Security Operations / Threat Detection Lead

About the Role We are seeking a highly skilled Security Operations / Threat Detection Lead to oversee enterprise-wide security monitoring, detection engineering, and incident response. This role will serve as the technical lead for high-severity incidents, drive proactive threat hunting, and mentor SOC analysts to strengthen our overall security posture. Key Responsibilities Lead enterprise-wide security monitoring across SIEM, EDR, NDR, CASB, and cloud platforms Design, implement, and optimize detection rules, correlation logic, dashboards, and alerting use cases Continuously improve detection quality and reduce false positives Ensure effective log ingestion, parsing, normalization, and telemetry coverage Lead investigation and response activities for security incidents across enterprise systems Coordinate containment, eradication, and recovery during high-severity incidents Conduct advanced analysis to determine incident scope, root cause, and impact Drive proactive threat hunting mapped to the

MITRE ATT&CK

framework Mentor SOC analysts and incident responders in investigation techniques and workflows Develop and maintain incident response runbooks, threat models, and detection documentation Track and report on key metrics (MTTD, MTTR, detection coverage, incident trends) Required Qualifications Bachelor's degree in Computer Science, Cybersecurity, or related field (Master's preferred) 6-8 years of experience in security operations, threat detection, or incident response Hands-on experience with SIEM platforms (Splunk preferred) including rule creation and log analysis Strong experience investigating alerts across endpoint, network, OS, and cloud environments Deep knowledge of incident response methodologies and threat hunting techniques Familiarity with enterprise log sources (Windows/Linux servers, firewalls, IDS/IPS, endpoints, cloud-native services) Experience with cloud platforms (AWS, Azure, GCP) Excellent communication skills, both written and verbal Ability to lead incident response efforts and mentor SOC analysts Relevant certifications (CISSP, GCIH, GCIA, Splunk Security, Security+) are a plus Preferred Skills Familiarity with SOAR, automation, or orchestration tools Strong analytical and problem-solving skills in fast-paced environments Experience collaborating across IT, infrastructure, engineering, and vulnerability management teams

Pay:

$80.00 - $85.00 per hour

Benefits:

Dental insurance Health insurance Paid time off

Work Location:

In person