Security Operations Remote Jobs in Tennessee (US)
This page tracks remote security operations openings that are location-eligible for Tennessee.
This page tracks remote security operations openings that are location-eligible for Tennessee.
Open jobs
274
Hiring companies this week
8
Salary sample
$65 - $182,720
Jobs added last hour
0
274 Jobs
217 Companies
Payscale powers compensation decisions for more than 25% of the US workforce
• Direct, manage, and lead the security engineering and security operations team members; own hiring, onboarding, performance reviews, and career development plans aligned to Payscale’s Information Security Career Ladder • Set strategy and quarterly/annual objectives for both functions and translate them into a prioritized, measurable roadmap; hold regular 1:1s and team connects to maintain a high-performance, feedback-rich culture • Mentor engineers and analysts at all career levels, providing task-based directives, technical coaching, and growth-oriented feedback • Own the on-call rotation and after-hours escalation path across both functions, ensuring coverage for time-sensitive detection and response • Serve as a working leader — remaining hands-on in engineering, architecture, and incident response rather than leading solely through delegation • Own the design, implementation, and continuous hardening of security controls across corporate, cloud, and hosting environments • Build and maintain security automation and integrations — SOAR, detection-as-code, and infrastructure-as-code guardrails — to scale coverage without adding headcount • Engineer and operate the security tooling stack (EDR/XDR, SIEM, identity protection, DLP/CASB, vulnerability scanning), ensuring platforms are well-integrated and meet architectural standards • Partner with Engineering and Infrastructure to embed “secure by design” into CI/CD, cloud architecture, and product development • Drive adoption of a zero-trust methodology across identity, endpoint, network, and application layers • Lead security engineering for enterprise AI and agentic tooling adoption, building controls and guardrails for safe internal use • Drive the threat detection and incident response capability: detection engineering, playbook development, tabletop exercises, and continuous improvement of MTTA/MTTR metrics • Lead or oversee incident response events as the designated incident manager for significant or multi-team incidents, running incident command end-to-end • Own the MDR relationship, holding the provider accountable to SLAs, coverage, and response outcomes • Extend detection and response to secure enterprise AI and agentic tooling adoption • Own the vulnerability and exposure management function across all corporate and hosting environments, coordinating cross-functionally on mitigation and remediation with clear SLAs • Expand security monitoring, visibility, and coverage using existing platforms and open-source tooling • Own the security engineering and operations portion of the Information Security program roadmap, delivering operational metrics, risk-posture data, and capacity analysis • Establish and report security KPIs to technology and executive leadership on a regular cadence • Collaborate with the GRC team on ISO 27001 and SOC 2 evidence, control effectiveness, and audit readiness as it relates to security engineering and operations • Lead technical evaluations of emerging security vendors and technologies; provide buy/build/partner recommendations to technology management • Represent security engineering and operations in cross-functional product, engineering, and infrastructure initiatives, ensuring security requirements are incorporated by design
Role Description We’re looking for a smart, curious, and resourceful human to join our IT and Security Operations team at UpGuard. You’ll enjoy daily interactions with our globally distributed workforce, solving problems, improving systems, and helping to scale how we support and secure our environment. While our broader team spans enterprise technology operations, support, cybersecurity, and risk, this role focuses on core IT operations—with hands-on support, break/fix work, and meaningful contributions to enterprise and departmental IT enhancements. Our IT and Security Operations team also plays an active role in DevOps and InfraOps initiatives, contributing to tooling, automation, and the foundations that enable engineering velocity and operational excellence. You won’t just keep the lights on. You’ll help shape how we evolve. UpGuard is in the midst of a company-wide transformation, powered by cutting-edge data analytics, automation, and AI. You’ll be right at the heart of it, helping to drive the systems and support that make it all possible. Qualifications - Practical experience in IT and security operations across cloud infrastructure (GCP) and SaaS environments - Hands-on knowledge of Google SecOps/Chronicle for threat detection and incident response - Strong understanding of identity and access management (Okta), including SSO/MFA, SCIM, and RBAC concepts - Familiarity with automation platforms (Zapier, N8N) and scripting (Bash, PowerShell, Python) to streamline tasks and improve security operations - Experience managing and integrating enterprise SaaS applications in a security-conscious environment - Exposure to infrastructure-as-code tools like Terraform or similar, or willingness to learn - Thoughtful, empathetic approach to end-user support across globally distributed teams - Hands-on experience managing laptop fleets (macOS and ChromeOS) Requirements - Run daily, weekly, and periodic IT and security checklists, with a focus on Google SecOps/Chronicle monitoring - Perform health checks across GCP infrastructure, SaaS applications, and security tooling (alerts, compliance, CI/CD pipelines) - Troubleshoot security or infrastructure issues, document fixes, and raise follow-up actions - Collaborate with DevOps and InfraOps on platform-level and security-related issues - Identify and propose security and platform improvements as you gain business context - Implement automation, security tooling, and platform enhancements to strengthen cloud and SaaS environments - Contribute to scripts, dashboards, and operational improvements with a focus on security and compliance - Feed insights from day-to-day work into long-term IT security and operational strategy - Occasionally assist with IT support tasks across systems, hardware, and software - Prioritize tasks effectively and align timelines with stakeholders Benefits - Monthly Lifestyle subsidy: Use this for financial, physical, and mental well-being - WFH set-up allowance: To ensure you have the right environment to work in, we will help you get set up within your first 3 months at UpGuard - $1500 USD annual Learning & Development allowance: To support your career development, all team members will be able to expense development opportunities against this allowance - Annual leave: PTO plus two additional UpGuardian leave days to give you time to recharge your batteries - 18 weeks paid Parental Leave: Irrespective of parenting role - Personal Leave Allowance: This includes sick & carer’s leave - Fully remote working environment: While we have physical offices in Sydney & Hobart, we do not mandate compulsory attendance - Top-spec hardware: All team members will be provided with top-spec laptops for their role - Generative AI subsidy: UpGuard provides paid subscriptions for all team members to access generative AI tools to support their work - Health Insurance: Health, dental, and vision insurance
• Lead, coach, and develop a team of Security Consultants through regular feedback, career development, and performance management • Serve as a subject matter expert in at least one security specialty (web, network, cloud, or mobile) and provide technical guidance to internal and external stakeholders • Demonstrate expertise across all vulnerability submission types and support complex escalations and appeals, partnering with other business units as needed • Drive operational excellence by measuring team performance, identifying opportunities for automation, and implementing process improvements • Plan, prioritize, and manage team workloads while adapting to changing business needs and customer priorities • Mentor team members and contribute to the growth of the broader security organization through knowledge sharing and technical leadership • Build strong cross-functional partnerships to improve workflows and deliver high-quality customer outcomes • Lead effective meetings, clearly communicate priorities, and ensure timely execution of action items • Act as a trusted advisor to leadership and customers by providing sound technical judgment and operational insight • Stay current on security industry standards, emerging threats, and best practices to continuously improve team capabilities.
Role Description This role is a critical function responsible for the ongoing transformation of the organization’s Security Operations & Incident Response program. With a focus on maintaining resilience and protecting the global enterprise from cybersecurity threats, the team operates an advanced security operations and incident response program focused on the identification, analysis, and eradication of cybersecurity threats and incidents across the global enterprise. In support of the rapid growth of this critical program, we are looking for an experienced, passionate, and highly organized engineer who will drive operational delivery excellence and continuous advancement across processes and technologies. Primary Responsibilities - Expert-level support for deep dive investigations, including digital forensics (memory, network, and malware analysis). - Author and refine IR playbooks and operational guidelines to ensure the team remains agile in an evolving threat landscape. - Develop and maintain threat models, incorporating findings from penetration tests into detection strategies. - Design, implement, and refine complex detection rules and automated remediation workflows to identify adversarial behavior. - Utilize threat intelligence and the MITRE ATT&CK framework to identify gaps in visibility and proactively mitigate emerging risks. - Maintain comprehensive documentation of detection strategies, active investigations, and incident timelines. - Work with the SIEM team to continuously tune SIEM rules to maximize detection fidelity while minimizing alert fatigue. - Review and tune threat intelligence systems, including brand protection and dark web monitoring. - Proficiency in scripting and query building using Python, XQL, PowerShell, or Bash, and experience with automation and/or orchestration (SOAR) tools. - Support IR leadership as backup on IR-related activities. Qualifications - Bachelor’s degree and 5+ years of relevant experience in incident response and SOC tooling. - In-depth knowledge of SIEM/SOAR platforms (e.g., Microsoft Sentinel, Palo Alto Cortex XSIAM/XSOAR) and incident response processes in hybrid cloud environments (GCP, Azure). - Experience leading incident response as incident commander, performing root cause analysis and continuous optimization for SOC tools and processes. - Familiarity with scripting languages (Python, PowerShell, Bash, XQL) is highly preferred. - Understanding of regulatory compliance and frameworks such as MITRE ATT&CK, NIST, or ISO. - Ability to prioritize tasks effectively, manage multiple priorities, and work both independently and as part of a team. - Strong communication skills, with the ability to translate sophisticated technical issues or concepts to non-technical audiences in a clear and concise manner that focuses on business value.
We get to the heart of the matter.....real people......real solutions
• Serve as the technical lead for deploying and operationalizing security and AI solutions in customer or enterprise environments • Translate business, operational, and security requirements into deployable architectures and implementation plans • Partner with internal and external stakeholders to ensure solutions are aligned to operational goals, compliance requirements, and long-term platform strategy • Act as a trusted advisor during onboarding, implementation, rollout, and optimization phases • Design and implement integrations across SIEM, XDR, SOAR, case management, data platforms, and AI-enabled tooling • Build and configure cloud-native data ingestion, normalization, and enrichment pipelines for security telemetry • Integrate APIs, webhooks, message queues, and automation workflows across identity, endpoint, cloud, network, and application ecosystems • Develop reusable deployment patterns, templates, and technical assets to accelerate future implementations • Operationalize AI and automation use cases within security workflows, including alert enrichment, triage support, summarization, clustering, playbook selection, and analyst copilots • Work with detection engineering and data teams to support the implementation of behavioral analytics, anomaly detection, risk scoring, and other AI-assisted security use cases • Help define data requirements, feedback loops, and operational guardrails needed to support effective AI outcomes in production environments • Ensure deployed solutions are practical, measurable, and aligned to analyst workflows and response objectives • Implement secure and governed automation for investigation and response use cases across heterogeneous environments • Support resiliency, observability, performance, and scale requirements for deployed solutions • Troubleshoot integration issues, deployment blockers, and production challenges in partnership with platform, cloud, and security teams • Improve reliability and maintainability through documentation, testing, monitoring, and standardized engineering practices • Collaborate across Security Operations, Security Engineering, Detection Engineering, Data Science, Infrastructure, and product or customer teams • Communicate technical concepts clearly to both technical and non-technical stakeholders • Mentor engineers and contribute to best practices for implementation, delivery, and technical solution design • Provide field feedback to influence platform roadmap, product direction, and architectural standards.
Paxos is a regulated blockchain infrastructure company building transparent and transformative financial solutions.
• Triage, investigate, and respond to security alerts across endpoints, cloud infrastructure, and network telemetry. • Take a builder’s mindset to the role by automating repetitive workflows and using AI to increase speed, scale, and effectiveness. • Execute containment and remediation actions for confirmed incidents, while following and continuously improving established runbooks. • Tune and maintain SIEM and EDR detections to reduce false positives, strengthen signal quality, and close coverage gaps. • Apply threat intelligence, including IOCs and TTPs, to active investigations and ongoing monitoring. • Participate in the on-call rotation and contribute clear, actionable post-incident documentation.
As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base. Check Point Software Technologies has been honored by Time Magazine as one of the World’s Best Companies and Newsweek’s list of Americas Best Cybersecurity Companies. We've also earned a spot on the Forbes list of the World’s Best Places to Work for five consecutive years and recognized as one of the World’s Top Female-Friendly Companies. If you're passionate about making the world a safer place and want to be part of an award-winning company culture, we invite you to join us.
Role Description - Lead and mentor a team of Incident Response analysts during active security incidents - Serve as the primary customer-facing lead during investigations and crisis situations - Coordinate incident triage, containment, eradication, and recovery efforts - Deliver executive-level communications, incident briefings, and post-incident reporting - Drive operational readiness, process improvement, and collaboration across security teams Qualifications - 5+ years of experience in Incident Response, or DFIR - Strong knowledge of ransomware, cloud, identity, and enterprise attack investigations - Excellent customer-facing communication and stakeholder management skills - Experience leading remote teams in high-pressure environments - Proficient with EDR, SIEM, threat intelligence, and forensic investigation tools - GIAC, GCFA, GCIH, CISSP, or similar certifications Requirements - Fluent in English - Experience in consulting or managed security services environments - Must be eligible to work in the US without sponsorship from an employer now or in the future Benefits - EOE M/F/Veterans/Disabled Company Description As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base. Check Point Software Technologies has been honored by Time Magazine as one of the World’s Best Companies and Newsweek’s list of Americas Best Cybersecurity Companies. We've also earned a spot on the Forbes list of the World’s Best Places to Work for five consecutive years and recognized as one of the World’s Top Female-Friendly Companies. If you're passionate about making the world a safer place and want to be part of an award-winning company culture, we invite you to join us.
• Review and respond to security events • Investigate to root cause with multiple internal organizations • Mentor junior analysts and support onboarding of new team members • Document existing processes for handling security escalations • Support Incident Response containment and eradication activities • Develop relationships with multiple Security and IT teams
The Silo Web Isolation Platform from Authentic8 enables anyone, anywhere, on any device to utilize the web without risk.
• Monitor, investigate, and respond to security detections across the SIEM, driving alerts to resolution. • Develop, tune, and maintain SIEM use cases and correlation rules to improve detection coverage. • Build and deliver operational reports and dashboards from available SIEM log source data. • Identify, assess, and escalate high-impact events from multiple data sources to senior staff and stakeholders following established procedures. • Intake, triage, and respond to security reports (phishing, suspicious activity, etc.), escalating as necessary. • Own the lifecycle of security tickets in the case management system, ensuring accurate documentation, timely updates, and proper closure. • Support proactive investigations and threat hunting as directed. • Provide day-to-day SOC operational support and coverage, communicating findings and relevant event details clearly to team members and stakeholders. • Draft and update SOC and Authentic8 documentation, runbooks, standards, and procedures. • Work with system and application owners to remediate discovered security vulnerabilities. • Ability to collaborate effectively in a dynamic team environment.
A new model in higher education funding from a leader in education innovation, UMGC.
• Teach remotely for the Cyber Dev Operations program. • Engage students through frequent interaction that motivates them to succeed. • Guide students in active collaboration and the application of their learning in problem- and project-based learning demonstrations. • Provide rich and regular constructive feedback, utilizing rubrics effectively for the assessment of student work, acknowledging student accomplishments. • Demonstrate relevant and current subject-matter expertise, helping students connect concepts across their academic program.
264more opportunities are still waiting for you.Log in now and take your next shot before someone else does.
Cloud, AWS, Ansible, Python, Azure, Google Cloud Platform