CrawlJobs Logo

Secops Lead

United States, Washington, DC · Job Posted February 10, 2026
Apply Position
Job Link Share

Job Description

Serves as the Lead Cybersecurity Operations (SECOPS) contractor, providing senior-level technical leadership and operational support to the Agency’s IT Security Program.

Job Responsibility

  • Serves as the Lead Cybersecurity Operations (SECOPS) contractor, providing senior-level technical leadership and operational support to the Agency’s IT Security Program
  • Supports and coordinates SECOPS activities under government direction and maintains technical inputs to the Agency’s IT Security Program
  • Provides senior technical advisory support to the Chief Information Security Officer (CISO) on developments in cybersecurity, information security (INFOSEC), and IT security, including emerging threat vectors, advanced persistent threats (APTs), attack surface analysis, and identified weaknesses
  • Supports Agency-level technical implementation of approved cybersecurity policies, standards, and directives by developing technical documentation, implementation guidance, and draft procedures for government review and approval
  • Leads day-to-day contractor cybersecurity operations activities within the SECOPS function, supporting government-led oversight of systems and services that impact the Agency’s mission and critical infrastructure
  • Implements and administers cybersecurity incident handling (IH) and incident response (IR) capabilities, including SIEM dashboards, detection inputs, incident response playbooks, and operational metrics, to improve efficiency and effectiveness of security operations
  • Facilitates and coordinates SECOPS activities in support of the Agency’s Information Security (INFOSEC) Program, assisting Agency system security personnel and Information System Security Officers (ISSOs)
  • Serves as the senior technical advisor for threat, vulnerability, and configuration management activities, providing threat intelligence analysis, mitigation recommendations, and defensive strategy insights to Agency stakeholders

Requirements

  • Demonstrated ability to guide technical discussions and provide expert advisory support to senior government officials, including the CISO, system owners, SOC staff, and executive leadership, while operating under government direction
  • Proven experience as a SOC Lead or Senior Team Lead, successfully coordinating with managed security service providers (MSSPs) and external cybersecurity partners (e.g., CISA, CYBERCOM) in support of incident response (IR), incident handling (IH), and vulnerability management (VM) activities), including mitigating actions to contain activity and facilitating forensics analysis when necessary
  • Documented experience conducting and guiding in-depth technical evaluations of INFOSEC, IT security, and cybersecurity tactics, techniques, and procedures (TTPs), including their impact on baseline system configurations
  • Demonstrated proficiency providing cybersecurity posture assessments, hygiene reporting, and technical input in support of Governance, Risk, and Compliance (GRC) activities and continuous monitoring programs
  • Experience providing incident response support to network subscribers, including recommending mitigating actions, supporting containment efforts, and facilitating forensic analysis under government oversight
  • Demonstrated expertise in log-based and endpoint-based threat detection, threat hunting, and analysis across multiple threat sources
  • Strong technical knowledge of web services security, Microsoft cloud environments (Azure, M365), and modern enterprise security architectures
  • Advanced experience evaluating the security of complex web portals, APIs, and databases (e.g., Java, Ruby, SQL, Oracle) using commercial and open-source security assessment tools such as SQLmap and mongoaudit
  • Near-expert proficiency in: Web application security testing frameworks (e.g., NMAP, W3af)
  • Continuous monitoring and remediation tools (e.g., Azure Security Center, Defender for Cloud, Qualys, Wireshark)
  • Endpoint Detection and Response (EDR) platforms (e.g., HBSS, SEP, Microsoft Defender)
  • Near-expert knowledge of SOC operations, incident handling (IH), incident response (IR), and adversary tactics, techniques, and procedures (TTPs)
  • Ability to facilitate adoption of cybersecurity best practices with development, database, and system administration teams through technical expertise and collaborative engagement
  • Requires a bachelor’s degree in Cybersecurity, Information Assurance, or Information Security and 7+ years of relevant work experience. Additional experience may be substituted for a degree
  • Must be engaging and proactive with critical thinking and problem-solving ability, both independently and as part of a team
  • Candidate must demonstrate the ability to present ideas and reports clearly in English, both orally and in writing
  • Must obtain agency suitability clearance prior to start date

Nice to have

  • Highly Desired Certifications: CISSP, OSCP, GCIH, GPEN, GSEC, GCIA, GCED, GCID, CCSP, GWEB, GSNA, GCWN, GAWN, GSE, GPPN
  • Experience supporting a nationwide mid-sized Federal agency enterprise is a plus

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Secops Lead

8 matching positions

SecOps Lead

As a Security Operations Lead at Island, you will operationalize and enhance the...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
island.io Logo
Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of detection engineering, security operations workflows, and incident response practical experience
  • Proficiency in scripting and automation (e.g., Python, Bash, PowerShell) to build scalable security tooling
  • Hands-on experience (3+ years) with SIEM, EDR, cloud security monitoring, and incident management
  • Familiarity with cloud security (AWS/GCP/Azure) principles and secure DevOps practices
  • Solid grasp of modern attack techniques, threat actor behaviors, and vulnerability exploitation patterns
  • Curiosity-driven, operations-focused mindset with a passion for keeping adversaries out and operations resilient
Job Responsibility
Job Responsibility
  • Security Monitoring & Incident Response: Design, implement, and maintain security monitoring solutions
  • investigate and respond to security events, anomalies, and vulnerabilities relevant to the Island Enterprise Browser and supporting infrastructure
  • Operational Security Automation: Develop custom automation for detection, alerting, triage, and response workflows
  • optimize signal-to-noise ratio to enable fast and accurate threat detection
  • Threat Intelligence & Hunting: Collect, analyze, and operationalize threat intelligence relevant to our threat model
  • conduct proactive threat hunting activities tailored to the enterprise browser domain
  • Security Operations Playbooks: Create and maintain incident response guides, runbooks, and operational playbooks to enable structured, high-fidelity security operations and empower cross-functional teams
  • Security Enablement & Awareness: Collaborate with product, engineering, and IT teams to improve security awareness, deliver training, and drive adoption of security best practices across Island
  • Fulltime
Read More
Arrow Right

Tech Lead - IR, Cyber Security, SecOps

As the Tech Lead of IR, you will be the captain of the front-line defence. You w...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Leadership Experience: 1+ years of experience leading technical teams or acting as a formal mentor/technical lead in a security context
  • Deep Technical Roots: 7+ years of industry experience in security with a focus on Information Security principles
  • Cloud Mastery: Proven expertise in attack and mitigation methods within complex AWS, GCP, or Azure environments
  • Incident Response Prowess: Extensive experience in risk prioritization and managing the lifecycle of security incidents in a global production environment
  • Technical Breadth: Mastery in at least 5 of the following: Endpoint Protection (EDR/XDR) & Zero Trust architecture
  • Identity Management (IAM/IDM) and SSO/SAML
  • Security Analytics (SIEM/Logging) such as ELK or Splunk
  • Container Security (Docker, Kubernetes)
  • Email Protection & Patch Management
  • Coding Proficiency: Ability to review and guide the development of security tools in Python or Go
Job Responsibility
Job Responsibility
  • Incident Command: Act as the primary escalation point for high-priority security incidents, leading the triage, containment, and post-mortem processes
  • Architect Operations: Oversee the design and execution of vulnerability management, SaaS security posture (CASB), and asset management at scale
  • Drive Automation: Champion "Security as Code" by leading the development of internal tools (Python/Go) to automate monitoring and remediation
  • Cross-Functional Partnership: Collaborate with SRE, DevOps, and Product teams to drive holistic fixes for systemic architectural vulnerabilities
  • Evangelize Security: Build a culture of security across the organization through training, documentation, and proactive risk management
Read More
Arrow Right
New

Practice Lead

As the Practice Lead (PL) within the Center of Excellence (COE), you will serve ...
Location
Location
Brazil , São Paulo
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience leading large-scale transformational initiatives within enterprise Professional Services, Management Consulting, or Customer Success organizations. A proven track record of modernizing global service delivery models is essential
  • 5+ years of experience steering enterprise-wide orchestration, strategic operations, business transformation, or executive advisory functions within a high-growth cybersecurity, cloud provider (AWS/Azure/GCP), or enterprise SaaS company
  • Exceptional capability to influence, build consensus, and drive massive organizational change across disparate executive teams spanning Product, Engineering, Sales, and Services
  • Solid understanding of how machine learning and Generative AI (GenAI) intersect with security operations. Candidates should possess a practical grasp of AI-driven SecOps (e.g., Cortex XSIAM), automated triage/incident orchestration, and the unique security governance/risks associated with safeguarding enterprise LLM deployments
  • Proven success building, scaling, and optimizing delivery methodologies, operational governance models, maturity frameworks, and KPIs within complex, matrixed global organizations
  • Stellar verbal, written, and presentation skills, with a demonstrated ability to translate highly complex technical, architectural strategies into clear, actionable operational plans for both technical engineers and C-suite audiences
  • Deep technical literacy in modern cybersecurity architectures. Direct experience with Cortex (XDR/XSIAM/XPANSE), Cortex Cloud, and Prisma Cloud (or highly equivalent enterprise EDR/XDR, SIEM/SOAR, and CNAPP solutions) is strongly preferred
Job Responsibility
Job Responsibility
  • Drive Regional Excellence: Own the application, localized adoption, and quality governance of global COE methodologies, ensuring they are tailored effectively to regional market dynamics and compliance realities
  • Cross-Functional Orchestration: Establish seamless alignment between Professional Services (PS) and Customer Success / Scale & Optimize (S&O) organizations to define unified delivery frameworks, joint handoffs, and customer success metrics
  • Executive Escalation & Governance: Serve as the definitive regional authority and escalation point for complex methodology, scoping, and execution challenges, resolving high-stakes delivery roadblocks before they impact customer health
  • Unified Lifecycle Management: Enforce and champion a cohesive, end-to-end customer journey that bridges the gap between initial implementation and long-term account value optimization/expansion
  • Operational Boundary Design: Define, refine, and optimize operational ownership boundaries between PS and CS, eliminating friction, clarifying roles, and ensuring frictionless transitions for customers
  • AI-Driven Standardization at Scale: Eradicate bespoke, one-off delivery approaches by designing, introducing, and enforcing highly repeatable, asset-driven execution models that leverage machine learning insights and autonomous AI playbooks to maximize delivery margins
  • Strategic Commercial Partnership: Partner directly with regional Sales, Customer Success leadership, and GTM executives to ensure delivery readiness dynamically matches fast-paced deal motions and enterprise customer expectations
  • Deal Architecture & Risk Mitigation: Advise on strategic, marquee, and complex enterprise deals by providing expert guidance on technical feasibility, scoping precision, risk mitigation, and delivery architecture
  • Field-to-Product Feedback Loop: Systematically capture and synthesize theater-specific insights, product limitations, and regional constraints into structured, data-driven telemetry for Global COE and Product/Engineering teams to shape the future product roadmap
  • Proactive Risk Management: Maintain deep, data-driven visibility into regional capacity, market demand, and delivery risks
  • Fulltime
Read More
Arrow Right
New

Staff Security Engineer, CSIRT

As a Staff Security Engineer within our CSIRT Team, you will be accountable for ...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
deliveryhero.com Logo
Delivery Hero
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of broad cybersecurity experience with a deep understanding of core security fundamentals, coupled with 5+ years of dedicated experience in a SOC or CSIRT environment
  • Proven track record acting as a Security Incident Commander
  • Mastery of the full incident lifecycle and hands-on playbook creation for complex, high-availability hybrid-cloud environments, distributed microservices, and platforms processing vast amounts of PII and payment data
  • Operational expertise with SIEM, EDR, Cloud Security platforms, SOAR, and WAF/DDoS protection solutions
  • Advanced proficiency in writing production-quality code (e.g., Python, Go, Rust) to build scalable in-house solutions
  • Hands-on experience securing and responding to incidents across public cloud platforms (AWS, GCP) and cloud-native technologies like Kubernetes, Docker, and Infrastructure-as-Code (e.g., Terraform)
  • Familiarity with Git/GitHub usage, CI/CD systems, and modern SecOps workflows
  • An exceptional communicator with the ability to influence cross-functional stakeholders
Job Responsibility
Job Responsibility
  • Incident Commander: Serve as the single accountable leader during active responses for high-severity incidents, directing investigative focus from detection through recovery while maintaining a calm and decisive demeanor under pressure
  • Post-Incident Reviews & Remediation: Lead blameless post-incident reviews to ensure continuous improvement, durable engineering solutions, and systemic resilience
  • Stakeholder Communication: Serve as the primary interface to stakeholders during critical security incidents, translating complex technical realities into clear risk, impact, and decision frameworks
  • Engineering-Led Response & Automation: Design and develop in-house solutions, automated workflows, and scalable systems to eliminate repetitive processes, reduce triage time, and continuously improve the overall quality and efficiency of our security incident response operations
  • Mentorship & Leadership: Act as a hands-on technical leader and role model, actively mentoring teams and individuals within your domain
  • Metrics & Strategic Visibility: Have a Data-Driven Strategic mindset to define, track, and improve core operational metrics (MTTD, MTTR) to identify systemic gaps and propose strategic, long-term security investments
  • Organizational Readiness & Tabletop Exercises: Proactively design and facilitate complex, realistic tabletop simulations and purple team engagements
  • On-Call: Participate in a predictable on-call rotation as an Incident Responder
What we offer
What we offer
  • Hybrid working model
  • 27 days holiday
  • 1.000 € Educational Budget
  • Language Courses
  • Parental Support
  • access to the Udemy Business platform
  • Health Checkups
  • Mindfulness and Gym & Bicycle Subsidy
  • Digital Meal Vouchers
  • Food Vouchers
  • Fulltime
Read More
Arrow Right
New

Senior Security Operations Analyst

We are looking for an experienced Senior Security Operations Analyst to join a b...
Location
Location
United Kingdom
Salary
Salary:
Not provided
talenthawk.com Logo
TalentHawk
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Approximately 5 years' experience within a Security Operations (SecOps) environment
  • Strong experience working in a 2nd/3rd line security operations role
  • Experience with AWS security services and cloud security operations
  • Hands-on experience with Microsoft Sentinel
  • Hands-on experience with Microsoft Defender
  • Strong understanding of incident response, alert triage, and security investigations
  • Experience analysing logs, alerts, and security telemetry from multiple sources
  • Ability to prioritise workload effectively in a busy operational environment
  • Strong communication and stakeholder management skills
  • Must be eligible for SC Clearance
Job Responsibility
Job Responsibility
  • Monitor, triage, and investigate security alerts and incidents
  • Perform detailed analysis of security events and suspicious activity
  • Lead and support incident response activities, including containment, remediation, and recovery
  • Utilise Microsoft Sentinel and Microsoft Defender to detect and respond to threats
  • Support and maintain security monitoring use cases and detection capabilities
  • Collaborate with infrastructure, cloud, and support teams to resolve security issues
  • Produce investigation reports and provide recommendations to improve security posture
  • Contribute to continuous improvement of security operations processes and procedures
  • Act as an escalation point for complex security incidents and investigations
  • Fulltime
Read More
Arrow Right
New

Lead Cloud Security Architect

Location
Location
Sweden; United Kingdom; Poland , Stockholm; London; Łódź; Warsaw; Gdansk; Cracow
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in technology, with at least 7 years in a dedicated cloud security or infrastructure security role
  • Demonstrated experience designing and implementing secure landing zones in a multi-cloud environment (GCP, AWS)
  • Hands-on experience with the architecture and strategy of cloud security tools (e.g.,Wiz, Orca)
  • A Bachelor’s degree in a relevant field or equivalent professional experience.
Job Responsibility
Job Responsibility
  • Champion and orchestrate the definition of Arrive’s cloud security architecture, from identity boundaries to network segmentation, in partnership with Data & Analytics teams, Engineering, and IT
  • Develop and maintain a comprehensive set of global security standards, baselines, and guidelines for cloud-native services, container security, and serverless computing
  • Create and champion the strategy for cloud security tooling including CSPM (Cloud Security Posture Management) and CWPP (Cloud Workload Protection) - ensuring these platforms are architected for seamless SecOps integration, automated alerting, and streamlined incident response workflows
  • Define and manage cloud security standards for Mergers & Acquisitions, establishing requirements for the secure migration and integration of acquired cloud environments
  • Own and evolve the cloud security reference architecture, providing a clear 'north star' for all engineering teams to follow
  • Operating 'Together,' you will act as strategic partner for the Infrastructure, SecOps, and engineering teams, orchestrating a cohesive security vision that spans the entire cloud and AI-first engineering landscape
  • Act as a lead security consultant and strategic partner for infrastructure, SecOps, and Engineering teams - providing expert guidance on secure cloud design patterns and landing zone configurations
  • Forge a dynamic partnership with the Security Platform team: co-design the infrastructure-as-code (IaC) security roadmap and introduce new architectural patterns where needed
  • Lead security architecture reviews and threat modeling sessions for complex cloud migrations and high-risk infrastructure changes
  • Act as a senior mentor and advocate for cloud security champions across the organization, helping to grow our internal technical talent
  • Fulltime
Read More
Arrow Right
New

Vodafone Business Senior Security Engineer

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
Egypt , Giza
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–9 years in cybersecurity engineering or implementation roles
  • Bachelor’s degree in Computer Science, Engineering, IT, or related field
  • Strong communication, presentation, and stakeholder management skills
  • Proven leadership, teamwork, and collaboration abilities
  • Fluency in Arabic and English
  • Security architecture, operations, and enterprise-scale environments
  • Threat management, vulnerability management, and incident response
  • Hands-on experience with SIEM, endpoint protection, IAM, and firewalls
  • Experience with vendors like Microsoft, Cisco, Palo Alto, Fortinet, Trend Micro
  • CISSP, CISM, CEH, CompTIA Security+
Job Responsibility
Job Responsibility
  • Lead the delivery and implementation of end-to-end cybersecurity projects in enterprise-scale environments
  • Design, develop, and maintain secure architecture frameworks covering network, endpoint, identity, and cloud security
  • Manage and enhance Security Operations (SecOps) including monitoring, detection, and response capabilities
  • Oversee threat management, vulnerability management, and incident response processes to minimize risk exposure
  • Analyze and troubleshoot complex security and infrastructure issues across integrated environments
  • Collaborate with internal teams, vendors, and stakeholders to ensure seamless security integration and project execution
  • Provide technical leadership, mentoring, and guidance to security teams
  • Drive adherence to industry standards, policies, and compliance frameworks (ISO 27001, NIST, PCI-DSS)
  • Support continuous improvement initiatives by evaluating emerging threats, tools, and technologies
  • Bridge communication between technical and non-technical stakeholders to support decision-making
  • Fulltime
Read More
Arrow Right

Principal Engineer – Network Tools and Observability

Wells Fargo is seeking a Principal Engineer to lead the strategy, architecture, ...
Location
Location
United States , Irving; Chandler; Charlotte; Iselin
Salary
Salary:
159000.00 - 305000.00 USD / Year
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
July 06, 2026
Flip Icon
Requirements
Requirements
  • 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 7+ years in large‑scale network engineering/operations, with 5+ years focused on tooling and observability
Job Responsibility
Job Responsibility
  • Strategy & Roadmap: Advise leadership on multi-year strategy for network tools and observability (NPMD, telemetry pipelines, topology, synthetic monitoring), aligned with SRE, Security, and Cloud initiatives
  • Architecture: Design and evolve the observability stack, selecting tools and technologies (e.g., SNMP, flow/IPFIX, syslog, streaming telemetry/gNMI, OpenTelemetry, APM/NPM, log analytics, time-series DB) for scalability across on-prem, cloud, and branch environments
  • Delivery Leadership: Oversee implementation and integration with ITSM/CMDB, CI/CD, configuration compliance, and ITIL-based incident/problem/change workflows
  • Cross-Functional Collaboration: Partner with NetOps, SRE, SecOps, Cloud, and Lines of Business to translate requirements into architecture and measurable outcomes
  • Blueprints & Standards: Define baselines for telemetry and data collection: SNMP polling and SNMP traps, Syslog ingestion and correlation, Flow data (NetFlow, sFlow, IPFIX, etc.), Packet capture tools for deep traffic analysis, Integration with vendor-based controllers and SaaS platforms, Define tooling standards across platforms
  • Enterprise Impact: Lead resolution of complex challenges requiring deep evaluation across multiple domains, Translate strategic business objectives and enterprise technology landscape into engineering solutions, Provide vision and technical direction to leadership for innovative, large-scale solutions
  • Operational Excellence: Optimize processes and drive robust automation, Identify inefficiencies and promote continuous improvement
  • Leadership & Mentorship: Align stakeholders through clear technical communication, Mentor teams and deliver knowledge transfers to upskill SMEs, Present technical concepts to senior leaders
What we offer
What we offer
  • Health benefits
  • 401(k) Plan
  • Paid time off
  • Disability benefits
  • Life insurance, critical illness insurance, and accident insurance
  • Parental leave
  • Critical caregiving leave
  • Discounts and savings
  • Commuter benefits
  • Tuition reimbursement
Read More
Arrow Right