Source Job

• Triage, investigate, respond to, and remediate intrusions daily.
• Mentor junior team members, allowing them to grow individually and as a team.
• Contribute regularly to external-facing Huntress content such as blogs, webinars, presentations, and speaking engagements.

Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Founded in 2015 by former NSA cyber operators, Huntress protects all businesses with enterprise-grade, fully owned, and managed cybersecurity products. They protect 4M+ endpoints and 7M+ identities worldwide, elevating underresourced IT teams with protection that works as hard as they do.

• 24/7 monitoring and alert triage across SIEM/EDR/cloud security tooling; identify false positives vs. credible threats and set appropriate severity.
• Initial investigation and enrichment: gather relevant logs/telemetry, add context, and document findings clearly in the case/ticketing system.
• Escalation and coordination: escalate confirmed/suspected incidents quickly and cleanly to L2/IR with a complete handoff (timeline, scope, IOCs, actions taken).

Keyrock is a leading change-maker in the digital asset space, renowned for its partnerships and innovation. They have over 200 team members around the world with a diverse team from 42 nationalities and backgrounds ranging from DeFi natives to PhDs.

• Leading incident response initiatives and conduct thorough cybersecurity investigations.
• Enhancing security program by refining processes and optimizing tooling.
• Designing and implementing advanced threat detection and mitigation strategies.

Docplanner empowers patients by giving them access to leave and read reviews about their visits and provides doctors with technology to manage bookings easily and save time. They employ over 2,500 people globally and have a startup-mindset.

• Acting as a senior escalation point and incident coordinator for security incidents across Canva’s cloud, endpoint, and SaaS environments.
• Leading and actively participating in security incident response, from initial detection through investigation, containment, eradication, and recovery.
• Performing deep forensic analysis to determine scope, impact, and root cause, and translating technical findings into clear outcomes for stakeholders.

Canva is a design platform. They have campuses in Sydney and Melbourne and co-working spaces in Brisbane, Perth and Adelaide.

• Be the senior-level escalation point for high-priority incidents across security, network, systems, and cloud domains.

DYOPATH delivers outstanding IT service both externally and internally. They are known for their L.O.V.E. philosophy—Living Our Values Every Day—transforms everyday work into meaningful impact and are an award-winning culture.

• Deliver exceptional support experiences through security expertise and empathetic communication.
• Provide expert-level advisory services on complex security questions and product issues.
• Drive Security Operations team efficiency through process creation, optimization, and innovative feature ideas.

Blumira is a security operations platform built for growing teams and partners supporting them. They integrate comprehensive visibility, tools, and expert guidance to give IT and security teams peace of mind. The team is passionate about putting resilience in reach for every organization and helping teams build their own expertise.

• Maintain and continuously improve production uptime, supporting our ≥99.9% target for 2026.
• Monitor systems proactively and respond effectively to production incidents.
• Drive improvements in MTTR (Mean Time to Resolution).

Infiterra's B2B SaaS platform simplifies subscription service delivery, helping IT Distributors and Managed Service Providers (MSPs) automate and grow their subscription business. With 100+ customers in 75 countries, Infiterra is known for its collaborative and growth-oriented culture.

• Supporting investigations, day‑to‑day operations, and the uplift of our security posture.
• Jumping into real incidents, guiding security decisions, and helping teams build securely from the start.
• Unpicking a phishing campaign and advising on a new solution or progressing vulnerability management.

Contact Energy believes home is the most important place in the world. They're a team that’s reimagining how Aotearoa is powered and how customers experience energy. Contact is guided by their tikanga and they touch lives to make life better.

• Build and operationalize a fintech-grade SOC function
• Own incident response end-to-end
• Build and scale the SecOps team

OpenFX processes billions of dollars in transaction volume every month across global corridors. Their backend systems power pricing, routing, settlement, reconciliation, compliance, and risk.

• Ability to autonomously prioritize and successfully deliver across a portfolio of projects.
• Learn and keep up with current cyber threats, attack methodology, active campaigns, and detection techniques using a wide variety of capabilities and sources.
• Understand and utilize cyber threat intelligence sources.

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. They are a rapidly growing, profitable, privately-held value added reseller with over 1,200 employees, and an enjoyable workplace atmosphere.

• Investigate activity and disrupt abusive operations in partnership with our policy, legal, integrity, global affairs and security teams, including by conducting cross-internet and open source research
• Develop abuse signals and tracking strategies to help proactively detect harmful activity on our platform
• Communicate investigation findings from your work with stakeholders internally and, at times, externally

OpenAI's mission is to ensure that general-purpose artificial intelligence benefits all of humanity. They are an AI research and deployment company that pushes the boundaries of AI systems and seeks to safely deploy them to the world through their products.

• Lead Precision Defense engineering teams, turning NodeZero’s offensive insights into autonomous defenses.
• Build and evolve deception capabilities like honeypots and honeytokens for high-fidelity defense.
• Codify emerging threats into tests and alerts, guiding fast mitigation for customers.

Horizon3.ai is a fast-growing, remote cybersecurity company dedicated to enabling organizations to proactively find, fix and verify exploitable attack vectors before criminals exploit them. They are a fusion of former U.S. Special Operations cyber operators, startup engineers & operators, and formerly frustrated cybersecurity practitioners.

• Design and implement cloud infrastructure and platform services (IaaS/PaaS/SaaS) with high availability, security-by-design, and operational excellence.
• Own Infrastructure-as-Code (Terraform) and CI/CD automation (Azure DevOps or equivalent) for provisioning, configuration, policy enforcement, and repeatable deployments.
• Lead cloud reliability engineering: monitoring/alerting, incident response, capacity planning, patching, and operational runbooks.

Hanger, Inc. is the world's premier provider of orthotic and prosthetic (O&P) services and products, offering the most advanced O&P solutions, clinically differentiated programs and unsurpassed customer service. With nearly 160 years of clinical excellence and innovation, Hanger's vision is to lead the orthotic and prosthetic markets by providing superior patient care, outcomes, services and value.

• Lead cross-team infrastructure security initiatives from design through delivery, owning technical outcomes and stakeholder communication
• Design and implement security solutions for cloud infrastructure, container platforms, and orchestration systems
• Partner with SRE, Infrastructure, and Engineering teams to integrate security into platform services and deployment pipelines

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Their mission is to enable everyone to contribute to and co-create the software that powers our world.

• Perform host/network based forensic investigations to collect and preserve evidence related to incidents
• Managing incoming queues of detection alerts, threat reports and security incidents
• Prioritizing and triaging competing incidents to maintain Service Level Agreements (SLA)

Nielsen provides powerful insights that drive client decisions and deliver extraordinary results, enabling a better media future. They are a dynamic global workforce committed to capturing audience engagement with content, standing at the forefront of the media revolution.

• Collaborating with Security Operations Center (SOC) team members to monitor, detect, and respond to cybersecurity threats in a timely manner.
• Responding to cybersecurity incidents from identification through resolution.
• Developing and maintaining up-to-date knowledge of the threat landscape, as well as advancements in cybersecurity technologies and methodologies.

Calendly's product helps connect millions of people. They are in the midst of exciting product growth and offer opportunities to learn and grow alongside top professionals.

• Define the security operations roadmap by designing and implementing long term strategies.
• Improve and maintain processes, tooling, documentation, and training to mature and enhance cybersecurity incident response.
• Design, implement, and maintain security events monitoring systems.

Docplanner Tech is a diverse group of over 400 people working in Engineering, Data, and Product teams, responsible for building the product for all locations. They are leaders in 13 countries, with over 2,500 employees globally, and are backed by leading venture capital funds such as Point Nine Capital and Goldman Sachs Asset Management.

• Respond to DLP alerts, monitor DLP consoles and analyze security events to identify potential data loss incidents.
• Conduct in-depth investigations of suspected insider threat incidents, including unauthorized access, data exfiltration, and policy violations.
• Develop and implement insider threat detection use cases, alert rules, and incident response playbooks.

Universal Music Group (UMG) is the world’s leading music company, committed to artistry, innovation, and entrepreneurship. They own and operate businesses engaged in recorded music, music publishing, merchandising, and audiovisual content in over 60 countries.

• Conducts threat monitoring and analysis using threat detection tools.
• Builds and maintains security infrastructure and system performance.
• Triages alerts from detection platforms, identifying false positives and escalating attacks.

Nuvalent is dedicated to creating selective medicines with expertise in chemistry, specifically designed to meet the needs of cancer patients. They are an early-stage company that brings together experienced scientists and industry veterans with a history in oncology drug development and company building.

• Keeps the lights on, data safe, and people moving fast.
• Jumping into real incidents, guiding security decisions, and helping teams build securely from the start.
• Contributing to reviews of business solutions, risk identification and secure‑by‑design practices.

Contact Energy is a power, mobile, and broadband company that is transforming how Aotearoa is powered, leading the charge on renewable energy and digitising customer journeys. They are a team of 1000+ from all walks of life. They value caring for each other, learning from one another, and being guided by their tikanga.