Are you passionate about technology and enjoy explaining complex solutions in a way that everybody gets excited? If so, read on!
About Picus
Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context. Picus transforms security practices by correlating, prioritizing, and validating exposures across siloed findings so teams can focus on critical gaps and high-impact fixes. With Picus, security teams can quickly take action with one-click mitigations to stop more threats with less effort.
The Picus Security Validation Platform easily reaches across on-prem environments, hybrid clouds and endpoints coupled with Numi AI to provide exposure validation.
The pioneer of Breach and Attack Simulation, Picus delivers award-winning threat-centric technology that allows teams to pinpoint fixes worth pursuing, offering a 95% recommendation in Gartner Peer Review.
About The Role
If you’re a results-driven person with an entrepreneurial mindset, who takes the initiative and thrives in a dynamic environment, then this is a great opportunity to play a pivotal role in a fast-growing cyber security company. We are looking for a smart and driven leader to have a direct impact on the future of our business by helping to influence global adoption of our award-winning Picus Security Validation Platform.
We are seeking a Technical SOC & SecOps Lead to drive our cloud-first security strategy in a SaaS-driven environment. This role will oversee both SOC (Security Operations Center) and SecOps (Security Engineering & Tool Management), ensuring a seamless approach to threat detection, incident response, and security operations across our cloud-based infrastructure.
As the Technical SOC & SecOps Lead, you will play a critical role in securing our customer data, cloud assets, and endpoint security (primarily macOS environments). You will lead SOC operations, drive SecOps automation, and optimize security tools to align with business and compliance objectives. This role requires a deep technical background in threat detection, security monitoring, cloud security, and security tooling to support a scalable and resilient cybersecurity strategy.
What You'll Do
Lead both SOC and SecOps domains, ensuring strong alignment between threat detection, incident response, and security tool operations
Develop and refine cloud-focused threat detection strategies, ensuring cloud security best practices are implemented across SIEM, EDR, and XDR solutions
Own incident response strategy and playbooks, ensuring fast and efficient detection, containment, and remediation of threats
Oversee cloud security services to harden our cloud security posture
Optimize security tools such as EDR/EPP, SIEM, VPN, Email Security, Network Security, DNS Security, IAM
Implement security automation and orchestration (SOAR) to improve incident response efficiency
Ensure zero-trust security principles are applied to identity management (IAM), endpoint security (macOS), and SaaS security configurations
Conduct continuous security validation (CTEM) to proactively test and enhance detection and response capabilities
Work closely with DevOps, IT, and engineering teams to integrate security into the development and deployment lifecycle
Act as the primary escalation point for high-severity security incidents
Track and improve SOC performance metrics (MTTD, MTTR, dwell time) and SecOps KPIs related to tool uptime and efficiency
Ensure compliance with ISO 27001, AICPA SOC 2, and other industry security frameworks relevant to SaaS-based organizations
Mentor and develop SOC and SecOps engineers, fostering a culture of security excellence and continuous learning
What You Have
2+ years of experience in SOC, SecOps, or security engineering leadership roles
Strong expertise in cloud security, particularly in cloud security services and configurations
Hands-on experience with SIEM, EDR/XDR, and security automation (SOAR) tools
Expertise in threat detection engineering and incident response methodologies
Experience securing SaaS applications and cloud-native architectures
Strong knowledge of zero-trust security, IAM best practices, and endpoint security for macOS environments.
Proficiency in Python, Bash, or PowerShell for automation and security tooling improvements
Familiarity with MITRE ATT&CK framework, threat intelligence services, and adversary simulation tools
Experience in SOC metrics and KPI tracking (MTTD, MTTR, false positive rates, tool uptime, etc.)
Knowledge of security and compliance frameworks such as ISO 27001, AICPA SOC 2, GDPR, and NIST CSF
A strong problem-solving and agile mindset, with the ability to balance security priorities with business objectives
Excellent communication skills to engage with executive stakeholders, IT teams, and internal/external auditors
Working at Picus
Fascinating work - a chance to shape and lead an exciting, fast-growing cyber security segment. Security Validation is a concept that helps organizations evaluate their security posture in a continuous, automated, and repeatable way. This approach allows for the identification of imminent threats, provides recommended actions, and produces valuable metrics about cyber-risk levels.
Unlimited opportunity! We are growing. At Picus, you'll be provided with as much responsibility as you can handle - new career development opportunities constantly arise given our rate of growth.
Global exposure - Get a lot of experience working not only in a fast-growing startup but also interact with customers all around the world.
Be part of a global remote team who is taking on Exposure Validation and a growing market segment.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, sex, race, color, national origin, religious belief, gender or gender reassignment, sexual orientation, marriage or civil partnership, pregnancy and maternity, disability, protected veteran status, or any other characteristic protected by International law. Upon conditional offer of employment, candidates are required to complete reference and identity checks in line with local labor laws and as per the Company’s employment policy.
