Related skills
azure siem edr servicenow microsoft defenderπ Description
- Report to the VP, Information Security.
- Own the execution and improvement of Aya's enterprise Security Operations program.
- Lead a blended SecOps model with internal analysts, nearshore/offshore resources, MSPs.
- Establish operating models, escalation paths, staffing coverage, and accountability across SecOps.
- Serve as the primary owner of ServiceNow Security Incident Response (SIR) workflows, data models, and procedures.
- Design, implement, and improve SIR playbooks to automate triage, enrichment, containment, and response actions.
π― Requirements
- 5+ years in Security Operations, Incident Response, or SOC-related roles.
- 2+ years managing and operating ServiceNow SIR, incl. workflow ownership.
- Experience designing or operating incident response automation and playbooks within SIR or SOAR-like platforms.
- Hands-on experience integrating EDR platforms (e.g., Microsoft Defender and/or CrowdStrike) with ServiceNow SIR.
- Strong experience operating and managing EDR and SIEM solutions in an enterprise.
- Azure security solutions experience, incl. Microsoft E5.
π Benefits
- Free premium medical, dental, life and vision insurance.
- Generous 401(k) match.
- Company-sponsored virtual events and team-building activities.
- Unlimited DTO β time off.
- Virtual yoga, meditation, or boot camp classes offered daily.
- Paid sick leave per state, federal, and local laws.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Operations Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!