Source Job

• Lead and execute security incident response, leveraging your deep expertise to manage and mitigate threats across Ivanti’s global footprint.
• Uncover both known and unknown threats using advanced incident response techniques, threat hunting, threat intelligence, and a strong understanding of attacker TTPs.
• Conduct thorough investigations involving external attacks, insider threats, and digital forensics, ensuring stakeholders stay informed with comprehensive reporting.

Ivanti's mission is to elevate human potential within organizations by managing, protecting and automating technology for continuous innovation. It is through diverse and inclusive hiring, decision-making, and commitment to our employees and partners that they will continue to build and deliver world-class solutions for their customers.

• Own and oversee enterprise security monitoring capabilities, including SIEM, EDR/XDR, and alerting platforms.
• Act as senior incident manager for significant security incidents, coordinating technical teams, IT operations, and business stakeholders.
• Lead and develop Genus’s security operations capability, establishing clear roles, responsibilities, and expectations.

Genus is an agricultural biotechnology pioneer and a global FTSE 250 company headquartered in the UK. They are a worldwide leader in porcine and bovine animal genetics, partnering with farmers to transform how we nourish the world, employing over 3,000 employees.

• Manage event and information intake, including intelligence reports and monitoring ticket queues.
• Triage alerts and correlate and analyze events to determine the scope of cybersecurity incidents.
• Provide 24x7 on-call support and monitor and manage security incidents using SIEM, SOAR, and DLP tools.

Brightspeed provides fast, reliable internet connections and an awesome customer experience in twenty states throughout the Midwest and South. Backed by funds managed by Apollo Global Management, they are accelerating the upgrade of copper to fiber optic technologies.

• Lead complex security investigations and drive automated response workflows.
• Perform host-based triage and forensic analysis across Windows, Linux, and macOS, and conduct cloud-native IR across AWS and Azure.
• Integrate threat intelligence into active investigations and operationalize it proactively.

VERSANT is a leading force in news, sports and entertainment and is home to iconic and trusted brands. As an independent, publicly traded company, VERSANT brings together powerhouse cable networks with dynamic digital and direct-to-consumer brands, fueled by innovation.

• Monitor alerts from SIEM and endpoint tools.
• Perform initial triage and validation.
• Escalate incidents per procedures.

Atlas Technica provides IT management, user support, and cybersecurity for hedge funds and investment firms with a focus on service. Founded in 2016, they value ownership, execution, growth, intelligence, and camaraderie, fostering a professional yet friendly environment with career development opportunities.

• Investigate intrusion attempts and perform in-depth analysis of exploits
• Monitor and analyze network traffic and alerts
• Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident

AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, they help enterprises deliver on the promise of digital transformation. At AHEAD, they prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard.

• Monitor security events through SIEM and other security tools, performing initial triage and correlating signals across multiple sources.
• Execute Incident Response activities, including detection, investigation, containment, remediation, and documentation of security incidents.
• Analyze alerts and security anomalies to identify legitimate threats, false positives, and areas requiring escalation.

Pismo provides a comprehensive processing platform for banking, card issuing and financial market infrastructure and helps customers innovate and build the next generation of banking and payment solutions. Pismo’s 500+ employees are located in more than 10 countries around the world.

• Own end-to-end security operations including SOC, monitoring, and detection capabilities.
• Act as technology incident commander for security events and incidents.
• Own the operational lifecycle of vulnerability management including scanning, prioritization, and remediation tracking.

Best Egg is a tech-enabled financial platform that helps people build financial confidence through lending solutions and financial health tools. They foster an inclusive and flexible workplace with top-tier benefits and growth opportunities, employing collaborative and innovative team players.

• Lead a globally distributed cyber defense team.
• Own enterprise incident response strategy and playbooks.
• Drive hypothesis-based threat hunting aligned to adversary behaviors.

FNF is an Equal Opportunity employer. They are committed to creating a diverse and inclusive workplace where all employees feel valued and respected.

• Investigating security events across the organization using your experience and knowledge in multiple security domains.
• Creating, deploying and maintaining high signal threat detections based on your understanding of threat actor TTPs.
• Architecting a highly scalable incident response process by developing, applying and refining automation for steps of the Incident Response life cycle

Benchling is the AI platform for biotech R&D. Scientists use Benchling to design experiments, capture structured data, and run AI agents and models directly in their workflows. They have over 200,000 scientists around the world and they trust Benchling to power their most important work.

• Continuously monitor security systems to detect and respond to any security incidents.
• Take the lead in investigating security breaches and developing prevention strategies.
• Conduct assessments of security risks and evaluate third-party vendor security measures.

Numeris is Canada’s trusted source for broadcast measurement and consumer behavior data, and a provider of intelligence to broadcasters, advertisers, and agencies. They have been recognized for 75 years as providing the gold standard in audience intelligence with a collaborative, curious, and dedicated culture.

• Monitor client environments performing Incident Detection, Validation, and Reporting.
• Responsible for the implementation and maintenance of cloud-based SIEM Solutions.
• Partner with client Security to continuously improve and enhance Managed Security support.

AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, they help enterprises deliver on the promise of digital transformation. They prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard.

• Serve as the primary Incident Commander for critical security events.
• Orchestrate response efforts across multiple teams.
• Conduct post-incident reviews and drive improvements.

GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. GitLab has more than 50 million registered users and is trusted by more than 50% of the Fortune 100*, which reflects a high-performance culture driven by their values and continuous knowledge exchange.

• Lead reporting and produce all TIU products to exceptional standards.
• Lead training on intelligence methodologies and structured analytic techniques.
• Act as a point of contact for media requests and represent Sibylline at external events.

Sibylline is a leading intelligence and strategic risk consultancy in the security sector. Since 2010, they have supported businesses, governments, and NGOs by providing high-quality risk analysis, due diligence, and consultancy services. They offer an innovative, entrepreneurial, and fast-growing working environment.

• Proactively hunt down, analyze, and patch system weak spots before they become a problem.
• Act as the calm, collected, and decisive first responder when the digital alarms ring, leading security investigations.
• Turn mountains of raw data logs into digestible, actionable insights to keep our defenses sharp.

Miovision is unlocking transportation networks that move people and enable smart, fast, safe communities. They are backed by advanced traffic AI and their innovations in traffic signal planning and operations improve the transportation experience for drivers, cyclists and pedestrians.

• Helping define the security operations roadmap by designing and implementing long term strategies
• Improve and maintain processes, tooling, documentation and training to mature and enhance cybersecurity incident response
• Design, implement and maintain security events monitoring systems

Docplanner empowers patients by giving them access to leave and read reviews about their visit and also provides doctors with the technology to manage bookings easily and save time. They are leaders in 13 countries with over 2,500 employees globally, maintaining a startup-mindset.

• Play a key role in the strategic and hands-on protection of our enterprise systems.
• Responsible for hardening infrastructure and integrating security systems into deployments.
• Manage SIEM operations, incident response, and vulnerability reviews.

CBN Secure Technologies Inc. is an award-winning provider of secure Driver & Vehicle solutions to US States. They are a subsidiary of Canadian Bank Note (CBN) Company, Limited, designing and developing industry-leading solutions for various domains like Driver & Vehicle and Border Security.