Receive and own L2 escalations across all severity levels; take over technical lead role on Sev2+.
Perform deep-dive endpoint triage via EDR: process tree analysis, remote artifact collection, behavioral event review, and custom detection rule evaluation.
Conduct structured threat hunts in the SIEM using detection rule logic, event correlation queries, and multi-source pivoting.
Lead security incidents end-to-end, from detection and triage through containment and post-incident review, acting as incident commander.
Conduct hands-on investigations across cloud and endpoint environments to determine root cause and impact, and partner with Observability & Automation to improve detections and build automated playbooks.
Collaborate with Security, Infrastructure, and Product teams to identify gaps, strengthen the incident response lifecycle, and communicate effectively with both technical and non-technical stakeholders.
Affirm is reinventing credit to create honest and friendly financial products like buy now, pay later services without hidden fees. As a remote-first fintech company, they cultivate a collaborative and team-first culture for their skilled professionals.
Participate in a rotating on-call, based on the number of team members.
Serve as a hybrid Incident Response (IR) and Digital Forensics (DFIR) function.
Perform forensic analysis on a variety of networks, hosts, digital media, and operating systems/environments.
Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. We pride ourselves on providing our employees with great benefits and career development opportunities and are committed to growing careers as we are to building world-class IT solutions.
Tune EDR, SIEM, and XDR detections to reduce false positives and improve alert quality.
Build and maintain detection rules, correlation searches, dashboards, watchlists, and response workflows.
Translate Red Team, Purple Team, incident, and Threat Intelligence findings into repeatable defensive checks.
Sporty’s is a remote first company in pursuit of sustainability. They provide networking opportunities. They are likely a smaller company based on culture.
Execute on milestones for end-to-end SecOps & Threat initiatives in accordance with the Security roadmap.
Identify and respond to complex security incidents, including system compromise, intrusion attempts, and/or denial of service attacks by conducting continuous monitoring, vulnerability assessments, and log analysis.
Research emerging threats, publicly disclosed vulnerabilities or attack vectors, and proactively push mitigating controls to products and services.
6sense's mission is to multiply what matters: growth, retention, and efficiency. They envision a future where companies, teams and people reach their full potential. People are the heart and soul of the company with a growth mindset culture that is represented in all that they do.
Build and maintain a SIEM to collect and analyze logs, writing detections and alerts.
Design and deploy canary tokens and early warning mechanisms to detect threats.
Investigate security incidents end-to-end and build runbooks to scale response capabilities.
Quora's mission is to grow the world's collective intelligence, providing platforms for knowledge sharing and AI interaction. It's a remote-first company with passionate, collaborative, and high-performing global teams, fostering a culture rooted in transparency, idea-sharing, and experimentation.
Analyze, investigate, document and report on security alerts and/or potential security incidents identified in customer environments.
Process security investigation cases in a thorough, yet timely manner.
Serve as an incident coordinator for security events that require urgent response, containment, and remediation.
CyberSheath Services International LLC is a rapidly growing Security and IT Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). They integrate compliance and threat mitigation efforts and eliminate redundant security practices.
Monitor and analyze security alerts in Splunk to identify suspicious or malicious activity.
Support incident handling activities, including triage, investigation, escalation, and documentation of security events.
Collaborate with internal teams to resolve security issues and improve monitoring and response processes.
Signet Jewelers is the world's largest retailer of diamond jewelry, operating more than 2,800 stores worldwide under iconic brands. Signet Jewelers is a people-first company, proud of their heritage, international presence, diversity, inclusion and equity.
Lead security strategy across infrastructure, cloud systems, and enterprise applications.
Drive SOC 2, ISO 27001, and ISO 42001 readiness/certifications.
Own vulnerability management, threat monitoring, and incident response workflows.
SaaS Talent is a recruiting company, and a hiring, business development and growth partner with 20+ years of experience in SaaS and Hi-Tech that helps you scale and transform your business. They've worked with 100+ companies and helped them achieve their goals.