Protingent

About the Company

Protingent is a technical staffing firm specializing in providing IT and engineering professionals for all areas of product design, development and test. We place high-caliber engineers with many of the leading technology companies in the U.S. We were founded in 2001 by an engineer and have always been dedicated to providing the right engineers who possess a high level of skill and knowledge regarding the technologies required to drive our clients' success.

The intrinsic value of any enterprise comes down to the quality of its people. Our clients understand that cutting-edge products aren't designed and developed in a void. It takes exceptional people and consistent communication and collaboration. These beliefs are at the core of Protingent and have been instrumental in our ability to build a team of exceptional people.

Listed Jobs

Company Name

Protingent

Job Title

Security Detection & Response Lead

Job Description

**Job Title** Security Detection & Response Lead **Role Summary** Lead enterprise‑wide security monitoring, threat detection, and incident response across SIEM, EDR, network, endpoint, and cloud security platforms. Drive detection engineering, threat hunting, and response optimization to reduce false positives, improve MTTR/MTTD, and enhance overall security posture. **Expactations** - 6–8 years in security operations, threat detection, or incident response. - Expertise with SIEM (e.g., Splunk) rule creation, correlation, and analytics. - Proven ability to lead high‑severity incident investigations and cross‑functional response. - Strong analytical, decision‑making, and communication skills. - Demonstrated mentoring of SOC analysts and incident responders. **Key Responsibilities** - Design, implement, and optimize detection rules, dashboards, and alerting logic. - Ensure comprehensive log ingestion, parsing, normalization, and telemetry coverage. - Lead investigation, containment, eradication, and recovery of security incidents. - Conduct advanced root‑cause analysis and post‑incident reviews. - Perform proactive threat hunting using SIEM, NDR, EDR, CASB, and cloud telemetry. - Map detections and investigations to MITRE ATT&CK framework. - Mentor SOC analysts and improve runbooks, threat models, and triage procedures. - Track and report security metrics (MTTD, MTTR, detection coverage, trend analysis). - Collaborate with IT, infrastructure, engineering, and vulnerability management to prioritize remediation. **Required Skills** - SIEM platforms (Splunk or equivalent) – rule creation, correlation, dashboarding, log analysis. - Incident response, threat investigation workflows, root‑cause analysis. - Threat hunting methodologies, MITRE ATT&CK knowledge. - Enterprise log understanding (Windows/Linux, firewalls, IDS/IPS, endpoints, cloud services). - Cloud security monitoring (AWS, Azure, etc.). - SOAR/automation familiarity (plus). - Analytical, problem‑solving, and decision‑making in fast‑paced environments. - Strong written and verbal communication. - Leadership and mentorship across global teams. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or related field (Master’s preferred). - Professional certifications: CISSP, GCIH, GCIA, Security+, Splunk Security certifications, or equivalent preferred.

San jose, United states

On site

Senior

17-03-2026