To succeed in this role, you will need to have completed a degree or comparable education, plus at least 4–5 years of experience in Cyber Security, with a focus on SOC, SIEM, or Detection Engineering. You should have experience with common security technologies, such as SIEM, XDR, EDR, and vulnerability management tools, as well as a solid understanding of incident response processes. Ideally, you will have experience with Microsoft Sentinel, Microsoft Defender, CrowdStrike, or Palo Alto Cortex SOAR.

As a Cyber Security Specialist at MHP, you will be part of a dynamic team that values diversity, creativity, and unconventional thinking patterns. You will have the opportunity to grow with your projects and objectives in an innovative and supportive environment. MHP offers a competitive salary and benefits package, as well as opportunities for professional development and career growth.

XML job scraping automation by YubHub

dbt Labs is the pioneer of analytics engineering, helping data teams transform raw data into reliable, actionable insights. As of February 2025, we’ve grown from an open source project into the leading analytics engineering platform, now used by over 90,000 teams every week, driving data transformations and AI use cases.

We’re backed by top-tier investors including Andreessen Horowitz, Sequoia Capital, and Altimeter. At our core, we believe in empowering data practitioners:

• Reliable, high-quality data is the fuel that propels AI-powered data engineering.
• AI is changing data work, fast. dbt’s data control plane keeps data engineers ahead of that curve.
• We empower engineers to deliver reliable, governed data faster, cheaper, and at scale.

About the Security Team

The mission of the Security Engineering team at dbt Labs is to provide clear, opinionated security guidance and scalable, secure-by-default offerings to engineers for the purpose of securing software development and enabling pragmatic risk decisions at dbt.

Responsibilities

As a Senior Security Operations Engineer on the Detection & Response team, you will strengthen and maintain the company's security posture throughout the threat detection lifecycle from telemetry collection and continuous monitoring through threat detection, incident response, and security event management. You will serve as a subject matter expert for security operations across the dbt Labs' teams and technology infrastructure, including multi-cloud production environments, identity, endpoints, and SaaS technologies.

Key Responsibilities

• Participate in a 24/7 on-call rotation providing coverage for active security incidents, investigations, and security events across our global infrastructure.
• Lead investigation and remediation of security incidents, coordinating cross-functional response efforts to minimize impact and recovery time.
• Play a major role in bootstrapping an end to end D&R alert and investigation pipeline.
• Triage and investigate security alerts from detection tools including Wiz Defend, Crowdstrike, and cloud security platforms to identify genuine threats and reduce false positives.
• Develop and maintain detection rules, runbooks, and response procedures mapped to the company's threat model.
• Automate alert triage workflows and improve mean time to detection and response through tooling and process enhancements, including leveraging AI enrichment and processing.
• Collaborate with Infrastructure and Application Security teams to implement secure-by-design principles and remediate identified security issues.
• Conduct security event analysis to identify policy violations, misconfigurations, and potential attack vectors before they become incidents.
• Partner with our Enterprise Security & Technology team to enhance endpoint security controls and monitoring across endpoints (MacOS laptops & some Windows and Linux-based development environments).
• Design and facilitate tabletop exercises and game days to test detection, response, recovery, and remediation capabilities.
• Contribute to the maturation of the security incident response program through documentation, training, and process improvements.
• Mentor junior security engineers and cross-functional team members on incident handling best practices.

Requirements

• Demonstrated ability to excel in high-pressure situations; we need someone who can make sound decisions during active security incidents and can calmly serve as incident commander with confidence.

Qualifications

• Have 8+ years of professional experience in security-related domains, including at least 4 years in security operations, incident response, threat hunting, or threat detection roles.
• Have demonstrable experience leading security incident investigations and coordinating cross-team response efforts.

What We Offer

• Competitive compensation packages commensurate with experience, including salary, equity, and where applicable, performance-based pay.
• Opportunity to work with a leading analytics engineering platform and contribute to the growth and success of the company.
• Collaborative and dynamic work environment with a team of experienced professionals.
• Opportunities for professional growth and development.

How to Apply

If you are a motivated and experienced security professional looking for a new challenge, please submit your resume and cover letter to [insert contact information]. We look forward to hearing from you!

XML job scraping automation by YubHub

This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence. This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

Join Okta’s Defensive Cyber Engineering team as a Staff Engineer responsible for safeguarding Okta’s environments. You’ll work closely with the Security, Business Technology Engineering and Product teams to implement and manage security solutions and ensure that core infrastructure applications are protecting our workforce, endpoints, and corporate data.

A strong desire to make tools and people work together to solve complex security problems is central to this role. This approach mandates an engineering-first approach: maximising the utility of existing security tools before strategically building or buying new solutions to address any remaining security gaps.

To execute this vision, you will combine your enterprise security expertise with your hands-on engineering skills, leveraging automation, policy-as-code, and cloud-native technologies to deliver scalable, resilient, and secure solutions. Your work will ultimately set standards for security best practices across the organisation and influence the architecture of business-critical systems.

What you bring:

• Hands on experience with enterprise security tools such as Okta, Crowdstrike and Palo Alto suite covering EDR (Endpoint Detection and Response), CASB (Cloud Access Security Broker), DLP (Data Loss Prevention), MDM (Mobile Device Management), SASE (Secure Access Service Edge), and SSPM (SaaS Secure Posture Management) capabilities.

• Strong coding and scripting skills are required for building automation and custom tooling. Python experience is preferred, but proficiency in other languages (e.g., Bash, PowerShell, Go) is a plus.

• Proven track record automating security controls and workflows using a cloud-first approach

• Experience with Terraform and other infrastructure-as-code tools to orchestrate security infrastructure

• Familiarity with CI/CD pipelines for security automation and drift management

• Strong communication skills across technical staff, support teams, executive leadership, and external vendors.

What you’ll be doing:

• Serve as a security subject matter expert (SME) for solution engineering, architecture reviews, security assessment, and vulnerability mitigation

• Lead technical efforts evaluating, designing, and implementing new enterprise security systems and feature enhancements

• Build, maintain, and enhance custom automation and cloud infrastructure using Terraform or similar tools to support team workflows and the enforcement of security controls

• Develop integrations with APIs, cloud platforms (AWS, GCP, Azure), and security infrastructure to improve detection, response, and remediation

• Collaborate with cross-functional teams to tackle global technology and security challenges

• Write and maintain scripts and automation to streamline security operations, with an emphasis on Python-based solutions

• Establish monitoring and alerting for security posture, misconfigurations, and threats across endpoints, SaaS, and cloud workloads

• Proactively identify and remediate security gaps; stay updated on emerging threats, solutions, and tooling across the industry

And extra credit if you have experience in any of the following!

• Working with advanced identity management technologies (MFA, SAML, OAuth, OIDC, WebAuthn)

• Deep understanding of Okta's ecosystem, including advanced configuration and integrations

• Experience with continuous compliance solutions (e.g., policy-as-code, automated evidence gathering)

What you can look forward to as an Full-Time Okta employee!

World-class benefits, flexibility, and growth opportunities

The chance to shape the security posture of a global leader in identity

Opportunities to make a social Impact through technology and innovation

Ready to join Okta and make security the foundation of our innovation? Apply today!

XML job scraping automation by YubHub

You will report to the Senior Manager in the OFCTO organization.

Key responsibilities include:

• Strategic Customer Engagement: Support strategic customer conversations aligning with technical and engineering leaders and stakeholders. Deliver on emerging trends, industry best practices, and identity-driven digital transformation. Assist in preparing executive-level messaging and participate in strategic discussions to align Okta's solutions with customer business outcomes.

• Technical Leadership: Provide strategic and technical guidance to Solutions Engineering teams across both the Okta and Auth0 identity platforms. Collaborate with the Global Office of Field CTO office team to deliver actionable insights from the field, validate customer needs, and identify recurring trends for the Okta Product & Engineering teams.

• Field Enablement and Collaboration: Contribute to frameworks, tools, and content to support Solutions Engineering teams in executing effectively. Partner with sales leadership to identify and address critical business opportunities and challenges. Drive cross-functional collaboration to ensure seamless execution of global initiatives.

• Market Influence: Represent Okta as a thought leader in the identity and security space. Influence industry standards and participate in relevant technical advisory boards.

• Innovation and Strategy: Partner closely with OFCTO teams as an advocate for customer-driven innovation, market trends, and GTM insights to provide input to influence product teams. Support, derive, and champion strategic initiatives that enhance Okta's differentiation and business impact.

Position Requirements:

• Identity & Directory Services Mastery: Deep Infrastructure Knowledge: Expert-level understanding of Active Directory (AD) and Azure AD (Entra ID) or similar, including Group Policy Objects (GPOs), Kerberos, and OIDC/SAML protocols.

• Multi-IdP Ecosystems: Proficiency in managing and securing diverse Identity Providers (IdPs) like Okta, Ping Identity, and Google Workspace.

• Hybrid Identity: Experience managing the complexities of identity synchronization between on-premises environments and the cloud.

• Device Identity & Access Management Mastery: Passwordless Expertise: Deep, hands-on knowledge of FIDO2/WebAuthn, Passkeys, and implementing passwordless authentication strategies using solutions like Okta FastPass.

• Endpoint & Device Context: Strong understanding of Desktop MFA, device registration, and leveraging device posture signals from MDM/UEM (e.g., Jamf, Intune, Workspace ONE) and EDR (e.g., CrowdStrike) platforms to enforce risk-based access policies.

• PKI & Certificate Management: Familiarity with certificate-based authentication and its role in establishing device trust.

• Identity Threat Detection & Response (ITDR): Threat Landscape Knowledge: A thorough understanding of modern identity attack vectors, including phishing, token theft, MFA bypass techniques, and lateral movement.

• Behavioral Analysis: Experience with User and Entity Behavior Analytics (UEBA) and the ability to interpret threat signals to detect and respond to suspicious activity.

• Security Ecosystem Integration: Proficiency in designing solutions that integrate identity platforms with SIEM (e.g., Splunk, Sentinel) and SOAR tools for automated threat response.

• Strong communication and presentation skills, with experience contributing to technical events.

Travel expectation: up to 40% for customer meetings, industry events, and internal off-sites.

This is a remote position.

XML job scraping automation by YubHub

What we're all about

At Quantexa, we're a team of innovators and problem solvers who are passionate about creating real change for our clients and their industries. We're driven by a desire to do things better than the last time, and we're always looking for talented individuals to join our team.

The opportunity

We're seeking a highly skilled Cyber Security Engineer to join our Security Operations team. As a Cyber Security Engineer, you will play a key part in protecting Quantexa's systems and data from cyber threats. You will be responsible for the day-to-day operation, optimisation, and monitoring of core security platforms, with a particular focus on Zscaler, Cloud monitoring through Wiz, and Endpoint Detection and Response through CrowdStrike.

Responsibilities

Wiz (Cloud Security Posture Management)

• Monitor and triage Wiz findings daily, validating alerts and determining operational impact.
• Perform tuning and threat hunting within Wiz and other tooling.
• Identify misconfigurations, excessive permissions, and exposed assets, escalating where required.
• Track remediation progress with engineering owners and ensure closure of high-priority issues.

Zscaler (Web Security Tunnel 2.0)

• Review and triage Zscaler alerts and policy violations, following documented response procedures.
• Investigate suspicious traffic, access attempts, and user activity to determine legitimacy and risk.
• Support enforcement actions by validating policy alignment and working with IT and Cloud teams to remediate issues.
• Monitor coverage and configuration across users and locations, identifying gaps or misconfigurations.
• Support policy tuning by analysing false positives and recommending rule or policy adjustments.
• Contribute to playbook development, operational maturity, and ongoing service readiness.

CrowdStrike (Endpoint Detection and Response)

• Review and triage endpoint detections, applying documented response steps.
• Execute containment actions, including network isolation and sensor troubleshooting.
• Validate full sensor coverage across the estate and address gaps in coordination with IT.
• Support tuning activities by analysing false positives and proposing rule refinements.
• Contribute to playbook improvements and operational readiness tasks.

Security Operations

• Conduct initial investigation of security incidents, collect evidence, and escalate based on severity with a keen eye on the quality of the output.
• Perform daily review of alerts across our SIEM, Wiz, CrowdStrike, and other platforms.
• Validate vulnerabilities and configuration weaknesses raised by scanning tools.
• Ability to interpret and operationalise threat intelligence, understand how it informs detection, prioritisation, and response activities, and clearly communicate technical threat intelligence to non-technical stakeholders.
• Support cloud security controls, identity hygiene checks, and network policy reviews.
• Contribute to the ongoing maturity and documentation of operational processes.

Collaboration and Ways of Working

• Act as a trusted operational partner to the Cyber Security Manager and the wider Information Security team, providing proactive support and consistent engagement.
• Partner closely with DevOps, IT, and Engineering teams to drive timely and effective remediation actions.
• Deliver clear and concise updates on incidents and operational activities proactively, without the need for prompting.
• Actively participate in team stand ups, contributing constructively to continuous improvement and operational maturity.
• Support senior engineers with platform enhancements, integrations, and controlled change activities.

What you'll bring

• Demonstrated hands-on experience with security operations, incident triage, or vulnerability management.
• Familiarity with EDR platforms (ideally CrowdStrike) and security telemetry analysis.
• Knowledge of cloud environments, particularly Azure including Entra and Conditional Access, and a good understanding of cloud security concepts.
• Ability to understand alert context, assess impact, and follow structured response processes.
• Strong attention to detail, disciplined documentation, and good communication skills.

Benefits

• Competitive salary
• Company bonus
• Hybrid workplace & free access to global WeWork locations & events
• Pension Scheme with a company contribution of 6% (if you contribute 4% or more)
• 25 days annual leave
• Flexible working hours
• Professional development opportunities
• Access to a range of employee benefits, including health insurance, gym membership, and more

XML job scraping automation by YubHub

What you'll do

You will be responsible for the strategic development and operational management of SOC and CDC projects with a focus on SIEM, XDR, SOAR, and vulnerability management solutions. This includes responsibility for architecture, transition, and optimization of detection and response platforms (e.g. SIEM modernization, XDR introduction, tool rollouts, detection engineering).

• Strategische Weiterentwicklung und operative Steuerung von SOC- und CDC-Projekten mit Fokus auf SIEM-, XDR-, SOAR- und Vulnerability-Management-Lösungen
• Verantwortung für Architektur, Transition und Optimierung von Detection- und Response-Plattformen (z. B. SIEM-Modernisierung, XDR-Einführung, Tool-Rollouts, Detection Engineering)

What you need

To be successful in this role, you will need the following skills:

• Abgeschlossenes Studium im MINT-Bereich oder vergleichbare Qualifikation sowie mindestens 5–7 Jahre Berufserfahrung in der Cyber Security mit Schwerpunkt SOC, SIEM, XDR oder Detection Engineering
• Leidenschaft für Security-Architekturen, Incident Response, Detection Use Cases und idealerweise Vulnerability Management
• Expertise im Unternehmerischen Denken sowie Erfahrung in Projektleitung, Presales oder Business Development im Beratungsumfeld und idealer Weise Erfahrung mit Microsoft Sentinel, Microsoft Defender, Crowdstrike oder PaloAlto Cortex SOAR

XML job scraping automation by YubHub