The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. Youll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further!
Responsibilities :
Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance.
Mentor a team of SecOps experts, providing technical guidance in a fast-paced environment.
Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.

We are seeking an experienced SOC Manager to lead our Security Operations Center (SOC), with full responsibility for detection, response, and operational excellence. This role combines hands-on technical leadership with people management, process ownership, and alignment to business risk.
The SOC Manager will be accountable for the effectiveness, maturity, and scalability of security operations across the organization.
What you will do?
Oversee day-to-day SOC operations, ensuring timely threat detection, incident response, and threat mitigation. Own day-to-day SOC operations, ensuring effective threat detection, incident response, and containment across all environments.
Develop and implement SOC policies, processes, and playbooks to improve security effectiveness.
Continuously evaluate and enhance SIEM configurations, alerting mechanisms, and automation. Continuously optimize SIEM content, alert quality, detection coverage, and automation capabilities.
Team Management & Training- Recruit, mentor, and manage a team of SOC analysts and incident responders.
Lead incident investigation, containment, and remediation efforts, coordinating with internal teams and external partners.
Align security operations with MITRE ATT&CK, NIST, and other cybersecurity frameworks.
Produce clear, executive-level incident reporting and risk summaries for security leadership and stakeholders.
Stay updated on emerging threats, attack techniques, and security technologies to drive continuous improvements.

We are looking for an experienced Incident Responder to join our newly established team and spread the power!
WHAT YOULL DO
Investigate real-world cyber-attacks on customers cloud environments and cloud workloads, understanding their root causes and the full scope of compromise, leveraging the platform.
Perform proactive threat hunting to identify undetected cyber-attacks and cloud threats within customer environments.
Collaborate with customer teams during engagements to effectively respond to threats.
Develop and deliver professional engagement reports, including high-level summaries and deep dives into technical findings.
Develop and document incident response methodologies, best practices, and standard operating procedures tailored to cloud environments and cloud workloads.
Collaborate with the threat research and engineering groups to refine and enhance incident response detections, tools, and features, based on real-world investigation experiences.

Required Security Incident Response Group Lead - (250000G4)
What will you do?
A global provider of cybersecurity protection solutions for networks and applications. We are looking to enhance our Cloud Services, the fastest growing business, in key markets.
Security operation leadership - Oversee the daily operation by leading projects & processes, tracking tasks & progress, and mentoring of a global Incident Response (IR) group that is specialized in detection & mitigation of various network threats, such as Denial-of-service attacks, application server-side & client-side threats, botnets, and more.
Incident response leadership - Oversee & coordinate RT security incidents globally by maintaining & developing solid IR processes & playbooks, crisis management & de-escalation techniques, lead escalation calls, and identify & improve gaps in technical & operational procedures among the global security group.
Global IR team leadership - Lead and mentor a multidisciplinary cloud security group consists of security IR analysts & security experts, fostering a collaborative and high-performance culture, oversee the global recruitment & training process of new employees, and develop & maintain high performance teams with deep technical knowledge, customer orientation, and operational attitude.
Customer engagement - Ensure customer's SLA & satisfaction, build and maintain strong relationship with customers & stakeholders, and maintain regular communication through meetings, reports, and updates to ensure stakeholders are informed about security initiatives, incident responses, and risk posture.
Strategic planning - Develop & execute roadmaps, strategies, and frameworks aligned with organizational goals.

we are seeking a Detection & Response Manager to lead and mature our security operations and adversary defense capabilities.
This role owns SOC operations, incident response, red teaming, and security automation (SIEM & SOAR) across cloud, data center, and enterprise environments.
The ideal candidate combines operational excellence, threat-adversary thinking, and automation-first execution.
Key Responsibilities
Security Operations Center (SOC) Leadership
Own day-to-day SOC operations across cloud, data center, and corporate environments
Define detection strategy aligned to our company threat models and crown jewels
Ensure high-quality alerting, triage, escalation, and reporting
Continuously reduce false positives and alert fatigue
Incident Response & Crisis Management
Lead end-to-end incident response for high-severity security incidents
Own incident command during crises (technical, executive, and regulatory coordination)
Ensure post-incident reviews lead to real control improvements
Maintain and regularly test incident response playbooks
Red Team & Adversarial Testing
Manage red team and purple team activities (internal and external)
Translate real-world adversary TTPs into detection and response improvements
Ensure findings from red team exercises are remediated and verified
Partner with product, cloud, and physical security teams on attack simulations
SOC Automation (SIEM & SOAR)
Own SIEM and SOAR strategy, architecture, and roadmap
Drive automation of detection, enrichment, response, and reporting
Integrate identity, cloud, CI/CD, and physical security telemetry
Measure SOC effectiveness using MTTD, MTTR, and coverage metrics
Threat Intelligence & Continuous Improvement
Operationalize threat intelligence into detections and playbooks
Track emerging threats relevant to cloud, AI, and infrastructure providers
Continuously improve detection coverage against prioritized attack paths
What Success Looks Like (12 Months)
Measurable reduction in MTTD and MTTR for high-severity incidents
Majority of high-risk incidents detected internally, not externally
Red team findings consistently detected and contained
SOC automation meaningfully reduces manual effort
Clear, trusted security reporting to CISO and leadership.

looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

We seek a dedicated and proactive Senior SecOps Engineer to join our InfoSec team and take ownership of all security-related tasks across the organization. In this role, you will be key in aligning security goals with infrastructure, R&D and IT requirements. You will be responsible for integrating security into our CI/CD pipelines, managing cloud infrastructure security, ensuring compliance with security standards, and protecting our infrastructure from vulnerabilities.

A day in the life and how youll make an impact:

Implement and manage security tools such as static code analysis, cloud posture monitoring, and penetration testing tools.
Embed security into the DevOps lifecycle, including CI/CD pipelines, IaC (Infrastructure as Code), and software development workflows.
Design and enforce security policies for cloud architecture, ensuring secure configurations and monitoring.
Lead incident response activities, vulnerability management, and forensic investigations to mitigate threats.
Drive compliance efforts (ISO 27001, SOC 2, GDPR, etc.) and audit readiness for the organization.
Work closely with stakeholders (CISO, COO, System Architects, DevOps, IT, Finance, HR, etc) to identify requirements and prioritize security needs.
Continuously monitor systems and infrastructure for vulnerabilities, intrusions, and misconfiguration.
Perform or manage penetration testing initiatives to identify security weaknesses.

We are looking for an experienced Security Operations Engineer to join our fast-growing security team and take ownership of our SIEM and SOAR automation efforts. This is a unique opportunity to work at the intersection of security operations, detection engineering, and automation in a modern SaaS and cloud-native environment.


What Will You Do?
Maintain and enhance detection engineering content across SIEM and automation systems
Develop new SOAR workflows, automated actions, and response playbooks
Build and improve SIEM rules, correlations, dashboards, and monitoring capabilities
Lead investigations and identify security issues through alert analysis and mitigation
Coordinate incident response activities and communicate clearly with relevant stakeholders
Provide consultative guidance on best practices in Cloud Security, SIEM, and automation operations
Collaborate closely with internal teams to understand monitoring needs and deliver new insights
Follow CISO guidance to continuously improve the organizations security posture
Design, document, and scale security automation capabilities
Review new product features, implement security standards, and share knowledge across the team

Systems Development Engineering (SDE) at our company is a role where you manage services and systems at scale. SDEs creatively put their engineering discipline to use automating the mundane and reducing toil. We dont just write code to fix bugs, but emphasize the development of tools and solutions that fix classes of problems. We know its hard to control what you cant measure - so we focus on observability: instrumenting first, then turning data into knowledge, and finally knowledge into action. We know that the operational efficiency of our company systems, services, virtual compute environments and the operating systems that power them impact the environment, not just the bottom line. We know that working together we can do more, and that community matters.
our company brings together people with a wide variety of backgrounds, experiences and perspectives. We encourage them to collaborate, think big and take risks in a blame-free environment. We promote self-direction to work on meaningful projects, while we also strive to create an environment that provides the support and mentorship needed to learn and grow.
Together we engineer and build the infrastructure, tools, access and telemetry for systems that enable orchestration of our company-scale services. Come build things that matter.
The Managed Services Technology team plays a vital role in the Managed Threat Defense service delivery life-cycle. We are responsible for provisioning Security Operations (SecOps) and third-party security technology. This role focuses on deploying and integrating customer security technologies.
In this role, you will collaborate with enterprise clients, customers, internal stakeholders, and cross-functional teams to quickly and accurately provision and integrate SecOps and other customer-managed security technologies.
Part of our company Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Responsibilities
Oversee the security technology provisioning lifecycle for new and existing customers.
Develop technical implementation plans based on customer expectations and shared information.
Facilitate project management and technical support during onboarding. Collaborate closely with customers and internal teams.
Collaborate with customers to triage and implement remediations and recommendations.
Document all implementation details and collaboration meeting notes in the internal tracking system.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.
This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.
What You Will Do:
Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.
Build and maintain an effective and scalable security monitoring infrastructure solution.
Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.
Triage alerts and drive security incidents to closure while reducing their potential impact to Semperis.
Build processes and workflows to triage security alerts and respond to real incidents.
Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.
Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.
Contribute to strategy, risk management, and prioritization for all efforts around detection and response.
Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.
Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.