• Monitor, detect, analyze, and respond to security threats in real time. • Lead incident response efforts—from containment to recovery. • Hunt for threats, analyze logs, and fine‑tune detection rules. • Perform forensic investigations and reconstruct attack paths. • Harden servers, workstations, and network infrastructure using CIS, STIGs, and best practices. • Manage and optimize firewalls (Palo Alto, Fortinet, SonicWall), IDS/IPS, SIEM, and EDR tools. • Drive vulnerability management and partner with teams to remediate risks. • Create clear documentation, playbooks, and security reports.

Ready to take your cybersecurity career to the next level? We’re looking for a Security Operations Engineer II who thrives on solving complex security challenges and protecting critical infrastructure from real-world threats. If you love threat hunting, incident response, and hardening systems to perfection, this role is for you. What You’ll Do - Monitor, detect, analyze, and respond to security threats in real time. - Lead incident response efforts—from containment to recovery. - Hunt for threats, analyze logs, and fine‑tune detection rules. - Perform forensic investigations and reconstruct attack paths. - Harden servers, workstations, and network infrastructure using CIS, STIGs, and best practices. - Manage and optimize firewalls (Palo Alto, Fortinet, SonicWall), IDS/IPS, SIEM, and EDR tools. - Drive vulnerability management and partner with teams to remediate risks. - Create clear documentation, playbooks, and security reports. What You Bring - 5+ years Windows/Linux admin experience + 3+ years in security operations/IR/forensics. - Deep knowledge of OS internals, firewalls, network security, and security frameworks. - Hands-on experience with SIEM, EDR, IDS/IPS, and vulnerability scanners. - Strong analytical, communication, and documentation skills. - Ability to stay calm and effective during high-severity incidents. - Passion for continuous learning and staying ahead of emerging threats. - Experience with MSP/MSSP environments a plus; SonicWall experience preferred. Additional certifications (preferred) Security+, PenTest+, (ISC)² Associate, SSCP Other Details Rotational on-call and occasional off-hours support required.

Role Description We are looking for a Security Operations Engineer to join our team and help protect LTK’s infrastructure, data, and users. The ideal candidate has hands-on experience in incident response (IR), strong analytical skills, and a passion for learning and growing in the security space. This is a remote-friendly position. - Monitor security events and incidents to detect potential threats and vulnerabilities using tools like Splunk and other SIEM platforms. - Support response to security incidents and manage the incident response process end-to-end. - Implement and monitor security measures to protect LTK’s infrastructure and assets. - Create and maintain incident response policies, standards, and runbooks. - Continuously improve detection and response processes to strengthen investigations and remediation. - Communicate risk and impact to engineering and business leaders to drive fast and effective remediation. - Perform proactive threat hunting based on internal telemetry and threat intelligence. - Conduct root cause analysis (RCA) and post-incident reviews to drive learning and improvement. - Track and report on incident metrics to improve response plans and identify gaps. - Stay current on emerging threats, vulnerabilities, and incident response and detection best practices. - Participate in the on-call rotation for security incident handling. - Drive automation and tool integration to scale security operations. - Support vulnerability remediation efforts in partnership with engineering and infrastructure teams. - Assist with audits and assessments to meet regulatory and compliance requirements. - Develop and conduct security incident training, including tabletop exercises and dry runs. Qualifications - 3+ years of experience in a security operations or incident response role. - Experience with SIEM tools similar to Splunk, ELK, log analysis, and triaging alerts. - Strong problem-solving skills and the ability to make decisions under pressure. - Remote work experience and ability to collaborate effectively across time zones. - Take initiative to learn, be open to feedback, and have a strong growth mindset. - Industry certifications such as GCIH, GCFA, Security+, or equivalent are a plus. - A mindset focused on seizing opportunities and moving with urgency. - Dedication to fierce prioritization and operational excellence. - Adaptability to a dynamic, fast-moving environment. - A growth mindset and openness to feedback. Benefits - The opportunity to be part of the leading global company in creator commerce. - A remote-first, productivity-first environment. - Competitive compensation and benefits package to meet the needs of you and your family. - 401(k) with LTK company matching. - Medical Insurance, Vision Insurance, Dental Insurance. - Paid Maternity Leave and Paid Paternity Leave. - Summer Fridays and Flexible PTO.

As a Cybersecurity Incident Response Lead, you will serve as a senior individual contributor within IQVIA’s Cybersecurity organization, leading complex digital forensics and incident response activities across a global, follow‑the‑sun operating model. Acting as a primary backup to the Incident Response Leader, you will coordinate high‑impact investigations and drive executive‑level communications. You will collaborate closely with Legal, Data Privacy, and senior business stakeholders to manage major cybersecurity incidents, deliver clear and timely updates, and strengthen the overall maturity and resilience of IQVIA’s security posture. If you are an experienced incident responder who thrives on leading complex investigations and communicating confidently with senior stakeholders, this could be the role for you. Read on to see how you can make an immediate impact within our Cybersecurity team. Responsibilities: Support and enhance the global Information Security Incident Response process in partnership with internal and external stakeholders Lead complex cybersecurity investigations, delivering clear summary reports and timely stakeholder updates Communicate incident findings and recommended actions to senior stakeholders, including Legal and Data Privacy Identify, propose, and implement improvements to technical security controls, systems, and processes Contribute to the development and documentation of operational procedures, playbooks, and performance metrics Analyze outputs from security tools (e.g., vulnerability assessments, threat intelligence) and produce insights to strengthen security safeguards Provide expert analysis across incident detection, response, containment, recovery, and post‑incident review Operate and optimize key security technologies including firewalls, EDR, IPS, malware prevention, DLP, vulnerability management, access control, and event monitoring Experience, Qualifications and Skills: