Join a technology-driven business solutions provider as a Security Operations Lead in a fully onsite role serving as the technical and strategic foundation for a security program about to expand significantly. This organization supports brands across travel, hospitality, retail, and financial services, delivering customer engagement, sales enablement, loyalty and membership program fulfillment, and scalable contact-center operations. This is a unique startup-style opportunity where you'll establish the baseline processes, culture, and technical standards that future team members will grow from. Over the next year, the organization plans to build a full internal Security Operations Center (SOC), and you'll be the foundational hire who shapes this expansion. You'll spend the first 30 to 60 days evaluating the security posture, identifying gaps, developing recommendations, and shaping a cohesive security culture across teams.
This is an exceptional opportunity for a security professional ready to take ownership and influence long-term strategy in a growing organization. You'll have the rare chance to build a security program from the ground up, establishing the operational core that will support future expansion. As the Security Operations Lead, you'll guide day-to-day SOC activities, drive detection engineering, manage incident response workflows, and oversee the development and refinement of SIEM pipelines, cloud security controls, and automation using PowerShell or Python. Beyond hands-on technical work, you'll function as a leader and program builder, running security sprints, refining backlogs, documenting processes, and collaborating with IT, engineering, and compliance teams to drive a predictable security roadmap. The role offers significant variety, from managing Fortinet tooling across the environment to strengthening Azure identity protections, maturing XDR capabilities, and improving alert fidelity. You'll develop runbooks, playbooks, and SOPs that will serve as the SOC's operational foundation for years to come. As the security function grows, this position offers a clear pathway to future leadership opportunities such as SOC Lead, Manager, or Director, making it ideal for someone ready to grow with the organization.
Required Skills & Experience
- Strong blend of generalized cybersecurity knowledge and hands-on technical experience
- Hands-on experience with compliance frameworks including PCI, SOC 2, and NIST
- Ability to operate within a Fortinet-based environment
- Experience with SOC operations and security monitoring
- Detection engineering capabilities and threat hunting experience
- Incident response workflow management and coordination
- SIEM pipeline development and refinement experience
- Experience with cloud security controls, particularly in Azure environments
- Automation skills using PowerShell or Python
- Strong understanding of security best practices and frameworks
- Ability to evaluate security posture and identify gaps
- Experience developing security recommendations and strategies
- Strong communication skills for technical and non-technical audiences
- Ability to work independently and take ownership of security initiatives
- Comfortable with fully onsite work schedule
Desired Skills & Experience
- Security certifications (CISSP, GIAC, CEH, or similar)
- Azure security and identity protection experience
- XDR (Extended Detection and Response) capabilities and platform experience
- Experience managing Fortinet security tooling (FortiGate, FortiAnalyzer, FortiSIEM)
- SIEM platform experience (Splunk, Sentinel, QRadar, or similar)
- Security orchestration and automation experience (SOAR platforms)
- Threat intelligence integration and utilization
- Vulnerability management program experience
- Security metrics and KPI development
- Experience building runbooks, playbooks, and SOPs
- Agile or sprint-based project management experience
- Experience building security teams or programs from the ground up
- Compliance audit experience
- Network security and segmentation knowledge
- Endpoint detection and response (EDR) platform experience
What You Will Be Doing
Tech Breakdown
- 30% SOC Operations and Monitoring (detection engineering, threat hunting, incident response)
- 25% Program Building and Strategy (process development, documentation, culture building)
- 25% Fortinet and Security Tools Management (tooling optimization, alert refinement)
- 20% Cloud Security and Automation (Azure security, SIEM pipelines, scripting)
Daily Responsibilities
- 40% Hands-On Security Operations (monitoring, detection, incident response, analysis)
- 35% Program Development (documentation, process refinement, runbook creation)
- 25% Collaboration and Leadership (cross-team coordination, strategy development, sprint management)
Never miss an opportunity! Create an alert based on the job you applied for.
