Security Detection & Response Lead

About the jobThe Security Detection & Response Lead is in charge of enterprise-wide threat detection, incidentresponse, and security monitoring to protect critical systems and infrastructure.We're looking for someone who? Holds a Bachelors degree in Computer Science, Cybersecurity, Information Security, or arelated field (Masters preferred)? Has 68 years of experience in security operations, threat detection, or incident response? Has hands-on experience with SIEM platforms such as Splunk, including rule creation,correlation, and log analysis? Demonstrates strong experience investigating security incidents across endpoint, network,and cloud environments? Has deep knowledge of incident response methodologies and threat investigationworkflows? Is experienced with enterprise log sources including Windows/Linux systems, firewalls,IDS/IPS, endpoints, and cloud services? Has strong understanding of detection engineering, MITRE ATT&CK framework, and threathunting methodologies? Has experience with cloud platforms such as AWS or Azure? Is familiar with SOAR or automation tools (preferred)? Holds relevant certifications such as CISSP, GCIH, GCIA, Security+, or Splunk certifications(preferred)? Demonstrates strong analytical, problem-solving, and decision-making skills? Communicates effectively with both technical and non-technical stakeholders? Has experience mentoring team members and leading incident response effortsWhat you'll do? Lead enterprise-wide security monitoring across SIEM, EDR, network, endpoint, and cloudplatforms? Design, implement, and optimize detection rules, correlation logic, dashboards, andalerting use cases? Improve detection quality and reduce false positives to enhance operational efficiency? Ensure proper log ingestion, normalization, and telemetry coverage across systems? Support onboarding of new security tools, log sources, and telemetry pipelines? Lead investigation and response efforts for security incidents? Serve as technical lead during high-severity incidents, coordinating cross-functionalresponse efforts? Perform root cause analysis and recommend remediation actions? Conduct post-incident reviews and improve detection and response processes? Lead proactive threat hunting across SIEM, EDR, NDR, CASB, and cloud environments? Investigate advanced threats including lateral movement, privilege escalation, and dataexfiltration? Map detection and response activities to MITRE ATT&CK framework? Develop and maintain incident response runbooks, playbooks, and documentation? Track and report on key security metrics such as MTTD and MTTR? Collaborate with IT, engineering, and security teams to strengthen overall security posture