We Help the World Be Everyday Ready™
Today's threatscape is relentless. So are we. At Cyderes, we build practical Identity & Access Management (IAM), Exposure Management, and risk programs, helping organizations stop active threats fast with Managed Detection & Response (MDR) that integrates with existing tools. Powering it all is Meridian, our entity fabric that connects identities, assets, and access into one trusted reality. Augmented by AI and driven by seasoned operators, our tireless global team arms organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.
🏆 Great Place to Work® Certified™ | · United States · Canada · United Kingdom · India
Role Summary
The Operations Advisor is the primary technical owner of detection outcomes for assigned clients. You drive detection quality, identify gaps in coverage, and advance client security maturity through expert-level advisory and hands-on detection engineering.
You own the technical account relationship — and you deliver measurable outcomes that clients can see and trust.
Responsibilities
Own and maintain detection coverage aligned to the Cyderes Rule Set
Lead tuning and optimization of detection rules across SIEM platforms
Identify, prioritize, and remediate detection gaps
Execute and guide retrohunt activities to validate detection effectiveness
Own the technical account relationship for assigned clients
Lead technical cadence calls focused on detection performance, gaps, and outcomes
Translate technical findings into risk-based, business-relevant insights
Guide clients on prioritization of improvements based on detection impact
Act as a trusted advisor on detection strategy and operational effectiveness
Support and lead response efforts for security incidents
Provide detection-focused expertise during investigations
Identify detection improvements based on real-world incident learnings
Requirements
3–5 years of experience in detection engineering, security operations, or a closely related discipline
Hands-on proficiency with one or more enterprise SIEM platforms (Splunk, Microsoft Sentinel, Chronicle, or equivalent)
Demonstrated experience writing and tuning detection rules in production environments
Working knowledge of MITRE ATT&CK and ability to map detections to adversary TTPs
Strong client-facing communication — leads technical conversations and earns trust
Experience conducting or supporting incident response investigations
Experience in a managed security services or MSSP environment serving multiple clients
Proficiency in multiple SIEM query languages (SPL, KQL, YARA-L, or similar)
Familiarity with SOAR platforms and automation-assisted detection workflows