Technical SOC Lead

Are you passionate about technology and enjoy explaining complex solutions in a way that everybody gets excited? If so, read on!

About Picus

Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context. Picus transforms security practices by correlating, prioritizing, and validating exposures across siloed findings so teams can focus on critical gaps and high-impact fixes. With Picus, security teams can quickly take action with one-click mitigations to stop more threats with less effort.

The Picus Security Validation Platform easily reaches across on-prem environments, hybrid clouds and endpoints coupled with Numi AI to provide exposure validation. 

The pioneer of Breach and Attack Simulation, Picus delivers award-winning threat-centric technology that allows teams to pinpoint fixes worth pursuing, offering a 95% recommendation in Gartner Peer Review.

About The Role

If you’re a results-driven person with an entrepreneurial mindset, who takes the initiative and thrives in a dynamic environment, then this is a great opportunity to play a pivotal role in a fast-growing cyber security company. We are looking for a smart and driven leader to have a direct impact on the future of our business by helping to influence global adoption of our award-winning Picus Security Validation Platform.

We are seeking a Technical SOC & SecOps Lead to drive our cloud-first security strategy in a SaaS-driven environment. This role will oversee both SOC (Security Operations Center) and SecOps (Security Engineering & Tool Management), ensuring a seamless approach to threat detection, incident response, and security operations across our cloud-based infrastructure.

As the Technical SOC & SecOps Lead, you will play a critical role in securing our customer data, cloud assets, and endpoint security (primarily macOS environments). You will lead SOC operations, drive SecOps automation, and optimize security tools to align with business and compliance objectives. This role requires a deep technical background in threat detection, security monitoring, cloud security, and security tooling to support a scalable and resilient cybersecurity strategy.

What You'll Do

• Lead both SOC and SecOps domains, ensuring strong alignment between threat detection, incident response, and security tool operations
• Develop and refine cloud-focused threat detection strategies, ensuring cloud security best practices are implemented across SIEM, EDR, and XDR solutions
• Own incident response strategy and playbooks, ensuring fast and efficient detection, containment, and remediation of threats
• Oversee cloud security services to harden our cloud security posture
• Optimize security tools such as EDR/EPP, SIEM, VPN, Email Security, Network Security, DNS Security, IAM
• Implement security automation and orchestration (SOAR) to improve incident response efficiency
• Ensure zero-trust security principles are applied to identity management (IAM), endpoint security (macOS), and SaaS security configurations
• Conduct continuous security validation (CTEM) to proactively test and enhance detection and response capabilities
• Work closely with DevOps, IT, and engineering teams to integrate security into the development and deployment lifecycle
• Act as the primary escalation point for high-severity security incidents
• Track and improve SOC performance metrics (MTTD, MTTR, dwell time) and SecOps KPIs related to tool uptime and efficiency
• Ensure compliance with ISO 27001, AICPA SOC 2, and other industry security frameworks relevant to SaaS-based organizations
• Mentor and develop SOC and SecOps engineers, fostering a culture of security excellence and continuous learning

What You Have

• 2+ years of experience in SOC, SecOps, or security engineering leadership roles
• Strong expertise in cloud security, particularly in cloud security services and configurations
• Hands-on experience with SIEM, EDR/XDR, and security automation (SOAR) tools
• Expertise in threat detection engineering and incident response methodologies
• Experience securing SaaS applications and cloud-native architectures
• Strong knowledge of zero-trust security, IAM best practices, and endpoint security for macOS environments.
• Proficiency in Python, Bash, or PowerShell for automation and security tooling improvements
• Familiarity with MITRE ATT&CK framework, threat intelligence services, and adversary simulation tools
• Experience in SOC metrics and KPI tracking (MTTD, MTTR, false positive rates, tool uptime, etc.)
• Knowledge of security and compliance frameworks such as ISO 27001, AICPA SOC 2, GDPR, and NIST CSF
• A strong problem-solving and agile mindset, with the ability to balance security priorities with business objectives
• Excellent communication skills to engage with executive stakeholders, IT teams, and internal/external auditors

Working at Picus

Fascinating work - a chance to shape and lead an exciting, fast-growing cyber security segment. Security Validation is a concept that helps organizations evaluate their security posture in a continuous, automated, and repeatable way. This approach allows for the identification of imminent threats, provides recommended actions, and produces valuable metrics about cyber-risk levels.

Unlimited opportunity! We are growing. At Picus, you'll be provided with as much responsibility as you can handle - new career development opportunities constantly arise given our rate of growth.

Global exposure - Get a lot of experience working not only in a fast-growing startup but also interact with customers all around the world.

Be part of a global remote team who is taking on Exposure Validation and a growing market segment.

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, sex, race, color, national origin, religious belief, gender or gender reassignment, sexual orientation, marriage or civil partnership, pregnancy and maternity, disability, protected veteran status, or any other characteristic protected by International law. Upon conditional offer of employment, candidates are required to complete reference and identity checks in line with local labor laws and as per the Company’s employment policy.