Job Title: Cyber Data Product/Technical Lead
Contract: 6 Months+
Location: Juno Beach, FL
Role Summary
The Cyber Data Product/Technical Lead owns the strategy, roadmap, and technical delivery of cybersecurity data products that power detection, response, exposure management, compliance, and executive reporting. This role blends product leadership with hands-on technical direction-defining data models and pipelines, integrating telemetry from security platforms, enforcing data governance and security, and enabling analytics teams with reliable, scalable, and well-documented cyber data capabilities.
Key Responsibilities:
Product Leadership & Strategy Define the vision, roadmap, and success metrics for cyber data products (SIEM analytics, exposure/CTEM datasets, identity risk models, data security insights).
Translate stakeholder needs (SOC, IR, Vulnerability, Cloud, IAM, GRC, Execs) into prioritized backlogs, requirements, and release plans. Establish service levels (freshness, availability, quality) and manage product lifecycle, versioning, and change control.
Architecture & Data Modeling Design domain models and semantic layers for cyber data (alerts, findings, assets, identities, vulnerabilities, misconfigurations, detections). Define canonical entities, conformed dimensions (asset, user, application, business service), and reference data (severity, ownership, environment). Guide patterns for SCD strategies, event schemas, CDC, and metric definitions/KPIs (e.g., MTTR, backlog burn-down, coverage).
Engineering & Integration Lead the design of scalable data pipelines (ELT/ETL,
Engineering & Integration Lead the design of scalable data pipelines (ELT/ETL, APIs, streaming) to ingest telemetry from SIEM, EDR/NDR, CSPM/CIEM, ASM, vulnerability scanners, IAM/PAM, and CMDB/ITSM.
Oversee performance, reliability, and cost optimization across warehouses/lakehouses; enforce CI/CD and testing standards.
Drive data quality (completeness, deduplication, reconciliation), lineage, and observability (schema drift, freshness, failure alerting).
Security, Compliance & Governance Implement access controls (RBAC/ABAC), RLS/CLS, encryption, and privacy-by-design for sensitive data (PII/PHI).
Ensure alignment with security frameworks and controls (e.g., NIST CSF, CIS, SOX/PCI/HIPAA/GDPR reporting needs).
Partner with GRC and Audit on evidence generation, data retention, and defensible documentation.
Analytics & Enablement Deliver certified, reusable datasets for SOC analytics, exposure/CTEM reporting, and executive dashboards.
Enable analysts with self-service models, data dictionaries, and query patterns (DAX/SQL).
Mentor developers/analysts; run design reviews, best-practice sessions, and office hours.
Stakeholder & Vendor Management Coordinate across security, IT, data engineering, cloud, and application teams; manage dependencies and release planning.
Oversee vendor relationships (SIEM/CSPM/ASM/Vuln/DSPM), integrations, and licensing/capacity implications for data flows.
Required Qualifications Experience:
7-10+ years across data engineering/architecture or analytics engineering, with 3-5+ years in cybersecurity data domains.
Technical Expertise:
o Data Platforms: Snowflake, Databricks (Delta), BigQuery, Synapse/Fabric (or equivalents).
Pipelines: dbt, ADF/Glue/Databricks Jobs/Airflow; REST APIs; streaming (Kafka/Event Hubs).
Security Sources: SIEM (Sentinel, Splunk), EDR/NDR, CSPM/CIEM (e.g., Wiz, Prisma), Vulnerability (Tenable/Qualys/Rapid7), ASM, IAM/P, CMDB/ITSM (ServiceNow). Modeling/BI: Dimensional/semantic modeling; Power BI/Tableau; DAX/Power Query (M) a plus.
Languages: Advanced SQL; ython for transformation/automation; Git-based CI/CD.
Product Skills:
Backlog management, roadmap definition, stakeholder alignment, measurable outcomes/KPls.
Governance & Security: Data quality practices, lineage/catalogs (Purview/Collibra/Alation), access control and privacy patterns.
Preferred Qualifications
Experience with CTEM analytics (risk-based prioritization using CVSS, EPSS, KEV, asset criticality).
Knowledge of identity context (Entra/AD, SailPoint, CyberArk, Okta) for access risk analytics.
Familiarity with DSPM/DLP (e.g., Cyera, Securiti, BigID, Guardium) and data classification.
Exposure to metric stores/semantic layers, feature stores, or ML-ready pipelines.
Background in regulated industries and audit-ready documentation.
Core Competencies
Technical Leadership: Guides architecture and delivery; raises engineering standards.
Systems Thinking: Sees end-to-end-from sources and controls to analytics and decisions.
Data Quality Mindset: Proactive about definitions, lineage, and reconciliation.
Security-by-Design: Embeds least privilege, encryption, and compliance from the start.
Product Orientation: Outcome-driven with clear value hypotheses and success metrics.
Communication & Enablement: Translates complex designs into clear guidance and reusable patterns.
Tooling (Illustrative) Data & Pipelines: Snowflake, Databricks/Delta, BigQuery, Synapse/Fabric; dbt, ADF/Glue/Airflow; Kafka/Event Hubs. Security Sources: Microsoft Sentinel/Splunk; Tenable/Qualys/Rapid7; Wiz/Prisma; ASM platforms; Entra/AD/Okta/SailPoint; CyberArk; ServiceNow CMDB/ITSM. BI & Catalog: Power BI (Tabular/DAX), Tableau; Purview/Collibra/Alation; GitHub/Azure DevOps for CI/CD. Ops & Observability: Monitor pipeline health (freshness, failures, drift), query performance, and cost dashboards.
Never miss an opportunity! Create an alert based on the job you applied for.
