Security Operations Lead

Summary

Join Earnest as the Security Operations Lead and oversee security monitoring, incident response, and threat detection. Lead the development of detection logic and response workflows in a cloud-native environment. Serve as incident commander during security events, coordinating cross-functional teams. Manage the threat intelligence program and conduct threat hunting. Partner with other teams to embed security into daily operations and maintain audit readiness. Mentor junior team members and build a high-performing security operations function. This role is based in the San Francisco Bay Area with flexible remote work options, requiring monthly visits to the Oakland office.

Requirements

• 8+ years of cybersecurity operations experience with a track record of leading incident response, threat detection, and vulnerability remediation
• 2+ years in a formal leadership or program ownership role (SOC, IR, etc.)
• Expertise in modern cloud environments (e.g., AWS), Kubernetes, Linux, and SaaS applications
• Proficient in tools such as SIEM, EDR/XDR, SOAR, IDS/IPS, vulnerability scanners, threat intel platforms
• Experience responding to security incidents in regulated industries (e.g., fintech, healthcare)
• Strong communication and leadership skills – able to lead complex incidents and present findings to executive audiences
• Knowledge of regulatory standards such as SOC 2, GLBA, SOX, NY DFS, etc

Responsibilities

• Oversee Earnest’s security monitoring and incident response operations, ensuring rapid detection and containment of threats
• Lead the development and tuning of detection logic, response workflows, and vulnerability management across our cloud-native environment
• Serve as incident commander during security events, coordinating cross-functional teams and managing communications with key stakeholders
• Manage the threat intelligence program and proactively conduct threat hunting based on emerging indicators and TTPs
• Partner with engineering, infrastructure, and compliance teams to embed security into day-to-day operations and maintain audit readiness
• Mentor and guide junior team members, helping to build a resilient, high-performing security operations function

Preferred Qualifications

• Experience in fintech or another highly regulated environment
• Background in digital forensics, malware analysis, or adversary emulation
• Familiarity with frameworks like MITRE ATT&CK or OSC&R

Benefits

• Health, Dental, & Vision benefits plus savings plans
• Mac computers + work-from-home stipend to set up your home office
• Monthly internet and phone reimbursement
• Employee Stock Purchase Plan
• Restricted Stock Units (RSUs)
• 401(k) plan to help you save for retirement plus a company match
• Robust tuition reimbursement program
• $1,000 travel perk on each Earnie-versary to anywhere in the world
• Competitive days of annual PTO
• Competitive parental leave