Director leading security operations and enhancing vulnerability management at IDEXX. Driving strategic execution and operational excellence across key domains in cybersecurity.
About the role
- Own day-to-day security operations for cloud and Kubernetes workloads: threat detection, alert triage, incident response, forensics, and post-incident learning.
- Build and tune detections and automations (SOAR/runbooks, detection-as-code, Sigma/queries) to reduce MTTA/MTTR and eliminate noisy alerts.
- Harden CI/CD and software supply chain: secrets, SBOMs, artifact signing, SLSA/Cosign; drive “secure by default” patterns in build/deploy.
- Lead cloud/Kubernetes/serverless hardening: IaC reviews, policy-as-code, admission controls, least privilege, and network segmentation.
- Partner with IT/SRE to evolve identity & access (SSO/MFA/JIT/JEA), endpoint/EDR posture, email & SaaS security, and third-party/vendor risk.
- Run vulnerability management end-to-end: scanning, prioritization, remediation SLAs, and executive reporting.
- Contribute to security governance: policies, standards, tabletop exercises, BCP/DR inputs; support compliance efforts (e.g., SOC 2/ISO 27001).
- Build security tooling and integrations (Python or Go); define metrics/KPIs and communicate risk and progress; mentor engineers.
Requirements
- 5+ years in Security Operations/Cloud Security/Blue Team roles, with deep, hands‑on experience in AWS (IAM/GuardDuty/CloudTrail/CloudWatch) and Kubernetes/containers.
- Strong incident response skills across detection, investigation, containment, and recovery especially in complex cloud-native environments.
- Proficiency building security automations and tools in Python or Go; experience with SOAR and API‑driven workflows.
- Practical expertise with SIEM/log analytics (e.g., ELK/OpenSearch, Splunk), EDR, CSPM/CNAPP, and secrets management (e.g., Vault).
- Solid grasp of CI/CD security, supply‑chain risks (SAST/DAST/IAST, dependency scanning, artifact signing), and IaC (Terraform) security reviews.
- Networking & Linux fundamentals; proven ability to partner with DevOps/SRE/R&D and to communicate risk clearly to non‑security stakeholders.
- Willingness to participate in a shared on‑call rotation for security incidents.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
DE
IT Security Operations Specialist ensuring security of global networks, systems, and data. Implementing security controls and performing advanced threat hunting using Microsoft Sentinel and Darktrace.
SU
SunrunStaff SOC Analyst
Staff SOC Analyst driving advanced threat detection and incident response for Sunrun's security team. Leading complex investigations, mentoring analysts, and improving detection capabilities in a remote setup.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst monitoring global events and managing critical incidents for Netflix's security operations. Ensuring timely communication and assessment during major security threats.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst focusing on critical events and risk management operations at Netflix. Monitoring global threats and coordinating incident management efforts in a hybrid work setting.
AS
A SocietySecurity Operations Center Engineer
Security Operations Center Engineer enhancing security posture via automation and threat hunting. Requires strong experience with SIEM and SOAR platforms and Python scripting.
CA
Credit AcceptanceSecurity Operations Vulnerability Analyst II
Security Operations Vulnerability Analyst II identifying and mitigating security vulnerabilities. Collaborating with teams to ensure timely risk remediation and protection of enterprise systems.
ON
OntinueSOC Analyst
Cyber Defender (SOC Analyst) acts as the key point of contact for major security incidents. Coordinating response efforts and enhancing procedures at a leading AI - powered security partner.
CI
Core Specialty Insurance Holdings, Inc.Junior Security Operations Center Analyst
Junior SOC Analyst at Core Specialty responsible for monitoring and triaging security alerts across IT environment. This role offers hands - on experience in cybersecurity with a fast - paced operational environment.
TN
Transport for NSWSecurity Operations Coordinator – Temporary Opportunity
Security Operations Coordinator overseeing security strategies and managing operations for public safety in NSW. Collaborating with law enforcement and enhancing transport system resilience with flexible work options.