Payscale logo
Payscale

Payscale powers compensation decisions for more than 25% of the US workforce

Director, Security Engineering – Operations

Security OperationsSecurity OperationsFull TimeRemoteLeadTeam 501-1,000Since 2002H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

2 days ago

Salary

$182.7K - $274.1K / year

Seniority

Lead

Postgraduate Degree10 yrs expEnglishAnsibleAWSCloudPython

Job Description

Director, Security Engineering – Operations

Payscale

• Direct, manage, and lead the security engineering and security operations team members; own hiring, onboarding, performance reviews, and career development plans aligned to Payscale’s Information Security Career Ladder • Set strategy and quarterly/annual objectives for both functions and translate them into a prioritized, measurable roadmap; hold regular 1:1s and team connects to maintain a high-performance, feedback-rich culture • Mentor engineers and analysts at all career levels, providing task-based directives, technical coaching, and growth-oriented feedback • Own the on-call rotation and after-hours escalation path across both functions, ensuring coverage for time-sensitive detection and response • Serve as a working leader — remaining hands-on in engineering, architecture, and incident response rather than leading solely through delegation • Own the design, implementation, and continuous hardening of security controls across corporate, cloud, and hosting environments • Build and maintain security automation and integrations — SOAR, detection-as-code, and infrastructure-as-code guardrails — to scale coverage without adding headcount • Engineer and operate the security tooling stack (EDR/XDR, SIEM, identity protection, DLP/CASB, vulnerability scanning), ensuring platforms are well-integrated and meet architectural standards • Partner with Engineering and Infrastructure to embed “secure by design” into CI/CD, cloud architecture, and product development • Drive adoption of a zero-trust methodology across identity, endpoint, network, and application layers • Lead security engineering for enterprise AI and agentic tooling adoption, building controls and guardrails for safe internal use • Drive the threat detection and incident response capability: detection engineering, playbook development, tabletop exercises, and continuous improvement of MTTA/MTTR metrics • Lead or oversee incident response events as the designated incident manager for significant or multi-team incidents, running incident command end-to-end • Own the MDR relationship, holding the provider accountable to SLAs, coverage, and response outcomes • Extend detection and response to secure enterprise AI and agentic tooling adoption • Own the vulnerability and exposure management function across all corporate and hosting environments, coordinating cross-functionally on mitigation and remediation with clear SLAs • Expand security monitoring, visibility, and coverage using existing platforms and open-source tooling • Own the security engineering and operations portion of the Information Security program roadmap, delivering operational metrics, risk-posture data, and capacity analysis • Establish and report security KPIs to technology and executive leadership on a regular cadence • Collaborate with the GRC team on ISO 27001 and SOC 2 evidence, control effectiveness, and audit readiness as it relates to security engineering and operations • Lead technical evaluations of emerging security vendors and technologies; provide buy/build/partner recommendations to technology management • Represent security engineering and operations in cross-functional product, engineering, and infrastructure initiatives, ensuring security requirements are incorporated by design

Job Requirements

  • 10+ years in information security, including 4+ years in a lead or management role across security engineering and/or security operations functions
  • Proven people-management track record: direct reports, performance cycles, and team development in a security context
  • Expert, hands-on knowledge of both security engineering (controls design, automation, tooling integration) and security operations (detection, incident response) — capable of acting as architect, engineer, incident handler, lead, and manager
  • Experience with the CrowdStrike Falcon platform (EDR, Identity Protection, Data Protection, AIDR, ZTA, Exposure Management) and SIEM/SOAR orchestration
  • Demonstrated experience owning or managing an MDR or MSSP vendor relationship
  • Strong foundation in cloud security (AWS preferred), endpoint security, identity and access management, and zero-trust architecture
  • Strong experience in vulnerability and exposure management and mitigation/remediation strategies
  • Scripting and automation ability in PowerShell, Python, or Bash; comfortable with detection-as-code and infrastructure-as-code approaches
  • Experience with the MITRE ATT&CK framework and the ability to map operational data to TTPs for structured threat analysis
  • Experience building operational, engineering, and vulnerability metrics and management reporting, and driving improvement through a regular reporting cadence
  • Experience with zero-trust networks and platforms such as Cloudflare, Zscaler, or AppGate
  • Experience with Data Loss Prevention and CASB architectures and tooling such as Forcepoint, Netskope, or Zscaler
  • Familiarity with SOAR and automation platforms such as Tines, n8n, or Ansible

Benefits

  • Flexible paid time off, giving you the opportunity to rest, relax and recharge away from work
  • 14 Paid Company Holidays, includes 2 floating holidays (you choose!)
  • A comprehensive benefits plan including medical, dental, life, vision, disability, and life insurance covered up to 100% by Payscale
  • Unlimited infertility coverage benefits through our medical plans
  • Additional supplemental health benefits offered to you and your family
  • 401(k) retirement program with a fully vested immediate company match
  • 16 weeks of paid parental leave for birthing and non-birthing parents
  • Health Savings Account (HSA) options and company contributions each pay period
  • Flexible Spending Account (FSA) options for pre-tax employee allocations
  • Annual remote work stipend to be used on wellness or home office equipment

Related Categories

Related Job Pages

More Security Operations Jobs

6sense logo

Staff Security Engineer – SecOps, Threat

6sense

6sense Revenue AI™ reimagines the way revenue teams create, manage and convert pipeline into revenue.

Full TimeRemoteTeam 1,001-5,000Since 2013H1B Sponsor

• Execute on milestones for end-to-end SecOps & Threat initiatives in accordance with the Security roadmap • Identify and respond to complex security incidents, including system compromise, intrusion attempts, and/or denial of service attacks • Engage vendors, Infrastructure, IT, GRC, Cloud, and Application Security teams as required to validate alerts and ensure incident resolution • Research emerging threats, publicly disclosed vulnerabilities or attack vectors, and proactively push mitigating controls • Perform security forensics • Build security tools and advanced automation • Propose, plan, lead, and execute threat exercises • Mentor engineers across Information Security to drive security controls and risk remediation

India
UpGuard logo

IT & Security Operations Analyst

UpGuard

We're on a mission to protect the world's data.

Full TimeRemoteTeam 51-200Since 2012H1B No Sponsor

• Run daily, weekly, and periodic IT and security checklists, with a focus on Google SecOps/Chronicle monitoring • Perform health checks across GCP infrastructure, SaaS applications, and security tooling (alerts, compliance, CI/CD pipelines) • Troubleshoot security or infrastructure issues, document fixes, and raise follow-up actions • Collaborate with DevOps and InfraOps on platform-level and security-related issues • Identify and propose security and platform improvements as you gain business context • Implement automation, security tooling, and platform enhancements to strengthen cloud and SaaS environments • Contribute to scripts, dashboards, and operational improvements with a focus on security and compliance • Feed insights from day-to-day work into long-term IT security and operational strategy • Occasionally assist with IT support tasks across systems, hardware, and software • Prioritize tasks effectively and align timelines with stakeholders

California + 11 moreAll locations: California | Colorado | Florida | Illinois | Louisiana | Oregon | Maryland | Massachusetts | Missouri | Pennsylvania | Texas | Washington

Role Description We’re looking for a smart, curious, and resourceful human to join our IT and Security Operations team at UpGuard. You’ll enjoy daily interactions with our globally distributed workforce, solving problems, improving systems, and helping to scale how we support and secure our environment. While our broader team spans enterprise technology operations, support, cybersecurity, and risk, this role focuses on core IT operations—with hands-on support, break/fix work, and meaningful contributions to enterprise and departmental IT enhancements. Our IT and Security Operations team also plays an active role in DevOps and InfraOps initiatives, contributing to tooling, automation, and the foundations that enable engineering velocity and operational excellence. You won’t just keep the lights on. You’ll help shape how we evolve. UpGuard is in the midst of a company-wide transformation, powered by cutting-edge data analytics, automation, and AI. You’ll be right at the heart of it, helping to drive the systems and support that make it all possible. Qualifications - Practical experience in IT and security operations across cloud infrastructure (GCP) and SaaS environments - Hands-on knowledge of Google SecOps/Chronicle for threat detection and incident response - Strong understanding of identity and access management (Okta), including SSO/MFA, SCIM, and RBAC concepts - Familiarity with automation platforms (Zapier, N8N) and scripting (Bash, PowerShell, Python) to streamline tasks and improve security operations - Experience managing and integrating enterprise SaaS applications in a security-conscious environment - Exposure to infrastructure-as-code tools like Terraform or similar, or willingness to learn - Thoughtful, empathetic approach to end-user support across globally distributed teams - Hands-on experience managing laptop fleets (macOS and ChromeOS) Requirements - Run daily, weekly, and periodic IT and security checklists, with a focus on Google SecOps/Chronicle monitoring - Perform health checks across GCP infrastructure, SaaS applications, and security tooling (alerts, compliance, CI/CD pipelines) - Troubleshoot security or infrastructure issues, document fixes, and raise follow-up actions - Collaborate with DevOps and InfraOps on platform-level and security-related issues - Identify and propose security and platform improvements as you gain business context - Implement automation, security tooling, and platform enhancements to strengthen cloud and SaaS environments - Contribute to scripts, dashboards, and operational improvements with a focus on security and compliance - Feed insights from day-to-day work into long-term IT security and operational strategy - Occasionally assist with IT support tasks across systems, hardware, and software - Prioritize tasks effectively and align timelines with stakeholders Benefits - Monthly Lifestyle subsidy: Use this for financial, physical, and mental well-being - WFH set-up allowance: To ensure you have the right environment to work in, we will help you get set up within your first 3 months at UpGuard - $1500 USD annual Learning & Development allowance: To support your career development, all team members will be able to expense development opportunities against this allowance - Annual leave: PTO plus two additional UpGuardian leave days to give you time to recharge your batteries - 18 weeks paid Parental Leave: Irrespective of parenting role - Personal Leave Allowance: This includes sick & carer’s leave - Fully remote working environment: While we have physical offices in Sydney & Hobart, we do not mandate compulsory attendance - Top-spec hardware: All team members will be provided with top-spec laptops for their role - Generative AI subsidy: UpGuard provides paid subscriptions for all team members to access generative AI tools to support their work - Health Insurance: Health, dental, and vision insurance

United States + 1 moreAll locations: United States | Australia
Accenture Federal Services logo

Cybersecurity Incident Response Triage Analyst

Accenture Federal Services

We believe in the power of change, harnessed in ways that matter for our country and communities.

Full TimeRemoteTeam 10,001+Since 2017H1B No Sponsor

• Actively monitor and respond to cybersecurity incidents related to alerted policy violations • Analyze and investigate incidents to determine their nature and scope. • Coordinate with the lead and other Cybersecurity Incident Response Teams for effective incident resolution. • Document incidents and response activities in detail. • Stay updated with the latest cybersecurity threats and trends. • Assist in developing and refining incident response strategies and procedures. • Collaborate with operations teams, legal, human resources and management to investigate security issues and interview investigation subjects to determine true and false positives.

Virginia
$53.9K - $120.1K / year