Security Operations Remote Jobs in Florida (US)
This page tracks remote security operations openings that are location-eligible for Florida.
This page tracks remote security operations openings that are location-eligible for Florida.
Open jobs
284
Hiring companies this week
10
Salary sample
$115,000 - $182,720
Jobs added last hour
0
284 Jobs
225 Companies
Jeff Selingo and Michael Horn discuss what’s next for higher ed and talk with the newsmakers you want to hear from most.
• Own the day-to-day operation of our centralized logging/SIEM — investigate alerts, create and tune detections, improve signal quality, and build the runbooks to act on them. • Drive vulnerability management end to end — scanning, triage, and remediation to closure across our stack. • Harden our cloud environment and CI/CD pipelines, establish security configuration baselines and guardrails, and manage them through Infrastructure as Code. • Partner with engineering teams to review new systems and architectural changes, identifying security risks early and helping build secure solutions by default. • Own secrets management, endpoint/EDR, and data-protection controls. • Own the security-critical IT surface — partnering with our existing IT function, not depending on it day-to-day. • Manage endpoint hardening. • Harden our core SaaS/business apps — identity provider, Google Workspace, GitHub, and the rest. • Own and continuously improve our security compliance platform (Vanta) — automate evidence collection, strengthen integrations, and improve its operational value. • Build toward compliance obligations as the business requires; turn policy into enforced reality by implementing the technical controls behind it, co-maintained with GRC + Legal.
Role Description The Security Operations Manager is responsible for leading and maturing the organization's cybersecurity operations program with a primary focus on healthcare security, identity and access management, Single Sign-On (SSO) strategy, threat detection, incident response, and regulatory compliance. This role serves as both a technical leader and people leader, providing mentorship and professional development to Security Analysts while establishing scalable security operations capabilities across the enterprise. The Security Operations Manager will oversee day-to-day security operations, security monitoring, vulnerability management, incident response, identity security initiatives, and compliance activities supporting HIPAA, HITECH, and other healthcare regulatory requirements. This position partners closely with Infrastructure, Applications, Compliance, HR, and business stakeholders to ensure the confidentiality, integrity, and availability of enterprise systems and Protected Health Information (PHI). What You’ll Do - Security Operations Leadership - Lead and manage Security Operations (SecOps) activities across infrastructure, applications, cloud platforms, and endpoints. - Develop and maintain security monitoring, threat detection, incident response, and security governance processes. - Serve as the primary escalation point for complex security incidents and investigations. - Direct security event analysis, triage, containment, eradication, and recovery activities. - Establish operational metrics, dashboards, and KPIs to measure security effectiveness. - Drive continuous improvement initiatives to enhance enterprise cybersecurity maturity. - Coordinate security activities with managed security service providers and strategic security partners. - Identity Security & SSO Program Management - Lead enterprise Identity and Access Management (IAM) strategy and implementation. - Design, implement, and maintain Single Sign-On (SSO) platforms and identity federation technologies. - Manage security controls related to Azure AD/Entra ID, MFA, conditional access, RBAC, and privileged access management. - Partner with application owners to onboard business-critical applications into SSO platforms. - Establish identity governance processes, user lifecycle management standards, and access review programs. - Conduct identity risk assessments and develop remediation plans. - Oversee authentication modernization initiatives and Zero Trust security models. - Healthcare Security & Regulatory Compliance - Ensure compliance with HIPAA, HITECH, HITRUST, NIST CSF, and healthcare cybersecurity best practices. - Lead security risk assessments and remediation planning. - Support internal and external audits. - Develop and maintain healthcare-focused security policies, standards, and procedures. - Monitor controls protecting Protected Health Information (PHI) and Electronic PHI (ePHI). - Collaborate with Compliance, Legal, and Operations teams on security and privacy matters. - Participate in breach investigations, reporting requirements, and corrective action programs. - Threat Detection & Incident Response - Oversee SIEM, EDR, vulnerability management, email security, and threat intelligence platforms. - Direct proactive threat hunting activities. - Lead cyber incident response exercises and tabletop simulations. - Manage forensic investigations and root-cause analysis efforts. - Coordinate post-incident reviews and remediation planning. - Maintain incident response playbooks and operational procedures. - Vulnerability & Risk Management - Direct vulnerability management programs across servers, endpoints, cloud environments, and applications. - Establish risk-based prioritization methodologies for remediation. - Oversee remediation tracking and reporting. - Evaluate new technologies, vendors, and cloud services for cybersecurity risk. - Conduct third-party security assessments and vendor reviews. - Team Leadership & Mentorship - Supervise, coach, and mentor Security Analysts and junior cybersecurity staff. - Develop career growth plans, training programs, and technical development pathways. - Conduct regular one-on-one meetings and performance coaching. - Provide guidance on incident investigations, technical analysis, and security operations best practices. - Foster a collaborative culture focused on continuous learning and operational excellence. - Create succession planning and cross-training opportunities within the security team. - Participate in recruiting, interviewing, onboarding, and workforce planning activities. - Security Awareness & Collaboration - Promote cybersecurity awareness throughout the organization. - Deliver technical and non-technical security presentations. - Partner with Infrastructure, Application Development, Service Desk, and Compliance teams on security initiatives. Qualifications - Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience). - 7+ years of progressive cybersecurity experience. - 3+ years of experience leading security operations or security engineering initiatives. - Experience within healthcare, specialty pharmacy, or other highly regulated industries. - Hands-on experience implementing and administering enterprise SSO and IAM platforms. - Strong experience with: - Microsoft Entra ID (Azure AD) - Single Sign-On (SAML, OIDC, OAuth) - Multi-Factor Authentication (MFA) - SIEM platforms - EDR/XDR technologies - Vulnerability Management - Security Incident Response - Experience supporting HIPAA compliance and healthcare security assessments. Qualifications Preferred - CISSP - HCISPP - CISM - GIAC Certifications - Microsoft Identity & Access Administrator Certification - HITRUST experience - Healthcare cybersecurity leadership experience Benefits - Purpose-driven work with real impact - A patient-first, clinician-led culture - Supportive, collaborative teammates - The opportunity to grow with a company building something meaningful Pay Range/Rate $115,000 — $135,000 USD Physical Demands The physical demands described here represent those required for an employee to successfully perform the essential functions of this role. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions. Other Requirements - Participate annually in required legal and ethical compliance training. - Consistently act in compliance with LUX Infusion’s legal, ethical, and compliance policies. - Adhere to all standards and procedures outlined in the LUX Infusion Compliance Manual. - Refrain from any behavior that could be considered unethical or unlawful. Expectations for All Employees All LUX Infusion team members are expected to support the organization’s mission, vision, and values by demonstrating integrity, dedication, compassion, and enthusiasm. This includes placing patients first, working collaboratively with a “stacked-hands” mindset, and maintaining a consistent focus on quality, accountability, and continuous improvement. General Information The statements above are intended to describe the general nature and level of work performed by individuals in this role. They are not intended to be an exhaustive list of all responsibilities, duties, or skills required.
Rootshell Enterprise Technologies Inc. is a recognized provider of professional IT Consulting services in the US.
Role Description We are actively seeking a ServiceNow Secops Consultant for one of our clients. - ServiceNow development and administration in an enterprise environment. - Ability to configure, develop, and implement functionality within ServiceNow. - Demonstrable Service Catalog, Service Portal, and Configuration Management experience. - Ability to relate to software engineering challenges and practices. Qualifications - ServiceNow System Administrator Certification or Application Developer Certification. Company Description Rootshell Enterprise Technologies Inc. is a recognized provider of professional IT Consulting services in the US.
Payscale powers compensation decisions for more than 25% of the US workforce
• Direct, manage, and lead the security engineering and security operations team members; own hiring, onboarding, performance reviews, and career development plans aligned to Payscale’s Information Security Career Ladder • Set strategy and quarterly/annual objectives for both functions and translate them into a prioritized, measurable roadmap; hold regular 1:1s and team connects to maintain a high-performance, feedback-rich culture • Mentor engineers and analysts at all career levels, providing task-based directives, technical coaching, and growth-oriented feedback • Own the on-call rotation and after-hours escalation path across both functions, ensuring coverage for time-sensitive detection and response • Serve as a working leader — remaining hands-on in engineering, architecture, and incident response rather than leading solely through delegation • Own the design, implementation, and continuous hardening of security controls across corporate, cloud, and hosting environments • Build and maintain security automation and integrations — SOAR, detection-as-code, and infrastructure-as-code guardrails — to scale coverage without adding headcount • Engineer and operate the security tooling stack (EDR/XDR, SIEM, identity protection, DLP/CASB, vulnerability scanning), ensuring platforms are well-integrated and meet architectural standards • Partner with Engineering and Infrastructure to embed “secure by design” into CI/CD, cloud architecture, and product development • Drive adoption of a zero-trust methodology across identity, endpoint, network, and application layers • Lead security engineering for enterprise AI and agentic tooling adoption, building controls and guardrails for safe internal use • Drive the threat detection and incident response capability: detection engineering, playbook development, tabletop exercises, and continuous improvement of MTTA/MTTR metrics • Lead or oversee incident response events as the designated incident manager for significant or multi-team incidents, running incident command end-to-end • Own the MDR relationship, holding the provider accountable to SLAs, coverage, and response outcomes • Extend detection and response to secure enterprise AI and agentic tooling adoption • Own the vulnerability and exposure management function across all corporate and hosting environments, coordinating cross-functionally on mitigation and remediation with clear SLAs • Expand security monitoring, visibility, and coverage using existing platforms and open-source tooling • Own the security engineering and operations portion of the Information Security program roadmap, delivering operational metrics, risk-posture data, and capacity analysis • Establish and report security KPIs to technology and executive leadership on a regular cadence • Collaborate with the GRC team on ISO 27001 and SOC 2 evidence, control effectiveness, and audit readiness as it relates to security engineering and operations • Lead technical evaluations of emerging security vendors and technologies; provide buy/build/partner recommendations to technology management • Represent security engineering and operations in cross-functional product, engineering, and infrastructure initiatives, ensuring security requirements are incorporated by design
• Run daily, weekly, and periodic IT and security checklists, with a focus on Google SecOps/Chronicle monitoring • Perform health checks across GCP infrastructure, SaaS applications, and security tooling (alerts, compliance, CI/CD pipelines) • Troubleshoot security or infrastructure issues, document fixes, and raise follow-up actions • Collaborate with DevOps and InfraOps on platform-level and security-related issues • Identify and propose security and platform improvements as you gain business context • Implement automation, security tooling, and platform enhancements to strengthen cloud and SaaS environments • Contribute to scripts, dashboards, and operational improvements with a focus on security and compliance • Feed insights from day-to-day work into long-term IT security and operational strategy • Occasionally assist with IT support tasks across systems, hardware, and software • Prioritize tasks effectively and align timelines with stakeholders
Role Description We’re looking for a smart, curious, and resourceful human to join our IT and Security Operations team at UpGuard. You’ll enjoy daily interactions with our globally distributed workforce, solving problems, improving systems, and helping to scale how we support and secure our environment. While our broader team spans enterprise technology operations, support, cybersecurity, and risk, this role focuses on core IT operations—with hands-on support, break/fix work, and meaningful contributions to enterprise and departmental IT enhancements. Our IT and Security Operations team also plays an active role in DevOps and InfraOps initiatives, contributing to tooling, automation, and the foundations that enable engineering velocity and operational excellence. You won’t just keep the lights on. You’ll help shape how we evolve. UpGuard is in the midst of a company-wide transformation, powered by cutting-edge data analytics, automation, and AI. You’ll be right at the heart of it, helping to drive the systems and support that make it all possible. Qualifications - Practical experience in IT and security operations across cloud infrastructure (GCP) and SaaS environments - Hands-on knowledge of Google SecOps/Chronicle for threat detection and incident response - Strong understanding of identity and access management (Okta), including SSO/MFA, SCIM, and RBAC concepts - Familiarity with automation platforms (Zapier, N8N) and scripting (Bash, PowerShell, Python) to streamline tasks and improve security operations - Experience managing and integrating enterprise SaaS applications in a security-conscious environment - Exposure to infrastructure-as-code tools like Terraform or similar, or willingness to learn - Thoughtful, empathetic approach to end-user support across globally distributed teams - Hands-on experience managing laptop fleets (macOS and ChromeOS) Requirements - Run daily, weekly, and periodic IT and security checklists, with a focus on Google SecOps/Chronicle monitoring - Perform health checks across GCP infrastructure, SaaS applications, and security tooling (alerts, compliance, CI/CD pipelines) - Troubleshoot security or infrastructure issues, document fixes, and raise follow-up actions - Collaborate with DevOps and InfraOps on platform-level and security-related issues - Identify and propose security and platform improvements as you gain business context - Implement automation, security tooling, and platform enhancements to strengthen cloud and SaaS environments - Contribute to scripts, dashboards, and operational improvements with a focus on security and compliance - Feed insights from day-to-day work into long-term IT security and operational strategy - Occasionally assist with IT support tasks across systems, hardware, and software - Prioritize tasks effectively and align timelines with stakeholders Benefits - Monthly Lifestyle subsidy: Use this for financial, physical, and mental well-being - WFH set-up allowance: To ensure you have the right environment to work in, we will help you get set up within your first 3 months at UpGuard - $1500 USD annual Learning & Development allowance: To support your career development, all team members will be able to expense development opportunities against this allowance - Annual leave: PTO plus two additional UpGuardian leave days to give you time to recharge your batteries - 18 weeks paid Parental Leave: Irrespective of parenting role - Personal Leave Allowance: This includes sick & carer’s leave - Fully remote working environment: While we have physical offices in Sydney & Hobart, we do not mandate compulsory attendance - Top-spec hardware: All team members will be provided with top-spec laptops for their role - Generative AI subsidy: UpGuard provides paid subscriptions for all team members to access generative AI tools to support their work - Health Insurance: Health, dental, and vision insurance
• Lead, coach, and develop a team of Security Consultants through regular feedback, career development, and performance management • Serve as a subject matter expert in at least one security specialty (web, network, cloud, or mobile) and provide technical guidance to internal and external stakeholders • Demonstrate expertise across all vulnerability submission types and support complex escalations and appeals, partnering with other business units as needed • Drive operational excellence by measuring team performance, identifying opportunities for automation, and implementing process improvements • Plan, prioritize, and manage team workloads while adapting to changing business needs and customer priorities • Mentor team members and contribute to the growth of the broader security organization through knowledge sharing and technical leadership • Build strong cross-functional partnerships to improve workflows and deliver high-quality customer outcomes • Lead effective meetings, clearly communicate priorities, and ensure timely execution of action items • Act as a trusted advisor to leadership and customers by providing sound technical judgment and operational insight • Stay current on security industry standards, emerging threats, and best practices to continuously improve team capabilities.
Role Description This role is a critical function responsible for the ongoing transformation of the organization’s Security Operations & Incident Response program. With a focus on maintaining resilience and protecting the global enterprise from cybersecurity threats, the team operates an advanced security operations and incident response program focused on the identification, analysis, and eradication of cybersecurity threats and incidents across the global enterprise. In support of the rapid growth of this critical program, we are looking for an experienced, passionate, and highly organized engineer who will drive operational delivery excellence and continuous advancement across processes and technologies. Primary Responsibilities - Expert-level support for deep dive investigations, including digital forensics (memory, network, and malware analysis). - Author and refine IR playbooks and operational guidelines to ensure the team remains agile in an evolving threat landscape. - Develop and maintain threat models, incorporating findings from penetration tests into detection strategies. - Design, implement, and refine complex detection rules and automated remediation workflows to identify adversarial behavior. - Utilize threat intelligence and the MITRE ATT&CK framework to identify gaps in visibility and proactively mitigate emerging risks. - Maintain comprehensive documentation of detection strategies, active investigations, and incident timelines. - Work with the SIEM team to continuously tune SIEM rules to maximize detection fidelity while minimizing alert fatigue. - Review and tune threat intelligence systems, including brand protection and dark web monitoring. - Proficiency in scripting and query building using Python, XQL, PowerShell, or Bash, and experience with automation and/or orchestration (SOAR) tools. - Support IR leadership as backup on IR-related activities. Qualifications - Bachelor’s degree and 5+ years of relevant experience in incident response and SOC tooling. - In-depth knowledge of SIEM/SOAR platforms (e.g., Microsoft Sentinel, Palo Alto Cortex XSIAM/XSOAR) and incident response processes in hybrid cloud environments (GCP, Azure). - Experience leading incident response as incident commander, performing root cause analysis and continuous optimization for SOC tools and processes. - Familiarity with scripting languages (Python, PowerShell, Bash, XQL) is highly preferred. - Understanding of regulatory compliance and frameworks such as MITRE ATT&CK, NIST, or ISO. - Ability to prioritize tasks effectively, manage multiple priorities, and work both independently and as part of a team. - Strong communication skills, with the ability to translate sophisticated technical issues or concepts to non-technical audiences in a clear and concise manner that focuses on business value.
We get to the heart of the matter.....real people......real solutions
• Serve as the technical lead for deploying and operationalizing security and AI solutions in customer or enterprise environments • Translate business, operational, and security requirements into deployable architectures and implementation plans • Partner with internal and external stakeholders to ensure solutions are aligned to operational goals, compliance requirements, and long-term platform strategy • Act as a trusted advisor during onboarding, implementation, rollout, and optimization phases • Design and implement integrations across SIEM, XDR, SOAR, case management, data platforms, and AI-enabled tooling • Build and configure cloud-native data ingestion, normalization, and enrichment pipelines for security telemetry • Integrate APIs, webhooks, message queues, and automation workflows across identity, endpoint, cloud, network, and application ecosystems • Develop reusable deployment patterns, templates, and technical assets to accelerate future implementations • Operationalize AI and automation use cases within security workflows, including alert enrichment, triage support, summarization, clustering, playbook selection, and analyst copilots • Work with detection engineering and data teams to support the implementation of behavioral analytics, anomaly detection, risk scoring, and other AI-assisted security use cases • Help define data requirements, feedback loops, and operational guardrails needed to support effective AI outcomes in production environments • Ensure deployed solutions are practical, measurable, and aligned to analyst workflows and response objectives • Implement secure and governed automation for investigation and response use cases across heterogeneous environments • Support resiliency, observability, performance, and scale requirements for deployed solutions • Troubleshoot integration issues, deployment blockers, and production challenges in partnership with platform, cloud, and security teams • Improve reliability and maintainability through documentation, testing, monitoring, and standardized engineering practices • Collaborate across Security Operations, Security Engineering, Detection Engineering, Data Science, Infrastructure, and product or customer teams • Communicate technical concepts clearly to both technical and non-technical stakeholders • Mentor engineers and contribute to best practices for implementation, delivery, and technical solution design • Provide field feedback to influence platform roadmap, product direction, and architectural standards.
Paxos is a regulated blockchain infrastructure company building transparent and transformative financial solutions.
• Triage, investigate, and respond to security alerts across endpoints, cloud infrastructure, and network telemetry. • Take a builder’s mindset to the role by automating repetitive workflows and using AI to increase speed, scale, and effectiveness. • Execute containment and remediation actions for confirmed incidents, while following and continuously improving established runbooks. • Tune and maintain SIEM and EDR detections to reduce false positives, strengthen signal quality, and close coverage gaps. • Apply threat intelligence, including IOCs and TTPs, to active investigations and ongoing monitoring. • Participate in the on-call rotation and contribute clear, actionable post-incident documentation.
274more opportunities are still waiting for you.Log in now and take your next shot before someone else does.
Cloud, AWS, Python, Terraform, Google Cloud Platform, Rust