Lead Security Operations Engineer

Lead Security Operations Engineer (worldwide remote, work anywhere) We are looking for a Lead Security Operations Engineer who will drive the development, implementation, and operational excellence of our detection, incident response, and threat intelligence capabilities. This role requires expertise in analyzing large datasets, building and maintaining Detection & Response infrastructure, and deploying cybersecurity tools at the infrastructure level. You will play a key role in strengthening CloudLinux’s security posture by enhancing visibility, improving response processes, and collaborating across teams to lead critical security initiatives. Responsibilities Incorporate security practices into our infrastructure and automation processes. Collaborate with development and operations teams to embed security measures into the entire software development lifecycle. Create detection rules to catch attackers. Pursue unusual strategies to radically improve our ability to detect attackers and the speed of detection. Stay current with security standards/regulations. Identify security innovation tools and lead implementation solutions from proof of concept to production. Manage/implement cloud security controls—identity, access management, organizational policies. Evolve our tooling/logging/monitoring/alerting systems, increasing observability and transparency. Triage, investigate, and elevate security alerts, and provide recommendations for remediation. Document procedures and best practices to ensure effective knowledge sharing. Configure and operate security scanning tools, collaborating with internal and external engineering teams to optimize alert rules. Develop a comprehensive understanding of systems, environments, and tools. Requirements Experience in an IT/security-related role (SecOps/Blue Team experience, etc.). Experience handling security alerts/executing incident response. Experience with building, configuring, and managing patch‑management tools. Practical knowledge of tools and/or tech stack components such as EDR, vulnerability scanner, SIEM, Cloud. Practical knowledge of fundamental security concepts, including network/endpoint security, security alert triage, and basic application security. Experience building and maintaining monitoring and alerting capabilities. Deep expertise with Linux‑based operating systems. Critical thinking and the ability to balance security requirements with mission needs. Innovative approach. Be an IT Security enthusiast with thorough knowledge and expertise in the security and software development spaces. Thorough understanding of the latest technologies, security principles, and protocols. Ability to demonstrate comprehensive, practical knowledge of research and collection skills as well as analytic methods. At least C1 and a higher level of English proficiency. Preferred Qualifications Relevant information security certifications: CISSP, OSCP, OSCE, LPT, etc. Experience in modern container orchestration projects. Experience with cloud vendors—GCP, Azure, AWS. Knowledge of/experience with international information security standards and personal data protection standards: ISO 27XXX, PCI DSS, GDPR, etc. Knowledge of/experience with information security standards and frameworks: PKI, WS-Security, X.509, SSL/TLS, etc. Bachelor’s degree in Computer Science, Information Security, or related field. Experience in CTF or bug bounty programs. Knowledge of application security practices and tools. Benefits Full remote work with flexible working hours, allowing you to schedule your day and work from any location worldwide. Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leave. Compensation for private medical insurance. Co‑working and gym/sports reimbursement. Budget for education. The opportunity to receive a reward for the most innovative idea that the company can patent. Focus on professional development. Interesting and challenging projects. By applying for this position, you agree with CloudLinux Privacy Policy ( ) and give us your consent to maintain and process your personal data with this respect. Please read our Privacy Policy for more information. #J-18808-Ljbffr