Lead the identification, triage, and validation of security incidents, acting as the ultimate escalation point for the SOC.
Drive organizational incident readiness by designing and executing practical response exercises to ensure first responders are prepared at all levels.
Lead cross-functional Post-Incident Reviews to extract critical lessons; drive specific tooling and process enhancements that harden organizational defenses.
Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Founded in 2015 by former NSA cyber operators, Huntress protects all businesses with enterprise-grade, fully owned, and managed cybersecurity products. They protect 4M+ endpoints and 7M+ identities worldwide, elevating underresourced IT teams with protection that works as hard as they do.
Lead the front line of the Security Operations Center.
Maximize detection surface area as a strategic leader.
Prepare the next generation of security analysts.
Huntress is a fully remote, global team dedicated to breaking down cybersecurity barriers. Founded in 2015 by former NSA cyber operators, we protect businesses with enterprise-grade security products, safeguarding 4M+ endpoints and 7M+ identities worldwide.
Perform host/network based forensic investigations to collect and preserve evidence related to incidents
Managing incoming queues of detection alerts, threat reports and security incidents
Prioritizing and triaging competing incidents to maintain Service Level Agreements (SLA)
Nielsen provides powerful insights that drive client decisions and deliver extraordinary results, enabling a better media future. They are a dynamic global workforce committed to capturing audience engagement with content, standing at the forefront of the media revolution.
Responsible for running Rapid Response incidents, including coordinating with other departments, and owning the process end-to-end.
Conducts research on emerging adversary tradecraft to help scope and conduct hunt missions
Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Founded in 2015 by former NSA cyber operators, we protect all businesses with enterprise-grade, fully owned, and managed cybersecurity products at the price of an affordable SaaS application.
Design, implement, and maintain advanced detection rules across SIEM, EDR, and Cloud platforms.
Develop complex automated response playbooks for multi-stage incidents and integrate security tools via APIs.
Co-lead the organization's threat hunting program, defining strategy, methodology, and campaign planning.
AlphaSense is a market intelligence and search platform powered by AI, helping companies make informed decisions with insights from various content sources. With over 2,000 employees globally and offices in multiple countries, they serve over 6,000 enterprise customers, including a majority of the S&P 500.
Lead deep-dive investigations across SIEM/EDR, cloud, and network telemetry; build timelines and determine scope and impact.
Drive case direction by forming and testing hypotheses; identify containment and remediation actions with clear rationale.
Mentor and coach SOC Analysts; provide structured feedback on investigations, ticket quality, and incident handling.
Cyber Advisors (CA) is a rapidly growing Cybersecurity Consulting firm and MSP. They believe in inclusion and is dedicated to continued employee development, therefore CA wants candidates who focus on innovation and results.
Provide security monitoring and incident response of cyber security events.
Monitor and analyze logs and alerts to identify actionable security incidents.
Provide proactive “threat hunting” to detect incidents.
SonicWall is a cybersecurity company with more than 30 years of expertise. They are recognized as a leading partner-first company, ensuring their partners and their customers are never alone in the fight against cybercrime.
Define and mature the Adversary Pursuit program, directing threat hunts and technical table top exercises.
Identify and prioritize areas for improvement based on threat hunt findings.
Collaborate with Offensive Security to enhance threat detection and Security Operations to improve response capabilities.
Flock Safety is a safety technology platform, helping communities by providing a proactive approach to crime prevention and security. They connect cities, law enforcement, businesses, schools, and neighborhoods in a nationwide public-private safety network.
24/7 monitoring and alert triage across SIEM/EDR/cloud security tooling; identify false positives vs. credible threats and set appropriate severity.
Initial investigation and enrichment: gather relevant logs/telemetry, add context, and document findings clearly in the case/ticketing system.
Escalation and coordination: escalate confirmed/suspected incidents quickly and cleanly to L2/IR with a complete handoff (timeline, scope, IOCs, actions taken).
Keyrock is a leading change-maker in the digital asset space, renowned for its partnerships and innovation. They have over 200 team members around the world with a diverse team from 42 nationalities and backgrounds ranging from DeFi natives to PhDs.
Collaborating with Security Operations Center (SOC) team members to monitor, detect, and respond to cybersecurity threats in a timely manner.
Responding to cybersecurity incidents from identification through resolution.
Developing and maintaining up-to-date knowledge of the threat landscape, as well as advancements in cybersecurity technologies and methodologies.
Calendly's product helps connect millions of people. They are in the midst of exciting product growth and offer opportunities to learn and grow alongside top professionals.
Conducts threat monitoring and analysis using threat detection tools.
Builds and maintains security infrastructure and system performance.
Triages alerts from detection platforms, identifying false positives and escalating attacks.
Nuvalent is dedicated to creating selective medicines with expertise in chemistry, specifically designed to meet the needs of cancer patients. They are an early-stage company that brings together experienced scientists and industry veterans with a history in oncology drug development and company building.
Monitor SIEM dashboard and security tools to detect security incidents.
Analyze alerts to determine relevance and prioritize response efforts.
Conduct investigations by gathering context and relevant logs.
Sentinel Blue is a young company focused on bringing enterprise-class cybersecurity to small and medium-sized businesses. They are pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission in a fast-paced, dynamic environment that values learning and challenges.
Use all-source intelligence to monitor security incidents and trends.
Support the Client’s trust and safety function to monitor and respond to issues.
Escalate security incidents to client stakeholders, following efficient procedures.
Sibylline is a leading intelligence and strategic risk consultancy in the security sector. Since 2010 they have supported businesses, governments and NGOs through the provision of high-quality risk analysis, due diligence and consultancy services.
Deliver exceptional support experiences through security expertise and empathetic communication.
Provide expert-level advisory services on complex security questions and product issues.
Drive Security Operations team efficiency through process creation, optimization, and innovative feature ideas.
Blumira is a security operations platform built for growing teams and partners supporting them. They integrate comprehensive visibility, tools, and expert guidance to give IT and security teams peace of mind. The team is passionate about putting resilience in reach for every organization and helping teams build their own expertise.
Own and lead incident response process and actively investigate events.
Prioritize alerts based on risk and collaborate with stakeholders for remediation.
Design, implement, and maintain comprehensive security dashboards and generate periodic reports.
Deel is the all-in-one payroll and HR platform for global teams with a vision to unlock global opportunity for every person, team, and business. As one of the largest globally distributed companies, Deel's team of 7,000 spans more than 100 countries and speaks 74 languages.
Acting as a senior escalation point and incident coordinator for security incidents across Canva’s cloud, endpoint, and SaaS environments.
Leading and actively participating in security incident response, from initial detection through investigation, containment, eradication, and recovery.
Performing deep forensic analysis to determine scope, impact, and root cause, and translating technical findings into clear outcomes for stakeholders.
Canva is a design platform. They have campuses in Sydney and Melbourne and co-working spaces in Brisbane, Perth and Adelaide.
Leverage your sysadmin background to set up research environments, manage lab infrastructure, and ensure our tooling is stable.
Assist in simulating threats (Red) while documenting detection gaps and defensive improvements (Blue).
Perform data collection, log analysis, and initial vulnerability triaging to support Senior Researchers.
Cobalt is evolving the way we approach security research. They are an equal opportunity employer committed to fair and equitable compensation practices with competitive benefits.
Detection, analysis and management of security incidents
Making and evaluating reports
Monitoring the customer’s environment
Deutsche Telekom IT Solutions, a subsidiary of the Deutsche Telekom Group, was Hungary’s most attractive employer in 2025, according to Randstad’s representative survey. They provide a wide portfolio of IT and telecommunications services with more than 5300 employees.