Senior Detection and Response

Build and operate the full detection lifecycle: log collection, normalization, detection engineering, triage, response, and lessons learned

Own centralized logging across cloud infrastructure, endpoints, identity systems, networks, and critical SaaS platforms

Lead SIEM strategy, including onboarding new sources, parsing, tuning, detection creation, routing logic, and executive-ready dashboards

Stand up and manage a 24/7 SOC/MDR partnership, defining requirements, playbooks, SLAs, escalation paths, and quality standards

Design and run incident readiness programs including runbooks, tabletop exercises, evidence capture processes, and post-incident improvements

Reduce alert noise and increase signal through continuous tuning and risk-based alerting

Lead investigations directly, including triage, containment, root cause analysis, and postmortems

Identify and close detection gaps with measurable improvements to time-to-detect and time-to-contain

8+ years of experience in Security Operations, Detection Engineering, or Incident Response

Proven experience owning centralized logging and SIEM platforms, including architecture design, onboarding, parsing, tuning, and detection engineering

Strong hands-on incident response skills including triage, investigation, containment, evidence handling, and postmortem leadership

Experience managing and holding a SOC/MDR partner accountable to high standards, including SLAs, QA, and escalation processes

Strong communication skills and the ability to operate calmly and effectively during high-pressure incidents

Experience designing detection strategies informed by adversary techniques and threat models

Experience operating in cloud-native and identity-heavy environments