Lead Security Operations Engineer (worldwide remote, work anywhere)

Experience in an IT/security-related role (SecOps/Blue Team experience, etc.). Experience in triaging security alerts/executing incident response. Experience with building, configuring, and managing patch management tools. Practical knowledge of tools and/or tech stack components (such as EDR, Vulnerability Scanner, SIEM, Cloud). Practical knowledge of fundamental security concepts, including network/endpoint security, security alert triage, and basic application security. Experience building and maintaining monitoring and alerting capabilities. Deep expertise with Linux-based operating systems. Critical thinking and the ability to balance security requirements with mission needs. Be an IT Security enthusiast with thorough knowledge and expertise in the security and software development spaces. Thorough understanding of the latest technologies, security principles, and protocols. Ability to demonstrate comprehensive, practical knowledge of research and collection skills as well as analytic methods. At least C1 and a higher level of English proficiency. Relevant information security certifications (CISSP, OSCP, OSCE, LPT, etc.) is a plus. Experience in modern container orchestration projects is a plus. Experience with cloud vendors - GCP, Azure, AWS is a plus. Knowledge of/experience with international information security standards and personal data protection standards: ISO 27XXX, PCI DSS, GDPR, etc. is a plus. Knowledge of/experience with information security standards and frameworks: PKI, WS-Security, X.509, SSL/TLS, etc. is a plus. Bachelor's degree in Computer Science, Information Security, or related field is a plus. Experience in CTF or bug bounty programs is a plus. Knowledge of application security practices and tools is a plus.

Incorporate security practices into infrastructure and automation. Collaborate with development and operations teams to embed security. Create detection rules to improve attacker detection. Stay current with security standards/regulations. Identify and implement security innovation tools. Manage/implement cloud security controls (identity, access management, policies). Evolve tooling, logging, monitoring, and alerting systems. Triage, investigate, and escalate security alerts, providing remediation recommendations. Document procedures and best practices. Configure and operate security scanning tools, optimizing alert rules. Develop a comprehensive understanding of systems, environments, and tools.