Posted in

Security Operations Technical Lead

Security Operations Technical Lead

CompanyWoven
LocationAnn Arbor, MI, USA
Salary$140000 – $230000
TypeFull-Time
Degrees
Experience LevelSenior, Expert or higher

Requirements

  • 1+ years of experience of technical leadership, or managing & developing high performance teams.
  • 5+ years of hands-on technical experience as a security professional
  • Hands-on experience with AWS, Azure, GCP
  • Ability to triage, investigate and respond to security alerts and conduct technical investigations of security incidents to identify root causes
  • Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts in English.

Responsibilities

  • Act as a technical lead for a regional security operations team responsible for intrusion detection and incident response.
  • Respond to security incidents, conduct forensics and technical investigations.
  • Inspire, grow, and develop talent while providing vision, setting team direction, and leading effectively through outcomes rather than tasks.
  • Help define and execute strategy for detection, investigation, and incident response.
  • Drive changes to increase enterprise visibility and defensibility.
  • Lead security operation engineers to handle security operation tasks.
  • Work closely with cross-functional stakeholders to automate manual toil.
  • Measure and report on operational metrics, objectives, and key performance indicators to assure the team achieves operational excellence.
  • Solve problems in unique ways with an automation-first mindset.
  • Leverage new and existing tools to resolve long-standing challenges in ways that do not generate additional work for teams at Woven by Toyota.

Preferred Qualifications

  • 3+ years of experience in technical leadership & developing high performance teams.
  • Experience in leading SOC improvement projects.
  • Experience with large-scale SIEM, SOAR, EDR and other major security deployments.
  • Experience in managing Extended Detection and Response tools such as Microsoft 365 Defender, Crowdstrike, etc.
  • Hands-on experience with a major forensics toolkit (Valociraptor, Encase, FTK, etc).
  • Experience with operating under various privacy frameworks (CCPA, GDPR, etc).
  • Significant experience with detection engineering, incident response, and threat intelligence.