Job Description
This role is responsible for leading the execution and continuous improvement of technical cybersecurity capabilities across security operations and security engineering. The position serves as the primary technical leader for day-to-day cyber defense, ensuring threats are detected, investigated, contained, and learned from, while security platforms, controls, and automation are designed, operated, and matured effectively. The ideal candidate demonstrates strong technical depth combined with operational leadership, and excels at translating cybersecurity strategy into reliable, scalable execution. This role operates at the intersection of security operations, engineering, and infrastructure teams, ensuring the organization's security capabilities are resilient, measurable, and aligned to business priorities.
Security Engineering & Operations Leadership
Provide technical and operational leadership across security operations and security engineering functions, ensuring consistent execution of cybersecurity practices and tooling.
Lead day-to-day security operations, including monitoring, alert triage, incident response, and escalation, ensuring adherence to defined runbooks and response standards.
Oversee the engineering, operation, and reliability of core security platforms (e.g., SIEM, EDR, SOAR, Vulnerability Management, Automated Penetration Testing, Firewall, Cloud, SASE, and Identity Security tools).
Build and maintain strong collaborative relationships with infrastructure, application, cloud, and DevOps teams to embed security into operational workflows.
Establish and maintain operational discipline, including shift coverage, on-call readiness, handoff quality, and incident communications.
Incident Response, Detection & Continuous Improvement
Partner with internal teams and external providers (MSSPs, vendors) to identify, investigate, contain, and remediate security incidents.
Ensure security incidents are fully documented, lessons learned are captured, and corrective actions are tracked to closure.
Drive continuous improvement of detection, response, and automation capabilities by analyzing incident trends, false positives, and operational gaps.
Oversee vulnerability identification and coordination of remediation efforts in partnership with infrastructure and application teams.
Conduct periodic Red & Blue teaming and Incident Response Tabletop exercises.
Ensure security tooling and processes evolve to address emerging threats and changing business risk.
Team Development, Enablement & Documentation
Provide coaching, mentoring, and technical guidance to security operations and engineering team members.
Support training and skill development related to security tools, processes, incident response, and emerging threats.
Ensure comprehensive documentation of security processes, procedures, incidents, and operational standards.
Promote knowledge sharing, operational consistency, and a culture of accountability within the security team.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Skills and Requirements
Education: Bachelor degree in Computer Science or a related technical field.
Licenses/Certification/Registration: Expert level cybersecurity certification such as CISSP, CCSP, CASP, OSCP, etc.
Experience:
Minimum of ten years' experience in technical cybersecurity, at least 3 years' experience with forensic tools, investigations, and incident response, and at least five years' experience in working in a LAN / WAN / SD-WAN environments.
