IT Security Lead - Threat Management

Description du poste:

Lead Advanced Threat Analysis and Strategy overseeing the identification, assessment and mitigation of cyber threats, leveraging innovative defense strategies and threat intelligence to strengthen organizational security. SOAR Orchestration & Automation Design and implement security automation workflows to enhance threat response efficiency. Continuously optimize playbooks to improve detection, triage, and incident resolution. Integrate SOAR with various security tools and business processes for seamless response coordination. SIEM Management Oversee SIEM platform architecture, ensuring optimal event correlation and threat detection. Develop and fine-tune rules, alerts, and dashboards for real-time security monitoring. Conduct regular assessments and tuning of SIEM to minimize false positives and enhance accuracy. Log Source Design & Health Management Define and implement log collection strategies to ensure comprehensive visibility. Monitor log source health, addressing data gaps and inconsistencies in ingestion pipelines. Enforce log retention policies and ensure compliance with regulatory and organizational requirements. Detection & Response Automation Enhance threat detection capabilities through machine learning models and behavioral analytics. Automate threat intelligence enrichment and response workflows to reduce dwell time. Collaborate with incident response teams to develop and refine automated remediation processes. Integration Management Ensure seamless integration of security tools and technologies to enhance threat visibility and response. Align security integrations with business objectives and compliance requirements. Monitor and optimize API-driven security integrations to ensure efficiency and reliability. Collaborate and Support the IT Security Operations team by providing expertise and input on incident response processes including containment, mitigation and recovery, enhancing detection capabilities and optimizing response strategies. Training and Mentoring: Providing training and mentoring to team members, fostering a culture of learning and knowledge sharing within the organisation.
Joining the Tech team at On, you'll find yourself at the heart of a fast-paced, diverse environment. Our ecosystem thrives on collaboration - a confluence of curious minds challenging and learning from one another, always seeking the uncharted. Here, we venture into new territories of technology, continuously refining our approach and embracing challenges head-on.
On is a place that is centered around growth and progress. We offer an environment designed to give people the tools to develop holistically - to stay active, to learn, explore and innovate. Our distinctive approach combines a supportive, team-oriented atmosphere, with access to personal self-care for both physical and mental well-being, so each person is led by purpose. On is an Equal Opportunity Employer. We are committed to creating a work environment that is fair and inclusive, where all decisions related to recruitment, advancement, and retention are free of discrimination

Profil requis du candidat:

With over 8+ years of hands-on experience in Threat Management, Secure Architecture, Cloud Security or/and Application Security with a focus on Zero Trust principles and modern security frameworks.. Your expertise spans cloud platforms (GCP, AWS, Azure), security tools (EDR, IDS/IPS), and secure system design, ensuring robust protection against evolving threats. You bring deep familiarity with secure software development practices and vulnerability management tools, reinforcing security at every stage of the development lifecycle. Hands-on experience in threat analysis, detection rule optimization and supporting incident response efforts in collaboration with SOC and security operation teams. Additionally, you have a strong track record in SIEM management, SOAR orchestration, log source health monitoring, and automation-driven threat mitigation. Proven ability to lead security initiatives and drive alignment with business goals. Experience influencing security policies and strategies at an organizational level. Established expertise to articulate complex security concepts to diverse audiences, from technical teams to business stakeholders, inspiring trust and alignment across the organization. Relevant professional certifications such as CISSP, GIAC, and/or AWS/GCP cloud-specific certifications. Fluent in English, your clear articulation bridges teams worldwide, ensuring collaborative synergy