Cybersecurity Lead
Hybrid · San Jose, California, United States
Job Summary
Cybersecurity Lead who will act as a hands-on technical leader uniting offensive and defensive security operations to continually improve detection, response, and recovery capabilities. Lead Blue Team tool management (SIEM, EDR/XDR, SOAR), coordinate Red Team simulations to measure and improve defensive posture, and translate findings into actionable improvements. Responsibilities include managing detection pipelines, incident response playbooks, threat-hunting, alert triage, and collaboration with DevOps/infrastructure to embed security monitoring in hybrid environments. Design and run adversary emulation exercises (phishing, privilege escalation, persistence, lateral movement), develop and maintain custom attacker scripts, produce post-exercise reports with recommendations, and serve as a technical escalation point for complex investigations while communicating risk reductions to executives. Plan and execute simulations to validate detection coverage and incident response readiness; drive continuous improvement of detection content and control validation.
Required Qualifications
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
- 8+ years of cybersecurity experience, with proven leadership across Blue, Red, or Purple Team operations
- Ownership of enterprise security detection tools, including SIEM, EDR/XDR, SOAR, and threat intel platforms
- Strong understanding of MITRE ATT&CK, Cyber Kill Chain, and threat emulation frameworks
- Deep technical expertise in one or more of the following areas: Endpoint and network forensics; Cloud security monitoring (AWS, Azure, GCP); Scripting and automation (Python, PowerShell, Bash); Security engineering in hybrid or production environments
- Proven ability to lead incident response and purple team exercises from start to finish
- Certifications such as OSCP, GCFA, GCIH, GPEN, GXPN, or GCTI highly desirable
- Strong communication and leadership skills, with ability to engage both executive stakeholders and technical teams
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.