RBGlobal logo

Lead Cybersecurity Engineer

RBGlobal
2 days ago
Full-time
On-site
Westchester, Florida, United States
Description

About the Role: 

We are seeking a Lead, Cybersecurity Operations to play a critical role in advancing our global Cybersecurity Operations (CSOC) capabilities. 

This individual will serve as a senior technical leader responsible for overseeing threat detection, incident response, and continuous improvement of security operations across the organization. As part of the Cybersecurity Operations Team, the Lead will drive operational excellence by enhancing detection strategies, improving incident response processes, and ensuring effective use of security technologies. This role acts as the primary technical escalation point for analysts and a key liaison between leadership and the SOC team—translating strategic direction into actionable work and ensuring meaningful outcomes.

This position requires a hands-on leader with deep technical expertise, strong operational awareness, and a passion for elevating both team performance and cybersecurity capabilities in a fast-paced, evolving threat landscape.

Responsibilities: 

  • Lead Cybersecurity Operations Execution & Quality
    Oversee day-to-day security monitoring, detection, and response activities, ensuring high-quality investigations and timely remediation of security events and incidents.
  • Serve as Primary Technical Escalation Point
    Act as the go-to escalation resource for analysts, providing hands-on guidance for complex investigations and ensuring consistency and depth in investigative outcomes.
  • Own Incident Response Lifecycle & Stakeholder Coordination
    Lead and coordinate complex security incidents end-to-end, while acting as a liaison between leadership and the SOC—translating strategic direction into actionable tasks and delivering clear, meaningful updates.
  • Drive Detection & Response Maturity (SIEM & Tooling)
    Lead SIEM-driven operations and continuously improve detection capabilities through use-case development, tuning, telemetry optimization, and enhanced coverage across security domains.
  • Coordinate SME Programs & Operational Initiatives
    Break down strategic cybersecurity objectives into actionable workstreams, track progress, remove blockers, and ensure successful execution of team initiatives.
  • Develop & Optimize Playbooks, Processes, and Automation
    Create and refine incident response playbooks, SOPs, and automation opportunities to improve consistency, efficiency, and scalability of operations.
  • Leverage Metrics & Threat Insights to Drive Improvement
    Track key operational metrics (MTTD, MTTR, alert fidelity) and conduct advanced threat analysis to inform decisions, strengthen defenses, and continuously improve security posture.

Requirements: 

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent practical experience).
  • Security+, GCIH, GCIA, GCED, or equivalent certifications.
  • 5–8+ years of experience in cybersecurity operations or SOC environments 
  • Proven experience leading or coordinating incident response activities 
  • Hands-on experience with SIEM platforms and building detection-driven operations 
  • Strong familiarity with security technologies such as EDR, NDR, email security, WAF, and identity/security monitoring tools