Threat Hunter - Security Operations Expert

Red Cell Partners Logo

Red Cell Partners

💵 $170k-$200k
📍Remote - United States

Summary

Join Andesite, a cybersecurity firm building security products that transform how humans and AI collaborate to defend against cyber threats, as a Security Operations Expert. Contribute to the development and execution of the product vision by advocating for security operations workflows, integrations, and analysis. Collaborate with engineering, internal stakeholders, and external partners to build an integration ecosystem enhancing user experience and driving business growth. Occasionally provide support for customer security tool integrations. The ideal candidate possesses a strong private sector background, understands security operations at tactical and strategic levels, and is ready to build a platform addressing security detection and analysis challenges at scale. This role involves internal security consulting, development of realistic scenarios for security logging and alerting, building detections for SIEMs, and collaborating with engineering and customer support to translate security insights into feature requirements. The position offers a competitive salary, bonus, and equity package, along with comprehensive health insurance, unlimited PTO, a flexible remote-first work environment, and 14 weeks of fully-paid parental leave.

Requirements

  • 5+ years of experience in cybersecurity operations including incident response, detection engineering in government or commercial with a preference for commercial
  • Thorough working knowledge of security tools like Splunk, Microsoft Defender for Endpoint, Microsoft Sentinel, and point solutions
  • Thorough understanding of security data flows and integrations
  • Strong technical background with the ability to collaborate effectively with engineering teams
  • Self-starter with the ability to learn new technologies quickly

Responsibilities

  • Occasionally assist internal security operations with various tasks including detection engineering, SIEM maintenance, and analysis
  • Support continuous improvement of internal security processes
  • Work with cross-functional teams to build realistic scenarios that enable collection of security logging, generation of alerts, and drive realistic analytic workflows
  • Build detections for all supported SIEMs to produce security alerting to support product use case development
  • When required, work with engineering to help solve customer problems related to integration with tools in the customer’s security stack
  • Collaborate with product and customer support to translate security insights into feature requirements

Preferred Qualifications

  • Experience with building your SOC’s technology stack
  • Experience building automations and custom SIEM capabilities
  • Experience working with cyber test range environments

Benefits

  • A competitive salary, bonus, and equity package
  • 100% employer paid, comprehensive health insurance including medical, dental, and vision for you and your family
  • Unlimited PTO, with your manager’s approval
  • Flexible work environment where you manage your workday
  • A remote-first environment, with occasional travel to collaborate with customers, your team, and teammates from across the company in person
  • 14 weeks of fully-paid parental leave

Remote

Cybersecurity

Mid-level

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.