Responsibilities:

Corporate Security Operations (Senior Ownership)

• Own the design, configuration, and ongoing improvement of endpoint protection and EDR tooling across the organization.
• Administer and optimize zero-trust networking and identity tooling (policy design, tuning, and operational resiliency).
• Partner with IT to define and execute IAM strategy (joiner/mover/leaver, privileged access, MFA, conditional access, SSO).
• Establish operational standards (runbooks, playbooks, SLAs) for corporate security tooling and support workflows.
• Leverage automation and AI-driven capabilities to reduce manual effort and improve detection, response speed, and consistency.

Threat Detection & Response

• Lead incident response planning, execution, and post-incident reviews; drive improvements based on lessons learned.
• Develop and tune detections (alerts, rules, behavioral analytics) and ensure high signal-to-noise monitoring.
• Own threat intelligence collection, analysis, and internal dissemination; translate intel into actionable controls.
• Coordinate cross-functional response efforts (IT, Engineering, HR, Legal, vendors) during security events.
• Perform root-cause analysis for recurring security issues and drive corrective and preventative actions.

Security Awareness, Enablement, and Support

• Own security training and phishing simulation programs; analyze results and improve effectiveness over time.
• Serve as escalation point for internal security requests and support tickets; improve user experience of security controls.
• Provide security guidance to teams to enable productivity while maintaining appropriate risk controls.

Metrics, Risk, and Continuous Improvement

• Define, track, and report KPIs that measure control effectiveness (coverage, MTTD/MTTR, phishing resilience, patch/EDR compliance).
• Communicate security posture, risks, and trends to leadership with clear recommendations and prioritized roadmaps.
• Identify and deliver improvements to visibility, automation, scalability, and resilience of security operations.

About You: 

• ·       6+ years of experience in corporate IT, security engineering, or security operations (including ownership of key security tooling).

  ·       Hands-on expertise with endpoint protection/EDR, identity security, and network security controls in modern SaaS environments.

  ·       Strong experience with zero-trust technologies and identity platforms (e.g., Zscaler; Okta or Entra ID; conditional access/MFA/SSO).

  ·       Demonstrated experience leading incident response activities end-to-end, including post-incident remediation and control improvements.

  ·       Experience building or maturing threat intelligence, detection engineering, and security monitoring programs.

  ·       Ability to automate operational tasks (e.g., scripting, SOAR-like workflows, API integrations) to improve scale and reliability.

  ·       Excellent communication skills, strong judgment, and a collaborative mindset; comfortable partnering cross-functionally with IT, HR, Engineering, and vendors.

  ·       Proven ability to prioritize effectively, operate with high ownership, and drive measurable improvements to security outcomes.

  ·       Bachelor’s degree in Information Security, Computer Science, Information Systems, or equivalent practical experience.

  ·       Relevant certifications are a plus (e.g., Security+, SSCP, CISSP, GIAC, vendor certifications for identity/EDR/zero-trust).

Nice to have 

• Open-source security contributions, published tooling, or participation in security communities.
• Experience with program-level security metrics, vulnerability triage frameworks, and compliance programs (e.g., SOC2, FedRAMP context).