Director leading security operations and enhancing vulnerability management at IDEXX. Driving strategic execution and operational excellence across key domains in cybersecurity.
About the role
- Own alert triage and tuning in Wazuh: review alerts, reduce false positives, and improve detection quality (golden rules and rule authoring)
- Analyse alerts tied to website, tracking, and data pipelines—spot gaps, confirm incidents, and recommend fixes
- Create and maintain detection logic (rules, decoders, thresholds) and supporting documentation
- Operate Wazuh manager/agents and work with log sources to ensure reliable telemetry
- Build and maintain dashboards/reports to track alert health and detection coverage
- Collaborate with developers, product and infra teams to validate detections and close the loop on remediation
- Help automate routine investigation steps and alert enrichment with simple scripts or playbooks
- Contribute to incident investigations when escalated, providing clear findings and suggested next steps
Requirements
- 2+ years of experience in SOC/SECOPS, security monitoring or a similar role
- Practical experience with Wazuh (rule writing, alert tuning, agents)
- Familiarity with web technologies and tracking (HTTP, JavaScript trackers, analytics logs) and how they appear in logs
- Comfortable reading and shaping logs (regex, log parsing) and using Kibana/Elasticsearch or similar for investigation
- Basic scripting skills (Python, Bash, or similar) to automate checks and enrich alerts
- Strong attention to detail and a methodical approach to triage and investigation
- Clear communicator who can present findings and recommended actions to engineers and non-security stakeholders
- A proactive attitude and willingness to learn new tools and detection techniques
- Nice to have: Experience with threat hunting, MITRE ATT&CK mapping, or developing detection playbooks
- Nice to have: Exposure to cloud logging / SIEM ecosystems and integration work
- Nice to have: Tetragon and/or Cilium experience
Benefits
- Paid sick days and private health insurance that includes dental, vision, health checks, and 80% coverage for 25 psychotherapy sessions
- Access to premium mental health apps, onsite workouts, and gym membership support — all available during parental leave too
- Learning budget for courses, conferences, and books — your growth is always backed
- Extra days off, thoughtful gifts, and bonuses to celebrate life’s milestones like birthdays, weddings, and new arrivals
- Pet-friendly, centrally located office with game zones, healthy snacks, and cozy spaces to unwind
- Fun company events, fitness challenges, and team-building activities that actually connect people
- Additional vacation days the longer you stay — because recharging is essential
Job title
Job type
Experience level
Salary
Degree requirement
No Education Requirement
Tech skills
Location requirements
DE
IT Security Operations Specialist ensuring security of global networks, systems, and data. Implementing security controls and performing advanced threat hunting using Microsoft Sentinel and Darktrace.
SU
SunrunStaff SOC Analyst
Staff SOC Analyst driving advanced threat detection and incident response for Sunrun's security team. Leading complex investigations, mentoring analysts, and improving detection capabilities in a remote setup.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst monitoring global events and managing critical incidents for Netflix's security operations. Ensuring timely communication and assessment during major security threats.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst focusing on critical events and risk management operations at Netflix. Monitoring global threats and coordinating incident management efforts in a hybrid work setting.
AS
A SocietySecurity Operations Center Engineer
Security Operations Center Engineer enhancing security posture via automation and threat hunting. Requires strong experience with SIEM and SOAR platforms and Python scripting.
CA
Credit AcceptanceSecurity Operations Vulnerability Analyst II
Security Operations Vulnerability Analyst II identifying and mitigating security vulnerabilities. Collaborating with teams to ensure timely risk remediation and protection of enterprise systems.
ON
OntinueSOC Analyst
Cyber Defender (SOC Analyst) acts as the key point of contact for major security incidents. Coordinating response efforts and enhancing procedures at a leading AI - powered security partner.
CI
Core Specialty Insurance Holdings, Inc.Junior Security Operations Center Analyst
Junior SOC Analyst at Core Specialty responsible for monitoring and triaging security alerts across IT environment. This role offers hands - on experience in cybersecurity with a fast - paced operational environment.
TN
Transport for NSWSecurity Operations Coordinator – Temporary Opportunity
Security Operations Coordinator overseeing security strategies and managing operations for public safety in NSW. Collaborating with law enforcement and enhancing transport system resilience with flexible work options.