Know Your Adversary
Security Advocate
Location
United States
Posted
8 hours ago
Salary
$160K - $185K / year
Seniority
Lead
Job Description
Security Advocate
SpecterOps
• Represent SpecterOps at industry conferences, webinars, meetups, and virtual events. And serve as a public-facing advocate for SpecterOps across online and offline communities, helping build awareness, trust, and engagement within the cybersecurity community. • Engage with the cybersecurity community through social media, forums, and online groups to promote best practices and thought leadership. • Manage and execute Community event sponsorships, with primary focus on the North America region. • Develop high-quality, technical content such as blogs, whitepapers, tutorials, and videos to educate users about BloodHound Community Edition, BloodHound Enterprise, other SpecterOps’ open-source tools and related security topics. • Create and deliver compelling presentations and workshops on attack path management, identity security, and other key areas of expertise. • Partner closely with the Community Manager to develop and execute community growth initiatives, ambassador programs, educator programs, content creator programs, and community engagement campaigns. • Stay current with trends and developments in cybersecurity to serve as a trusted expert. • Contribute to SpecterOps’ position as a leader in attack path management and enterprise security by sharing innovative ideas and solutions. • Uncover new use cases for our existing tools and potential new opportunities for us to develop solutions for existing customers and community members. • Serve as a technical expert on the marketing team and help inform other demand gen programs, product marketing campaigns and other initiatives as needed.
Job Requirements
- 7+ years of experience in cybersecurity, red/blue team operations, or related fields.
- Strong technical knowledge of security (preferably identity security), attack paths, and adversary tactics.
- Excellent written and verbal communication skills, with the ability to simplify complex technical concepts for diverse audiences.
- Experience creating and delivering presentations, workshops, and technical content.
- Proficiency in using tools like BloodHound, Ghostwriter, Mythic, and other offensive/defensive security tools.
- Knowledge about other SpecterOps Community/FOSS tools.
- Passion for engaging with the cybersecurity community and fostering collaboration.
- Ability to travel (up to 40%) for events, workshops, and conferences.
Benefits
- Health/Dental/Vision/life insurance: 100% covered for both the employee and their family
- Flexible time off policy
- 13 paid holidays annually
- 401(k) with up to 4% company match
- Equity and quarterly bonuses based on company performance
- Remote work: $1,500 first year allowance to set up home office
- $500 annual home office allowance after first year
- $150 monthly cell phone and internet reimbursement
- $5,000 annual professional development allowance
- $5,250 towards continuing education or student loan repayment
- $1,200 annual budget for lifestyle, wellness, pet insurance and more
- A one-time $10,000 benefit towards family planning
- In person and virtual employee events throughout the year
- And of course, company swag!
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Principal OT Security Engineer
GuidePoint SecurityWe help organizations make smarter cybersecurity decisions that minimize risk.
• Lead and oversee OT security engineering engagements, including deployment and optimization of OT security tools, health-checks of existing OT security programs, driving configuration and architecture decisions in collaboration with clients and vendors, and leading OT security architecture assessments • Define and advance GuidePoint's OT service delivery methodology, setting technical standards and quality benchmarks for the broader OT practice • Author and review comprehensive services deliverables that are proficiently tailored to both technical and executive audiences, fully detailing technical execution, core deficiencies, business impact, and strategic remediation roadmaps • Serve as a subject matter expert (SME) and final technical escalation point for complex OT engagements across the practice • Perpetually strengthen and disseminate relevant skills, knowledge, and capabilities to keep GuidePoint and its clients at the forefront of the OT security industry • Cultivate and expand senior client relationships, acting as a trusted advisor to client leadership and representing GuidePoint at the highest levels • Drive cross-functional collaboration to mature and differentiate GuidePoint's OT service offerings in alignment with the SANS Five ICS Critical Controls and other leading frameworks • Contribute to business development through thought leadership, conference presentations, whitepaper authorship, and active participation in pre-sales and proposal activities • Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes.
Junior Engineer – Security
CBTSCBTS partners with businesses to deliver innovative technology solutions, including application services, cloud solutions, consulting, digital workplace solutio
Role Description As a Security Automation Engineer I, you will contribute to the growth and maturity of our Security Operations team by developing and maintaining automation playbooks and workflows within our SOAR and XDR platforms. You will be responsible for translating analyst-driven investigation workflows into automation that accelerates triage, enrichment, containment, and remediation of issues across the SOC. - A strong background in security operations is essential for this role. - Understanding what happens before and after an alert is received is crucial. - Collaborate closely with SOC analysts and senior engineers to reduce manual workload, improve response consistency, and support a more resilient security operation. Qualifications - 2+ years of experience as a SOC analyst, with senior analyst experience preferred. - Hands-on familiarity with alert triage, threat investigation, and escalation decision-making. - 1-2 years of experience working with a SOAR platform, with Palo Alto XSIAM or XSOAR experience strongly preferred. - Four-year college degree resulting in a bachelor's degree, or equivalent practical experience. - One or more of the following certifications: Palo Alto Cortex, CompTIA Security+, CompTIA CySA+, GIAC GSEC, EC-Council CEH, and similar. Requirements - Solid understanding of cybersecurity principles, common attack techniques, and SOC operational workflows. - Experience with SIEM, SOAR, EDR/XDR, threat intelligence, endpoint protection, and email security technologies. - Familiarity with SOAR playbook development, with Palo Alto XSIAM and/or XSOAR experience being strongly preferred. - Understanding of common detection use cases including phishing, endpoint compromise, identity threats, and network anomalies. - Proficiency in Python for scripting and automation tasks. - Comfortable working with REST APIs, Regex, and JSON to build and troubleshoot platform integrations. - Familiarity with Windows, MacOS, and Linux environments. Skills - Develop, test, and maintain automated playbooks and integrations across Palo Alto XSOAR and Cortex XSIAM. - Collaborate with SOC analysts to identify manual, repetitive workflows and translate them into reliable automation. - Experience integrating security tools and platforms to support cohesive, automated response workflows. - Strong analytical skills to evaluate playbook performance, identify logic gaps, and iterate based on analyst feedback and operational data. - Effective problem-solving to troubleshoot integration and automation failures. - Clear verbal and written communication skills, with the ability to document playbook logic and contribute to design discussions across distributed teams. Abilities - Ability to work independently, manage time effectively, and stay productive in a remote environment. - Collaborative team player capable of contributing to technical conversations and troubleshooting sessions. - High attention to detail to ensure automation logic performs accurately under varied conditions. - Commitment to continuous learning and staying current with evolving threats, detection techniques, and automation capabilities. - Ability to adapt playbook logic as the threat landscape and tool stack change over time. Supervisory Responsibilities - No Supervisory Responsibility.
Junior Engineer - Security
CBTSCBTS partners with businesses to deliver innovative technology solutions, including application services, cloud solutions, consulting, digital workplace solutio
Role Description As a Security Automation Engineer I, you will contribute to the growth and maturity of our Security Operations team by developing and maintaining automation playbooks and workflows within our SOAR and XDR platforms. You will be responsible for translating analyst-driven investigation workflows into automation that accelerates triage, enrichment, containment, and remediation of issues across the SOC. - A strong background in security operations is essential for this role. - Understanding what happens before and after an alert is received is crucial. - Collaborate closely with SOC analysts and senior engineers to reduce manual workload and improve response consistency. - Support a more resilient security operation. Qualifications - 2+ years of experience as a SOC analyst, with senior analyst experience preferred. - Hands-on familiarity with alert triage, threat investigation, and escalation decision-making. - 1-2 years of experience working with a SOAR platform, with Palo Alto XSIAM or XSOAR experience strongly preferred. - Four-year college degree resulting in a bachelor's degree, or equivalent practical experience. - One or more of the following certifications: Palo Alto Cortex, CompTIA Security+, CompTIA CySA+, GIAC GSEC, EC-Council CEH, and similar. Requirements - Solid understanding of cybersecurity principles, common attack techniques, and SOC operational workflows. - Experience with SIEM, SOAR, EDR/XDR, threat intelligence, endpoint protection, and email security technologies. - Familiarity with SOAR playbook development, with Palo Alto XSIAM and/or XSOAR experience being strongly preferred. - Understanding of common detection use cases including phishing, endpoint compromise, identity threats, and network anomalies. - Proficiency in Python for scripting and automation tasks. - Comfortable working with REST APIs, Regex, and JSON to build and troubleshoot platform integrations. - Familiarity with Windows, MacOS, and Linux environments. Skills - Develop, test, and maintain automated playbooks and integrations across Palo Alto XSOAR and Cortex XSIAM. - Collaborate with SOC analysts to identify manual, repetitive workflows and translate them into reliable automation. - Experience integrating security tools and platforms to support cohesive, automated response workflows. - Strong analytical skills to evaluate playbook performance, identify logic gaps, and iterate based on analyst feedback and operational data. - Effective problem-solving to troubleshoot integration and automation failures. - Clear verbal and written communication skills, with the ability to document playbook logic and contribute to design discussions across distributed teams. Abilities - Ability to work independently, manage time effectively, and stay productive in a remote environment. - Collaborative team player capable of contributing to technical conversations and troubleshooting sessions. - High attention to detail to ensure automation logic performs accurately under varied conditions. - Commitment to continuous learning and staying current with evolving threats, detection techniques, and automation capabilities. - Ability to adapt playbook logic as the threat landscape and tool stack change over time. Supervisory Responsibilities - No Supervisory Responsibility.
Principal Product Security Engineer
The LeafletAn independent platform for cutting-edge, progressive, legal, and political opinion.
• Secure SDLC & DevSecOps • Embed automated checks across our cloud (GitHub Actions) and on-prem product pipelines — GitHub Advanced Security (SAST/SCA) and Wiz Code for application, dependency, and container scanning • Define secure-by-default patterns, paved-road guardrails, and standards for secure coding, code review, and dependency hygiene — so teams ship quickly and safely • Serve as the application authority for our Zero Trust program, aligned to NIST SP 800-207 and the CISA Zero Trust Maturity Model (Applications & Workloads pillar) • Threat Modeling & Secure Design • Partner with product and engineering on security reviews for new features and payment integrations — running threat modeling (e.g., STRIDE) early in design and turning output into concrete, prioritized work • Vulnerability Management (End to End) • Own the product and application vulnerability lifecycle — one program spanning code, dependency, container, pen-test, and bug-bounty findings, from discovery through remediation • Prioritize by real-world risk and drive remediation against risk-based SLAs; engineering owns the fixes, you own the program and the escalation paths that shrink time to remediate • Report program health with metrics leadership can act on, and provide evidence for compliance obligations (PCI DSS, GLI, ISO 27001, SOC 2) • Application & API Security • Defend our applications and APIs against the OWASP Top 10 and API abuse, partner on payment security across our payment gateways, and team with our Principal Cloud & Network Security Engineer — who owns our Cloudflare edge defenses (WAF, Bot Management) — on bot and abuse resilience • Own the application security of player-facing account flows — registration, authentication, session management, recovery — partnering with our Principal Identity Engineer on CIAM architecture and with SecOps and Fraud on account-takeover resilience • Testing & External Assurance • Coordinate penetration testing with external partners and drive findings to closure • Mature our existing coordinated-disclosure program into a full bug-bounty capability


