SecOps Engineer

We are looking for a SecOps Engineer to join our Security Operations team as the technical lead for Incident Response and Cloud Security.The team is responsible for monitoring our production and corporate environments, responding to security incidents, and continuously hardening our cloud, network, and CI/CD posture. This role is the senior technical anchor of the function: the first responder during critical incidents, the architect behind our cloud and network defenses, and a technical mentor to the rest of the team.You will own the Incident Response practice, lead our cloud security program across CNAPP, SASE/ZTNA, and CI/CD supply-chain security, and partner with Engineering, DevOps, and Platform teams to drive security improvements at scale. Participation in an on-call rotation for critical incidents is required.How Will You Make an Impact?

Own our SASE/ZTNA stack: policy management, network security, secure access.

Own our CNAPP platform: workload protection, posture management, vulnerability prioritization. Own our CI/CD security platform and drive software supply-chain security across the organization.

Serve as IR Expert: first responder for critical security incidents, owning detection, containment, eradication, and recovery. Lead post-incident root-cause analysis and drive remediation across the organization. Build and maintain IR playbooks, runbooks, and tabletop exercises.

Partner with DevOps and Platform teams on secure-by-default cloud architecture. Contribute to broader security architecture decisions across the security stack. Mentor more junior engineers on the team and lead technical reviews of their work.

Act as deputy to the SecOps Team Lead on strategic initiatives. Participate in the critical-incident on-call rotation.Requirements: 3-4 years of hands-on experience in Security Operations or Security Engineering.

Demonstrated Incident Response leadership: You have run real incidents end to end, from detection through post-incident review. Hands-on experience with CNAPP, CSPM, or CWPP platforms. Knowledge of AWS, GCP, or Azure security primitives and cloud-native threat models.

Experience with SASE or ZTNA architectures. Familiarity with CI/CD and software supply-chain security (e.g., GitHub Actions hardening, SLSA). Scripting skills in Python (or equivalent) for automation, tooling, and IR support. Working knowledge of MITRE ATT&CK and modern adversary tradecraft. Ability to lead a war room, brief executives, and communicate clearly under pressureThis position is open to all candidates.