CrawlJobs Logo

Security Operations Engineering Lead

United States, New York City · Job Posted February 13, 2026
Apply Position
Job Link Share

Job Description

This is a hands-on security leadership role for someone who has spent their career solving hard security problems in complex environments and now wants to build a Security Operations function the right way. You’ll report directly to a deeply technical CISO and work as a close partner in shaping how detection, response, and security operations evolve as the organization scales. While you will grow, lead and manage a team, it is not a pure management position, technical credibility and day-to-day problem solving are essential. This role is best suited to someone who enjoys designing systems, building detection logic, and understanding failures at a deep technical level, and who sees management as a way to multiply impact rather than step away from the work.

Job Responsibility

  • Designing and reviewing detection strategies and response workflows
  • Staying hands-on with detections, incidents, and security tooling where it matters
  • Partnering with Platform Security, Application Security, and Engineering teams on complex issues
  • Making technical decisions around tooling, architecture, and process
  • Coaching and mentoring engineers while remaining technically engaged
  • Helping shape incident management practices, retrospectives, and continuous improvement

Requirements

  • A strong technical background in security operations, incident response, or detection engineering
  • Experience operating in complex, high-scale, or high-growth environments
  • Prior experience leading highly technical engineers
  • Someone who is comfortable building before things are fully defined
  • The ability to move between deep technical detail and strategic thinking

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Security Operations Engineering Lead

8 matching positions

Senior/Principal Operations & Engineering Lead - Facilities Portfolio Manager

We are seeking an experienced individual to join our Facilities Operations & Man...
Location
Location
United States , Albuquerque
Salary
Salary:
102400.00 - 199700.00 USD / Year
sandia.gov Logo
Sandia National Laboratories
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in mechanical, electrical or related engineering field, plus seven (7) years or more years of directly related experience that demonstrates the knowledge, skills, and ability to perform the duties of the job
  • Experience with the following: Semiconductor or high-volume manufacturing facilities, including design, installation, and clean room infrastructure
  • Facilities planning, construction, and maintenance
  • Engineering of complex facilities or systems
  • Regulatory requirements and safety standards in facilities operations
  • Ability to obtain and maintain DOE Q-level security clearance
Job Responsibility
Job Responsibility
  • Lead the planning, development, and execution of facilities projects related to tools facilities and infrastructure (F&I)
  • Provide leadership and tactical planning for execution of projects and applies engineering or other technical knowledge to achieve project objectives and deliverables
  • Use engineering judgment, built upon a strong engineering and technical background, to identify potential facilities operational risks, develops risk mitigation strategies and corrective actions, and recommends risk acceptance or avoidance for facilities operations
  • Use engineering judgment in negotiating with customers and program managers to ensure that resources are available to accomplish the work
  • Collaborate closely with the MESA portfolio to ensure alignment of facilities operations with program objectives
  • Oversee project management activities, including scope definition, scheduling, budgeting, and resource allocation
  • Conduct rigorous planning and risk assessment to ensure successful project execution and compliance with safety and regulatory standards
  • Serve as a point of contact for facilities-related inquiries and issues
  • Facilitate communication and coordination among cross-functional teams, stakeholders, and external partners
  • Monitor project progress and performance, providing regular updates to management and stakeholders
What we offer
What we offer
  • Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
  • Extraordinary co-workers
  • Some of the best tools, equipment, and research facilities in the world
  • Career advancement and enrichment opportunities
  • Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)
  • Generous vacation, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance
  • Fulltime
Read More
Arrow Right

Cyber Security Operations Lead

Morgan Sindall Group are looking for a Cyber Security Operations Lead role, to s...
Location
Location
United Kingdom , Coventry
Salary
Salary:
Not provided
morgansindall.com Logo
Morgan Sindall Plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 A levels or equivalent education (e.g. C&G, HND / HNC)
  • Good written and spoken English
  • Evidence of interest in Information Technology, Information Security or Data Protection
Job Responsibility
Job Responsibility
  • Oversee day-to-day security operations
  • Supervision and support of Operations analysts
  • Triage and remediation of incidents
  • Threat hunting
  • Performing scheduled checks
  • Assisting with user queries
  • Monitoring and maintaining our security controls
  • Own the operational relationship with our outsourced Security Operations Centre
  • Work with the Engineering function of the team to onboard and run new security controls
  • Develop and maintain an appropriate set of reporting metrics
  • Fulltime
Read More
Arrow Right

Apac Information Security Operations Lead

We are seeking a hands-on Information Security Operations Lead who combines deep...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
optiver.com Logo
Optiver
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Leading or mentoring security engineers, SOC analysts, incident responders, or security operations teams
  • Broad experience with EDR, SIEM, vulnerability management, identity security, and cloud security tooling
  • Experience defining and maturing operational processes: alerting, triage, incident response, playbooks, tooling, and escalation workflows
  • Understanding of SOC workflows, detection tuning/engineering, playbook development, and operational runbooks
  • Experience leading or coordinating incident response efforts across cross-functional teams
  • Demonstrated experience building high-performing, collaborative teams in fast-paced environments
  • Championing a culture of continuous improvement, and operational excellence
  • Cloud security (AWS + M365), identity management (Entra ID, SSO, conditional access), and data protection desirable
  • Automation with Python or PowerShell desirable
Job Responsibility
Job Responsibility
  • Build and lead a high-performance security engineers and analysts, including managing performance, career development and delivery
  • Oversee day-to-day security operations, ensuring efficient triage, investigation, escalation, and resolution of security events
  • Continuously refine operational processes and partner with global security teams to drive alignment in processes, standards, and tooling
  • Lead the team during high-severity incidents, coordinating efforts across engineering, business, and global stakeholders
  • Work with engineers to identify automation opportunities, reduce toil, and improve detection and response capabilities
  • Act as the primary point of contact for operational security topics within APAC and build strong partnerships with all stakeholders
  • Contribute to the long-term strategy and roadmap for global security operations
What we offer
What we offer
  • Performance-based bonus structure
  • Training, mentorship and personal development opportunities
  • Daily breakfast, lunch and an in-house barista
  • Gym membership plus weekly in-house chair massages
  • Regular social events, including a company trip every two years
  • Fulltime
Read More
Arrow Right

Data Security Engineering Lead

JET's Information Security organisation protects a technology-led, cloud-native ...
Location
Location
United Kingdom; Netherlands , London; Amsterdam
Salary
Salary:
Not provided
justeattakeaway.com Logo
Just Eat Takeaway.com
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience engineering data security controls in a cloud-native or enterprise technology environment with proven delivery across DLP platforms, encryption, and data classification programmes
  • Strong technical depth in data protection disciplines: DLP policy configuration, cryptographic protocols, identity and access controls, and secure handling of both structured and unstructured data
  • Analytical and precise able to evaluate complex data flows, configure effective DLP rules, and engineer mitigation strategies that reduce risk without disrupting business operations
  • Emerging familiarity with AI/ML data security risks — including training data exposure, model inversion, prompt injection, and the data privacy implications of generative AI and agentic workflows such as MCP-integrated platforms
  • Collaborative by default, with a track record of partnering with IT, software engineering, and privacy teams to deliver data security outcomes that enable rather than obstruct engineering velocity
Job Responsibility
Job Responsibility
  • Design, deploy, and manage JET's Enterprise DLP solutions monitoring data flows and preventing unauthorised exfiltration of sensitive information across network, cloud, endpoint, and AI-integrated environments
  • Extend data classification and DLP coverage to AI ensuring training datasets, model inputs and outputs, and inference logs containing sensitive data are subject to the same controls as the broader data estate
  • Lead the engineering and implementation of encryption solutions and policies and security protocols to protect data at rest, in transit, and in use across JET's structured (databases) and unstructured (email, documents) data estates
  • Establish, document, and technically enforce data security policies and procedures ensuring rules for how data is stored, handled, and shared are embedded into platform and delivery workflows
  • Own asset discovery and data classification activities protecting highest-risk data types, including AI-generated and AI-consumed data
  • Collaborate closely with the Security Architecture team to embed standardised cryptography and access controls into Golden Path blueprints, ensuring technical compliance with data privacy regulations and AI governance requirements
  • Fulltime
Read More
Arrow Right

Security Operations Lead

The Security Operations Lead at NTT DATA is a pivotal role responsible for manag...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Advanced experience in leading and managing Security teams
  • Advanced experience in Security technologies like (Firewall, IPS, IDS, Proxy etc.)
  • Advanced experience in technical support to clients
  • Advanced experience in diagnosis and troubleshooting
  • Advanced experience providing remote support in Security Technologies
  • Advanced experience in SOC/CSIRT Operations
  • Advanced experience in handling security incidents end to end
  • Knowledge on networking, Linux and security concepts
  • Advanced experience in configuring/managing security controls such as Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, HoneyPots and other security tools
  • Knowledge on log collection mechanism such as Syslog, Log file, DB API
Job Responsibility
Job Responsibility
  • Works as part of a 24/7 team that works on a rotational shift basis
  • Works as part of Platform and Content Engineering handling tunings, stakeholder requests, escalations, reporting, trainings
  • Administration of the organizational security tools to gather security logs from environment
  • Life cycle management of the supported security tools/technologies, Break-fix, Patching, Live update
  • Creates SOPs and notify stakeholders
  • Documents best practices
  • Identifies opportunities to make automations which will help the incident response team
  • Performs hiring and staffing of high-quality engineers
  • Ensures all team members are trained on all aspects of the service
  • Ensures all team members are trained on customer service skills
  • Fulltime
Read More
Arrow Right

Security Operations Engineering II

Microsoft Teams is the hub for teamwork used by millions of users to be more eng...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience.
Job Responsibility
Job Responsibility
  • Identifies and addresses underlying causes of security shortcomings. Develops security guidance to address shortcomings and to build best practices. Ensures identified vulnerabilities are resolved correctly. Leverages latest tools and technologies (e.g., artificial intelligence) to identify and mitigate security issues with minimal guidance
  • Investigates, diagnoses, and triages security incidents with minimal guidance, deepening trust through proactive customer connection and crisis and incident response. Contributes to postmortem and root cause analyses for security incidents. Collaborates with others to create repair items, tools, and/or systems to support incident management. Begins to leverage Incident Management System(s) to update stakeholders during and after incidents as directed
  • Leads security reviews, including architectural and design reviews, and documents findings in analysis reports. Applies best practices in security architecture, design, and development across feature areas. Identifies security risks and potential impact and collaborates with others to mitigate risks, escalating when needed. Helps monitor and respond to security events, potential vulnerabilities, exposures, and policy compliance issues, escalating as needed
  • Contributes to efforts to ensure the correct processes are followed to achieve a high degree of security, privacy, safety, and accessibility. Checks for visible evidence (e.g., audit trail) to demonstrate compliance for product areas. Develops and holds an understanding of the implications of onboarding new technologies following expectations of compliance at Microsoft. Demonstrates and maintains an up-to-date understanding of both global and local regulations for technologies and system applications to ensure regulations are met
  • Uses appropriate artificial intelligence (AI) tools and practices across the software development lifecycle (SDLC) in a disciplined manner. Takes responsibility for the content of their AI-generated changes to artifacts, reviewing all changes and applying appropriate tooling and processes with minimal guidance
  • Exhibits subject matter expertise in class or set of security issues, tools, mitigations, and processes (e.g., architecture, failure modes, attack chain, threat modeling, vulnerabilities). Provides guidance to others in areas of expertise. Maintains current knowledge by investing time and effort. Proactively seeks opportunities to learn.
  • Fulltime
Read More
Arrow Right

Security Operations Lead

Replit is the agentic software creation platform that enables anyone to build ap...
Location
Location
United States , Foster City
Salary
Salary:
220000.00 - 325000.00 USD / Year
replit.com Logo
Replit
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in Security Operations, with 3+ years in a senior or lead capacity
  • Experience leading or collaborating with 24/7 SOC environments (internal, hybrid, or MSSP)
  • Strong experience with SIEM platforms (Chronicle, Splunk, Elastic, Sentinel, Panther, etc.)
  • Deep understanding of: Cloud security monitoring (GCP required
  • AWS/Azure preferred), SaaS security monitoring (Okta, Google Workspace, GitHub, Slack, etc.), Endpoint security telemetry (EDR/XDR tools such as CrowdStrike, SentinelOne, or Defender), Kubernetes and container detection
  • Hands-on detection engineering skills, event correlation, threat hunting, and log analysis
  • Familiarity with AI-based SOC platforms and LLM-driven detection/triage tools
  • Strong understanding of identity security, OAuth/OIDC, and API telemetry patterns
  • Experience with SOAR and scripting (Python, Go, Bash)
  • Knowledge of MITRE ATT&CK, cloud kill chains, behavioral detections, and detection lifecycle management
Job Responsibility
Job Responsibility
  • Lead, mentor, and scale a global SOC team responsible for 24/7 monitoring, alert intake, triage, correlation, and escalation
  • Build operational rigor: processes, runbooks, SLAs, metrics, and quality standards for high-scale environments
  • Evaluate, adopt, and integrate AI-native SOC technologies for triaging, detection, and correlation
  • Own the entire SIEM ecosystem—ingestion, normalization, correlation, enrichment, tuning, dashboards, and metrics
  • Develop high-fidelity detections for: Cloud-native attacks, Identity threats and lateral movement, SaaS misconfigurations and privilege abuse, Endpoint malware/behavior anomalies, Insider threats and account takeover patterns
  • Lead day-to-day triage and threat analysis activities, ensuring accurate categorization and prioritization
  • Partner with Cloud Security on cloud posture and preventative controls
  • Work with Compliance/GRC to support SOC 2, ISO 27001, and audit readiness
  • Collaborate with SRE and Engineering to instrument new services with structured logs and detection hooks
  • Coordinate with IT / Endpoint teams to ensure full endpoint telemetry and EDR response readiness
What we offer
What we offer
  • Competitive Salary & Equity
  • 401(k) Program with a 4% match
  • Health, Dental, Vision and Life Insurance
  • Short Term and Long Term Disability
  • Paid Parental, Medical, Caregiver Leave
  • Commuter Benefits
  • Monthly Wellness Stipend
  • Autonomous Work Environment
  • In Office Set-Up Reimbursement
  • Flexible Time Off (FTO) + Holidays
  • Fulltime
Read More
Arrow Right

Lead Security Operations Engineer

We are looking for a Lead Security Operations Engineer to design, implement, and...
Location
Location
United States , Austin
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years’ experience as a SOAR Engineer
  • Deep expertise in designing, building, and maintaining automated security workflows and playbooks using a SOAR platform
  • The ability to analyze complex security challenges, find opportunities to automate repetitive manual tasks, and develop data-driven solutions
  • Excellent written and verbal communication skills
  • Hands-on experience with a leading SOAR platform (Palo Alto Networks Cortex XSOAR, Tines or Splunk Enterprise Security) coupled with advanced scripting skills in Python
Job Responsibility
Job Responsibility
  • SOAR Platform Management: Lead the design, development, and maintenance of SOAR playbooks, workflows, and integrations with other security tools
  • Automation and Optimization: Identify and implement automation opportunities to improve the speed and accuracy of security operations and incident response
  • Technical Leadership: Act as a domain expert for SOAR, providing technical guidance, mentorship, and support to the security team
  • Collaboration and Strategy: Partner with other security teams to ensure SOAR capabilities align with the overall security strategy
  • Documentation and Reporting: Create and maintain comprehensive documentation for workflows and integrations, and develop reports to measure program success
  • Change Management and Maintenance: Assist with SOAR tool migrations, document all system changes, and stay ahead of the latest SOAR and automation trends
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision
  • 401(k) with company match
  • Employee stock purchase plan
  • Commuter benefits
  • In-house wellness program
  • Broad learning & development opportunities
  • A charitable giving platform with company match
  • Fitness allowance
  • Employee discount programs
  • Free games & events
  • Fulltime
Read More
Arrow Right