognition, we celebrate those who go above and beyond with appreciation programs.
• At ProArch, we’re not just using technology to transform businesses— we’re using it to create a better experience for our people, our clients, and our communities.

About ProArch:

At ProArch, we partner with businesses around the world to turn big ideas into better outcomes through IT services that span cybersecurity, cloud, data, AI, and app development.

We’re 400+ team members strong across 3 countries (we call ourselves ProArchians)—and here’s what connects us all:

• A love for solving real business problems
• A belief in doing what’s right

What’s it like to work here?

• You’ll keep growing. You’ll work alongside domain experts who love to share what they know.
• You’ll be supported, heard, and trusted to make an impact.
• You’ll take on projects that touch industries, communities, and lives.
• You’ll have the time to focus on what matters most in your life outside of work.

At ProArch, you’ll be part of teams that design and deliver technology solutions solving real business challenges for our clients. With services spanning AI, Data, Application Development, Cybersecurity, Cloud & Infrastructure, and Industry Solutions, your work may involve building intelligent applications, securing business‑critical systems, or supporting cloud migrations and infrastructure modernization.

Every role here contributes to shaping outcomes for global clients and driving meaningful impact. You’ll collaborate with experts across data, AI, engineering, cloud, cybersecurity, and infrastructure—solving complex problems with creativity, precision, and purpose. You’ll join a culture rooted in technology, curiosity, and continuous learning. A place where we move fast, trust you to make an impact, encourage innovation, and support your growth.

Position Overview

ProArch IT Solutions is seeking a highly motivated and technically skilled Security / SOAR Automation Engineer to join our global cybersecurity operations team supporting a fast-paced Managed Security Services Provider (MSSP) environment. The ideal candidate will possess strong hands-on experience in cybersecurity automation, SOAR platform engineering, SOC workflow orchestration, and security integrations across modern security ecosystems.

This role is heavily focused on designing, implementing, optimizing, and scaling SOC automation capabilities to improve operational efficiency, incident response, alert enrichment, triage automation, threat intelligence utilization, and AI-driven security operations enhancements.

The Engineer will work closely with SOC Operations, Security Engineering, Security Consulting, and Leadership teams to deliver automation initiatives and operational improvements while supporting a globally distributed security environment.

This is a permanently remote opportunity for candidates based in India, aligned primarily to USA Eastern Time (ET) business hours, with flexibility depending on operational requirements.

Key Responsibilities:

• SOAR Engineering & Automation

• Design, develop, implement, and maintain SOAR playbooks and automation workflows for SOC operations.

• Build scalable security orchestration workflows for:

• Alert triage

• Automated enrichment

• Threat intelligence correlation

• Incident response

• Containment workflows

• Identity-based investigations

• Case management

• Reporting automation

• Reporting automation

• Implement and maintain integrations between SOAR platforms and various security technologies using APIs, webhooks, SDKs, and custom connectors.

• Develop automation logic to improve SOC efficiency, reduce analyst fatigue, and accelerate Mean Time to Respond (MTTR) and Mean Time to Resolve.

• Support SOAR platform lifecycle management including upgrades, change management, testing, governance, RBAC, and operational maintenance.

• Assist with SOAR platform administration, identity & access management, and environment hardening.

Security Platform Integrations

Hands-on experience integrating and automating workflows involving:

• Microsoft Defender for Endpoint (MDE)
• Microsoft Defender XDR
• Microsoft Defender for Identity (MDI)
• Microsoft Defender for Office 365 (MDO)
• Microsoft Defender for Cloud Apps (MDCA)
• Microsoft Purview
• Microsoft Identity Protection / Entra ID
• CrowdStrike Falcon
• Threat Intelligence platforms
• (Must have) SIEM platforms (Microsoft Sentinel & Defender XDR)
• Graph API
• Ticketing platforms (Datto Autotask preferred)
• Email security solutions
• Endpoint detection & response platforms
• Identity and authentication platforms
• Cloud security solutions

SOC Operations Enhancement

• Work collaboratively with SOC Managers, SOC Team Leads, Analysts, and Security Consultants to identify automation opportunities.
• Create operational enhancements to improve detection engineering, investigation workflows, escalation efficiency, and reporting.
• Assist with scaling SOC operations using automation and AI-driven initiatives.
• Support operational maturity improvements within the SOC environment.
• Participate in incident response automation strategy discussions and implementation planning.
• Contribute to SOC transformation initiatives focused on operational scalability and service optimization.

AI & Advanced Security Operations

• Contribute to AI-enabled SOC initiatives and intelligent automation projects.
• Assist in implementing AI orchestration and automation use cases within security operations.
• Research and evaluate emerging AI and automation technologies relevant to cybersecurity operations.
• Support initiatives focused on autonomous investigation workflows, enrichment intelligence, and analyst assistance capabilities.

Collaboration & Project Coordination

• Coordinate automation initiatives with internal stakeholders and external vendors.
• Work closely with SOAR vendors for implementation support, troubleshooting, optimization, and feature enablement.
• Participate in project planning, implementation tracking, testing, and deployment activities.
• Maintain technical documentation, workflow diagrams, integration references, and operational runbooks.
• Support cross-functional cybersecurity projects and operational improvements

Experience

• Bachelor’s Degree / Graduation in Computer Science, Information Technology, Cybersecurity, Engineering, or a related technical field is mandatory.
• Relevant cybersecurity certifications and automation-focused certifications will be considered an added advantage.
• 3–5 years of overall cybersecurity experience.
• Proven hands-on experience with SOAR platforms in enterprise or MSSP environments.
• Strong experience designing and implementing automation workflows from scratch.
• Experience supporting Security Operations Center (SOC) environments.
• Prior SOC Analyst experience is highly preferred.
• Experience working within Managed Security Services Provider (MSSP) environments preferred.
• Experience supporting or collaborating with US-based teams/vendors preferred.

Technical Skills

• Strong hands-on experience with SOAR technologies.
• Experience with Torq SOAR preferred.

Strong understanding of:

• Incident response workflows
• SOC operations
• Detection engineering
• Security orchestration
• Threat intelligence
• API integrations
• Authentication mechanisms
• Identity-based security workflows
• Experience integrating security tools using:
• REST APIs
• JSON
• Webhooks
• Python
• PowerShell
• Scripting/automation frameworks
• Familiarity with SIEM platforms and alert correlation logic.
• Experience with ticketing systems, preferably Datto Autotask.
• Understanding endpoints, cloud, identity, and email security ecosystems.

Preferred Qualifications

• Experience implementing AI-driven SOC workflows.
• Exposure to AI orchestration in cybersecurity operations.
• Knowledge of security operations metrics and optimization strategies.
• Experience with security automation governance and change management.
• Exposure to cloud security platforms and SaaS security controls.
• Familiarity with DevSecOps or infrastructure automation concepts.
• Relevant cybersecurity certifications are advantageous like Security+, CySA+, GCIH, SC-200, AZ-500, SOAR platform certifications, Splunk / Microsoft certifications

Soft Skills & Work Style

• Strong verbal and written communication skills with the ability to work effectively across technical and non-technical teams.
• • Excellent collaboration and stakeholder coordination skills across SOC Operations, Engineering, Consulting, Vendors, and Leadership teams.
• Strong documentation and technical writing capabilities for workflows, SOPs, and operational procedures.
• Ability to work independently in a remote-first, multicultural, and fast-paced MSSP environment.
• Self-driven, proactive, and highly organized with strong ownership and accountability.
• Strong analytical, troubleshooting, and problem-solving skills.
• Comfortable managing multiple projects, priorities, and operational initiatives simultaneously.
• Team-oriented mindset with the ability to operate effectively as an individual contributor.
• Professional communication and coordination skills for working with US-based teams and vendors.
• Adaptable and flexible to evolving operational and business requirements.

Work Schedule & Environment

• Primary alignment with USA Eastern Time (ET) business hours.
• Permanent remote working opportunity within India.
• Flexible working model based on operational requirements and project demands.
• Fast-paced MSSP and cybersecurity operations environment.

What Success Looks Like in This Role

• Successful deployment and optimization of SOC automation workflows.
• Measurable reduction in manual SOC effort and alert fatigue.
• Improved operational efficiency and response timelines.
• Reliable integration and orchestration across security ecosystems.
• Contribution toward scalable, AI-enabled cybersecurity operations.
• Strong collaboration with SOC leadership, analysts, engineering, and consulting teams.
• Continuous innovation and operational enhancement within the security operations function.

Life @ ProArch

• At ProArch, we believe our people are the key to our success. That’s why we foster an environment where every employee—known proudly as a ProArchian—can grow, thrive, and make a meaningful impact.
• We empower employees to develop at their own pace through Career Pathways, a clear and supportive guide to professional progression.
• Our culture is one of positivity, inclusivity, and respect. Titles don’t define how we treat each other— every ProArchian is valued equally, and collaboration across roles and teams is the norm.
• We understand that great work starts with balance. That’s why we prioritize work-life harmony, offering flexible work schedules and encouraging time for what matters most.
• Beyond the workplace, ProArchians actively give back—organizing volunteer efforts and charitable initiatives that empower the communities we call home.
• And because we know that extraordinary efforts deserve recognition, we celebrate those who go above and beyond with appreciation programs.
• At ProArch, we’re not just using technology to transform businesses— we’re using it to create a better experience for our people, our clients, and our communities.

Company Overview

Interactive Brokers Group, Inc. (Nasdaq: IBKR) is a global financial services company headquartered in Greenwich, CT, USA, with offices in over 15 countries. We have been at the forefront of financial innovation for over four decades, known for our cutting-edge technology and client commitment.

IBKR affiliates provide global electronic brokerage services around the clock on stocks, options, futures, currencies, bonds, and funds to clients in over 200 countries and territories. We serve individual investors and institutions, including financial advisors, hedge funds and introducing brokers. Our advanced technology, competitive pricing, and global market help our clients to make the most of their investments.

Barron’s has recognized Interactive Brokers as the #1 online broker for six consecutive years. Join our dynamic, multi-national team and be a part of a company that simplifies and enhances financial opportunities using state-of-the-art technology.

About the Role

We are looking for an Application Security Engineer who lives at the intersection of security and engineering. This is not a policy role — you will be hands-on building, tuning, and scaling the security scanning infrastructure that protects our software delivery pipeline. You will own SAST, DAST, and SCA tooling end to end, drive false positive reduction, and embed security gates directly into CI/CD workflows across engineering teams. A deep understanding of how vulnerabilities actually work — not just what scanners report — is fundamental to success in this role.

The Problem We’re Solving

We operate in a complex, regulated environment — multiple languages, layered network boundaries, and delivery velocity that cannot be sacrificed for security theater. We are building a scanning program that works in that reality. Tuned, automated, trusted — coverage that is measurable and findings that engineers actually act on. This role exists to solve that problem.

What You’ll Do

• Own and operate static, dynamic, and software composition analysis scanning platforms across all engineering pipelines — onboarding new repositories, tuning rulesets, and maintaining coverage metrics

• Build and maintain CI/CD security gates that enforce scan policies at pull request, merge, and release stages across engineering workflows

• Write custom detection rules tailored to the organization’s tech stack and threat model — covering vulnerability classes specific to the languages and frameworks in use

• Triage and prioritize scan findings with a deep understanding of actual exploitability — distinguish true positives from noise, explain the real-world impact of each finding, and build suppression workflows that reduce false positive rates without creating blind spots

• Develop automation to ticket, deduplicate, and route findings to the right engineering teams with enough context for developers to understand and act on them

• Integrate dynamic scanning into pre-production environments with authenticated coverage — understanding what attack surface is actually reachable versus what scanners miss

• Partner with engineering teams on remediation — provide exploit context, reproduce findings where necessary, and give concrete fix guidance grounded in how the vulnerability actually works

• Support software composition analysis and dependency security programs — tying third-party vulnerabilities back to actual reachability and exploitability in the codebase rather than treating every CVE as equal severity

• Contribute to the security champions program — help developers understand not just what is flagged but why it matters and how an attacker would use it

• Run structured evaluations of new tooling and drive buy vs build decisions with documented PoC results

What We’re Looking For

These areas are the capabilities we are looking for. Strong candidates will not check every box. If you are strong in either of the below, we want to hear from you. Depth in one area with curiosity about other matters more than surface-level familiarity across all of them.

• 5-7 years in application security, DevSecOps, or a security engineering role with tooling focus

• Strong foundational knowledge of how web application vulnerabilities work at a technical level — injection classes, broken authentication patterns, insecure deserialization, XXE, SSRF, IDOR, race conditions, and business logic flaws — not just awareness of their names

• Ability to read a scan finding and independently reason about whether it is exploitable in context — understanding data flow, trust boundaries, and what an attacker would actually need to trigger it

• Hands-on experience deploying and tuning SAST platforms — writing or modifying rules, understanding AST-based and dataflow analysis, and knowing where static analysis fundamentally cannot reach

• Experience integrating security tooling into CI/CD pipelines and enforcing policy at key delivery gates

• Proficiency in at least one scripting language — Python or Go strongly preferred — for automation and tooling development

• Experience with DAST tooling in authenticated scan configurations — understanding what authenticated coverage requires and how session handling, CSRF tokens, and multi-step flows affect scan fidelity

• Familiarity with SCA concepts — dependency graphs, transitive vulnerabilities, license risk, reachability analysis, and SBOM formats including CycloneDX and SPDX

• Ability to read and reason about code across multiple languages

Nice to Have

• Development background — candidates who have written production code and personally addressed security vulnerabilities in a codebase bring a fundamentally different perspective to this role; they understand why developers make the choices they do, where fixes break things, and how to give remediation guidance that engineers will actually implement

• Background that spans both sides of the SDLC — having sat in a developer role before moving into security means stronger partnerships with engineering teams and more credible guidance during code review and triage conversations

• Experience writing custom detection logic for organization-specific vulnerability patterns beyond out-of-the-box scanner coverage

Company Benefits & Perks:

• Competitive salary package.
• Performance based annual bonus ( cash and stocks).
• Hybrid working model (3 days office/week).
• Group Medical & Life Insurance.
• Modern offices with free amenities & fully stocked cafeterias.
• Monthly food card & company paid snacks.
• Hardship/shift allowance with company provided pickup & drop facility*
• Attractive employee referral bonus.
• Frequent company sponsored team building events and outings.

\* Depending upon the shifts.

** The benefits package is subject to change at the management’s discretion.