Lead vulnerability scanning, triage, remediation tracking, and reporting Operate and fine-tune SIEM solutions for log collection, correlation, and alerting Map detections and defenses to MITRE ATT&CK framework Design and enforce security baselines across infrastructure and applications Collaborate with DevOps/SRE teams to implement secure CI/CD and cloud practices Support incident response with forensics, containment, and recovery Drive security awareness and training across engineering teams Conduct threat modeling and risk assessments for critical systems Ensure adherence to compliance and audit requirements 7+ years of experience in information security or cybersecurity engineering Strong experience in vulnerability management and remediation workflows Hands-on knowledge of SIEM solutions (eg, Splunk, Wazuh, ELK/OpenSearch, QRadar) Familiarity with MITRE ATT&CK, threat intelligence, and adversary techniques Solid understanding of security practices (network security, IAM, encryption, TLS) Experience with cloud security controls (AWS/GCP/Azure) Knowledge of incident response processes and blameless postmortems Familiarity with regulatory and compliance frameworks (ISO 27001, SOC 2, PCI-DSS) Strong scripting/automation skills for security tooling (Python, Bash, or Go) Ability to operate with minimal guidance in a hybrid work environment Strengthen the security posture of our platforms and applications Lead vulnerability management, threat detection, and security best practices with hands-on expertise in SIEM, MITRE ATT&CK, and cloud security
Define and own SLO/SLIs; build error budgets and capacity plans Design HA/DR, backup/restore, blue/green and canary release strategies Implement observability, metrics, tracing, logging, and on-call runbooks Automate toil with tooling, pipelines, and platform abstractions Lead incident management and postmortems with actionable remediation Partner with development teams to improve system reliability and resilience 3+ years of experience in Site Reliability Engineering Strong experience with SLO/SLI definition and monitoring Proven track record in incident response and blameless postmortems Experience with capacity planning and scaling Proficiency with Kubernetes, Terraform, and major cloud platforms (AWS/GCP/Azure) Hands-on experience with observability tools (Prometheus/Grafana, OpenTelemetry, ELK/OpenSearch) Strong automation and scripting skills (Python, Go, or similar) Own reliability for mission-critical services. Lead incident response, SLOs, and production excellence. nan