Qode
Information Technology and Services
CybersecurityLead
Neural analysis suggests this role is
optimal for Lead candidates.
“Cybersecurity Lead at Qode. Skills: Offensive security, Defensive security, Incident response, Threat emulation. Lead Blue Team operations. Enhance security monitoring tools”
What You'll Achieve.
Improve detection coverage; Improve response automation; Improve control validation; Demonstrate risk reduction; Demonstrate readiness improvement
Industry & Context.
Root cause analysis
What They're Looking For.
Must Have
Bachelor’s degree in Computer Science, 8+ years cybersecurity experience, Proven leadership across Blue, Red, or Purple Team operations, Demonstrated ownership of enterprise security detection tools, Understanding of MITRE ATT&CK, Understanding of Cyber Kill Chain, Understanding of threat emulation frameworks, Deep technical expertise in endpoint forensics, Deep technical expertise in network forensics, Deep technical expertise in cloud security monitoring, Deep technical expertise in scripting and automation, Deep technical expertise in security engineering, Proven ability to lead incident response, Proven ability to lead purple team exercises
Nice to Have
Experience in enterprise environments, Experience in production-scale environments, Experience in SaaS environments, Experience in networking environments, Experience in hybrid cloud infrastructures, Familiarity with DevSecOps practices, Familiarity with CI/CD pipeline security, Familiarity with cloud-native monitoring, Prior experience mentoring Blue Team analysts, Managing tool life cycles, Managing vendor relationships, Exposure to purple team automation frameworks
What You'll Do.
Lead Blue Team operations
Enhance security monitoring tools
Enhance detection pipelines
Enhance incident response processes
Lead Red Team simulations
Measure defensive posture
Improve defensive posture
Manage security detection platforms
Configure security detection platforms
Tune security detection platforms
Integrate detection tools
Define log collection standards
Define log parsing standards
Define log correlation standards
Integrate security telemetry
Oversee threat hunting
Oversee incident response playbook execution
Embed security monitoring hooks
Design adversary emulation exercises
Conduct adversary emulation exercises
Execute attack chains
Develop adversary scripts
Maintain adversary scripts
Develop adversary payloads
Maintain adversary payloads
Provide post-exercise reports
Operationalize detections
Lead incident response efforts
Co-lead incident response efforts
Coordinate containment
Coordinate investigation
Build incident response runbooks
Maintain incident response runbooks
Conduct root cause analysis
Integrate threat intelligence
Integrate forensic insights
Plan adversarial simulations
Execute adversarial simulations
Validate threat detection
Validate alert fidelity
Validate incident response readiness
Develop detection coverage roadmap
Develop response automation roadmap
Develop control validation roadmap
Serve as technical escalation point
Guide Blue Team staff
Translate technical results
Demonstrate risk reduction
Demonstrate readiness improvement
How You'll Work.
Team & Collaboration
Collaborate with IT teams; Collaborate with Engineering teams; Partner with DevOps teams; Partner with infrastructure teams; Collaborate with Blue Team engineers; Engage technical teams
Communication Scope
Executive insights; Executive presentations
Process & Methodology
Roadmap development
Full Job Description
**Position:** Cybersecurity Lead **Location:** San Jose, CA (Hybrid) **Type:** Full-Time **Company Overview** Incedo is a US-based consulting, data science and technology services firm with over 4000 people helping clients from our six offices across US, Mexico and India. We help our clients achieve competitive advantage through end-to-end digital transformation. Our uniqueness lies in bringing together strong engineering, data science, and design capabilities coupled with deep domain understanding. We combine services and products to maximize business impact for our clients in telecom, Banking, Wealth Management, product engineering and life science& healthcare industries. **Role Overview:** The Cybersecurity Lead serves as a hands-on technical leader responsible for uniting offensive and defensive security operations to continually improve the company’s ability to detect, respond to, and recover from cyber threats. This role will lead the Blue Team in managing and enhancing security monitoring tools, detection pipelines, and incident response processes, while also coordinating Red Team simulations that measure and improve the company’s defensive posture. Reporting to the Director of Cybersecurity, this leader bridges strategy and execution driving the mission to emulate adversaries, strengthen controls, and transform findings into actionable defence improvements. **Key Responsibilities:** Blue Team Operations and Tool Management * Lead and oversee the management, configuration, and tuning of security detection and response platforms, including: * SIEM (e.g., Splunk, PANW, or Azure Sentinel) * EDR/XDR (e.g., CrowdStrike, SentinelOne, Microsoft Defender) * SOAR automation platforms * Network IDS/IPS, NDR, and threat intelligence platforms (TIPs) * Ensure all detection tools are integrated for end-to-end visibility across endpoints, cloud environments, and production systems * Define standards for log collection, parsing, and correlation to enhance alert accuracy and
Applying for this Cybersecurity Lead role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about Qode?
Real rants from real employees. Read before you apply.