Senior Director of Product Marketing coordinating go - to - market strategy for endpoint security solutions at Tanium. Leading cross - functional teams to enhance product positioning and market impact.
About the role
- Senior Incident Response Engineer leading advanced security responses focused on Microsoft E5 security at Acrisure. Collaborating across teams for robust incident management and security policy enforcement.
Responsibilities
- The Senior Incident Response Engineer will lead advanced security incident response efforts, focusing on Microsoft E5 security capabilities and Data Loss Prevention (DLP)
- Detect, analyze, and respond to security incidents detected by EDR, SIEM, and Cloud Security tooling as well as MDR service providers
- Lead post-incident reviews and drive process improvements
- Perform advanced threat hunting using Microsoft Defender and related tools
- Integrate threat intelligence and adapt detection strategies based on real world threats observed by the organization
- Conduct forensic data acquisition, log analysis, and root cause determination for endpoint incidents
- Develop and maintain incident response playbooks and runbooks across the security operations toolset
- Collaborate with analysts and other IR engineers to identify opportunities for improvement and tuning of detection rules
- Collaborate with IT, legal, HR, communications, and other business units
- Collaborate on the design, implementation, and maintenance of security policies for Microsoft security components
- Regularly review and update policies based on evolving threats and lessons learned
- Collaborate with compliance and IT teams to enforce security standards and regulatory requirements
Requirements
- Proficiency with Microsoft 365 Security Suite as well as other security tooling such as SentinelOne, Google SecOps, Abnormal Security, and others
- Strong experience with incident response, digital forensics, and threat hunting across a hybrid environment
- Knowledge of endpoint operating systems (Windows, macOS, and Linux)
- Experience with cloud environments such as Azure, AWS, and GCP
- Experience with scripting (PowerShell, Python, or Bash) for automation and log parsing desired
- Embrace a metric-driven approach to continuous improvement
- Excellent analytical and critical thinking skills; ability to work in high-pressure situations
- Effective verbal and written communication abilities
- Meticulous with strong organizational skills and the ability to handle multiple priorities
- Ability to work independently and within a collaborative, team-oriented environment
- Bachelor’s degree in computer science, Information Security, Cybersecurity, or related discipline (or equivalent experience)
- Minimum 5 years of progressive information security experience
- At least 4 years focused on incident response, including investigations across different security domains (endpoint, application, DLP, and more)
- Expertise in Infrastructure Security: In-depth understanding of infrastructure security, including Windows, Active Directory, Unix/Linux, Mobile Security, and Privileged Access Management
- Relevant certifications (one or more preferred): GCFA, GCIH, CHFI, CySA+, MS SC-200, MS SC-400 or similar
Benefits
- Comprehensive medical insurance, dental insurance, and vision insurance
- Life and disability insurance
- Fertility benefits
- Wellness resources
- Paid sick time
- Generous paid time off and holidays
- Employee Assistance Program (EAP)
- Complimentary Calm app subscription
- Immediate vesting in a 401(k) plan
- Health Savings Account (HSA) and Flexible Spending Account (FSA) options
- Commuter benefits
- Employee discount programs
- Paid maternity leave and paid paternity leave (including for adoptive parents)
- Legal plan options
- Pet insurance coverage
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
SecOps Engineer implementing infrastructure security solutions in AWS and GCP at Tala. Focused on vulnerability management and protection in a global financial infrastructure company.
SOC Manager leading cybersecurity operations and strategies for federal clients in a 24/7 environment. Managing SOC activities and mentoring teams while maintaining security integrity.
SOC Analyst role focusing on IT security posture monitoring and threat detection use case development for MAHLE. Collaborate with global teams to enhance security processes and tools.
Security Operations Engineer at Pexip managing and improving security monitoring systems. Leading security incidents and ensuring effective alerting and automated response.
Security Operations Engineer at Gridware enhancing security, detection, and response in cloud - first environments. Collaborating with IT and engineering teams to implement best practices.
Cybersecurity Operations Director leading cybersecurity managed services operations at a global accounting firm. Overseeing teams, driving growth, and serving as an advisor to clients.
L2 SOC Analyst managing security incidents and responses at Keyloop, focusing on digital transformation in the automotive sector.
Security Operations Analyst responsible for developing security processes and incident response. Collaborating with multiple teams for security best practices in a hybrid work environment.
Security Manager leading IAM and SecOps at fintech solutions provider in Brazil. Developing and implementing information security programs aligned with best practices and compliance requirements.