FreeHire

Fireblocks

AI SecOps Team Lead

Show

You will design and implement AI-driven detection and response strategies to automate complex security investigations. You will act as the primary escalation point for critical security alerts, perform deep-dive DFIR investigations, hunt threats proactively, and direct incident response activities. You will lead SecOps projects from inception to execution, mentor SecOps engineers, research and leverage security telemetry to improve triage and automated response, collaborate with stakeholders to refine agentic workflows, coordinate containment and remediation activities, perform hands-on forensic and cloud investigations, review logs, perform root-cause analysis, and produce incident analysis reports with findings and recommendations.

Responsibilities

  • Design and implement AI-driven detection and response strategies to automate complex security investigations
  • Serve as primary escalation point for critical security alerts and conduct deep-dive DFIR investigations
  • Lead SecOps projects from inception to execution and maintain implementations
  • Mentor SecOps team and provide technical guidance
  • Research and leverage security telemetry and existing security solutions to improve triage and automated response
  • Collaborate cross-functionally to refine and evolve agentic workflows for automated security operations
  • Coordinate investigation, containment, and response activities with business stakeholders
  • Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
  • Produce incident analysis and findings reports with gap identification and recommendations

Requirements

  • 5+ years experience in incident response or Cyber Security Operations Center addressing, escalating, and managing security incidents
  • Experience managing the lifecycle of security incidents in a global 24/7 production environment
  • Experience collaborating with cross-organizational stakeholders to drive incident response and remediation
  • Experience developing runbooks for frequent or critical incident types
  • Strong development fundamentals and experience delivering and maintaining production-grade code
  • Hands-on programming and scripting experience such as Python and Bash to build automation processes
  • Proven expertise in attack and mitigation methods within Cloud and SaaS environments
  • Solid understanding of system and security controls on multiple OSs including Windows, Linux/Unix, and MacOS and experience with host-based forensics and OS artifact analysis
  • Excellent communication skills and ability to work collaboratively with other teams
  • Problem solving skills and growth mindset