Security Intelligence (Security Operations) Lead

By making evidence the heart of security, we help customers stay ahead of ever-changing cyber-attacks. 

Corelight is the cybersecurity company that transforms network and cloud activity into evidence.  Evidence that elite defenders use to proactively hunt for threats, accelerate response to cyber incidents, gain complete network visibility and create powerful analytics using machine-learning and behavioral analysis tools.  Easily deployed, and available in traditional and SaaS-based formats, Corelight is the fastest-growing Network Detection and Response (NDR) platform in the industry.  And we are the only NDR platform that leverages the power of Open Source projects in addition to our own technology to deliver Intrusion Detection (IDS), Network Security Monitoring (NSM), and Smart PCAP solutions.  We sell to some of the most sensitive, mission critical large enterprises and government agencies in the world.

Role

In this role you will lead and manage a small but growing security intelligence team. We’re seeking a growth oriented player-coach who can join us on this journey, using their technological skills to make us more efficient and grow into our vision of leveraging knowledge graphs to supercharge security intelligence and operations. We believe in a wholesale rebranding of security operations to security intelligence ensuring that our outputs provide positive value to the business in the form of fuel for proactive decision making. You will analyze our current systems and assets, recommend and implement solutions, support security analysts and security engineers and provide training. 

Job Responsibilities

• Identify, extract and leverage relationships within data to supercharge operations
• Develop playbooks for operational responses to security and cyber threats
• Identify, evaluate, develop and report SOC related metrics via dashboards and/or reports 
• Maintain and manage our security data lake/SIEM
• Implement processes and procedures to ensure alerts are addressed with relevancy, accuracy, and in a timely manner
• Responsible for developing new security offerings and enhancing the existing offerings and practices
• Recruit, hire, lead and develop analysts and security engineers

Our Ideal Candidate has

• Hands-on knowledge of information security technologies such as incident response, threat hunting, offensive security (red-teaming), security design review, threat modeling, risk analysis, and penetration testing
• Experience in driving large, cross-organization initiatives
• Has deep working knowledge of cloud security principles and experience across cloud providers
• Ability to make concrete progress in the face of ambiguity and imperfect knowledge (avoid analysis paralysis)
• Strong information security risk-based prioritization abilities
• Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts
• Worked with knowledge graphs and graph databases (Neo4j, Amazon Neptune)
• Maintains a player-coach attitude: must be enthusiastic about developing the plan, and doing the work
• Has strong creative and analytical thinking skills
• Has a heavy bias toward automation and durable processes
• Has experience with Python, Spark, Terraform, Jupiter Notebooks

We are proud of our culture and values - driving diversity of background and thought, low-ego results, applied curiosity and tireless service to our customers and community.  Corelight is committed to a geographically dispersed yet connected employee base with employees working from home and office locations around the world.  Fueled by an accelerating revenue stream, and investments from top-tier venture capital organizations such as Crowdstrike, Accel and Insight - we are rapidly expanding our team.  

Check us out at www.corelight.com