Security Detection & Response Lead

About the jobThe Security Detection & Response Lead is in charge of enterprise-wide threat detection, incidentresponse, and security monitoring to protect critical systems and infrastructure.We're looking for someone who● Holds a Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or arelated field (Master’s preferred)● Has 6–8 years of experience in security operations, threat detection, or incident response● Has hands-on experience with SIEM platforms such as Splunk, including rule creation,correlation, and log analysis● Demonstrates strong experience investigating security incidents across endpoint, network,and cloud environments● Has deep knowledge of incident response methodologies and threat investigationworkflows● Is experienced with enterprise log sources including Windows/Linux systems, firewalls,IDS/IPS, endpoints, and cloud services● Has strong understanding of detection engineering, MITRE ATT&CK framework, and threathunting methodologies● Has experience with cloud platforms such as AWS or Azure● Is familiar with SOAR or automation tools (preferred)● Holds relevant certifications such as CISSP, GCIH, GCIA, Security+, or Splunk certifications(preferred)● Demonstrates strong analytical, problem-solving, and decision-making skills● Communicates effectively with both technical and non-technical stakeholders● Has experience mentoring team members and leading incident response effortsWhat you'll do● Lead enterprise-wide security monitoring across SIEM, EDR, network, endpoint, and cloudplatforms● Design, implement, and optimize detection rules, correlation logic, dashboards, andalerting use cases● Improve detection quality and reduce false positives to enhance operational efficiency● Ensure proper log ingestion, normalization, and telemetry coverage across systems● Support onboarding of new security tools, log sources, and telemetry pipelines● Lead investigation and response efforts for security incidents● Serve as technical lead during high-severity incidents, coordinating cross-functionalresponse efforts● Perform root cause analysis and recommend remediation actions● Conduct post-incident reviews and improve detection and response processes● Lead proactive threat hunting across SIEM, EDR, NDR, CASB, and cloud environments● Investigate advanced threats including lateral movement, privilege escalation, and dataexfiltration● Map detection and response activities to MITRE ATT&CK framework● Develop and maintain incident response runbooks, playbooks, and documentation● Track and report on key security metrics such as MTTD and MTTR● Collaborate with IT, engineering, and security teams to strengthen overall security posture