Today's threatscape is relentless. So are we. At Cyderes, we build practical Identity & Access Management (IAM), Exposure Management, and risk programs, helping organizations stop active threats fast with Managed Detection & Response (MDR) that integrates with existing tools. Powering it all is Meridian, our entity fabric that connects identities, assets, and access into one trusted reality. Augmented by AI and driven by seasoned operators, our tireless global team arms organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.
About the Role:
The Operations Advisor is the primary technical owner of detection outcomes for assigned clients. You drive detection quality, identify gaps in coverage, and advance client security maturity through expert-level advisory and hands-on detection engineering. You own the technical account relationship — and you deliver measurable outcomes that clients can see and trust. This role reports to Manager, Cyber Defense Operations.
Responsibilities:
- Own and maintain detection coverage aligned to the Cyderes Rule Set
- Lead tuning and optimization of detection rules across SIEM platforms
- Identify, prioritize, and remediate detection gaps
- Execute and guide retrohunt activities to validate detection effectiveness
- Own the technical account relationship for assigned clients
- Lead technical cadence calls focused on detection performance, gaps, and outcomes
- Translate technical findings into risk-based, business-relevant insights
- Guide clients on prioritization of improvements based on detection impact
- Act as a trusted advisor on detection strategy and operational effectiveness
- Support and lead response efforts for security incidents
- Provide detection-focused expertise during investigations
- Identify detection improvements based on real-world incident learnings
Requirements
- 3–5 years of experience in detection engineering, security operations, or a closely related discipline
- Hands-on proficiency with one or more enterprise SIEM platforms (Splunk, Microsoft Sentinel, Chronicle, or equivalent)
- Demonstrated experience writing and tuning detection rules in production environments
- Working knowledge of MITRE ATT&CK and ability to map detections to adversary TTPs
- Strong client-facing communication — leads technical conversations and earns trust
- Familiarity with SOAR platforms and automation-assisted detection workflows
- 3+ years of experience with threat hunting methodologies and retrohunt program execution
- Relevant certifications: GCIA, GCIH, GCDA, or SIEM vendor certifications
WHY CYDERES?
Benefits that go beyond the basics, we support our people so they can do their best work.
✔ Medical Insurance - Employee + dependents covered
✔ Life Insurance - Protection for what matters most
✔ Retirement Match Program - We invest in your future
✔ Hybrid Work Model - 2–3 days in office
✔ Maternity & Paternity Leave - Time for the moments that matter
✔ Paid Time Off - PTO + sick & casual leave
✔ Bereavement & Volunteer Time - Give back to your community
✔ Professional Development - Reimbursement program
✔ LinkedIn L&D Platform - Thousands of courses at your fingertips
✔ Mobile Phone Reimbursement - Stay connected, on us
Similar Jobs
What you need to know about the Austin Tech Scene
Key Facts About Austin Tech
- Number of Tech Workers: 180,500; 13.7% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Dell, IBM, AMD, Apple, Alphabet
- Key Industries: Artificial intelligence, hardware, cloud computing, software, healthtech
- Funding Landscape: $4.5 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Live Oak Ventures, Austin Ventures, Hinge Capital, Gigafund, KdT Ventures, Next Coast Ventures, Silverton Partners
- Research Centers and Universities: University of Texas, Southwestern University, Texas State University, Center for Complex Quantum Systems, Oden Institute for Computational Engineering and Sciences, Texas Advanced Computing Center


