Security Operations Lead at Cleo

Cleo is seeking a Security Operations Lead to build, operate, and continuously improve our security detection, response, and operational resilience capabilities. This leader will be responsible for protecting Cleo’s cloud infrastructure, SaaS platforms, endpoints, and corporate environment from evolving threats while ensuring operational stability and regulatory alignment. The ideal candidate is hands-on, technically deep, and capable of building scalable security operations in a high-growth SaaS environment. What You Will Be Doing Security Monitoring and Detection • Own and evolve Cleo’s detection and response strategy • Lead daily monitoring of security events across cloud, endpoint, identity, and application layers • Continuously tune detection rules to reduce noise and improve signal • Ensure effective coverage across AWS, SaaS platforms, and corporate systems • Leverage SIEM, EDR, and cloud-native tooling to improve visibility Incident Response and Containment • Lead security incident investigations and coordinate cross-functional response • Develop and maintain incident response playbooks • Conduct post-incident reviews focused on systemic improvement • Reduce mean time to detect and contain security events • Partner with Legal, Compliance, and Leadership during material incidents Vulnerability and Exposure Management • Oversee vulnerability scanning across infrastructure, endpoints, and cloud resources • Prioritize remediation based on business risk • Track critical vulnerability exposure windows • Partner with Engineering and IT to drive timely remediation Cloud and Identity Security Operations • Monitor and secure AWS accounts and cloud-native services • Identify and remediate misconfigurations • Strengthen identity and access management controls • Collaborate with Cloud Security and Platform teams on guardrails Operational Metrics and Reporting • Define and track security operations KPIs • Report on detection efficacy, remediation timelines, and exposure trends • Provide board-ready operational risk metrics • Support audit and compliance evidence requirements Automation and Continuous Improvement • Automate repetitive operational tasks • Improve alert triage workflows • Optimize tooling effectiveness and cost efficiency • Reduce operational friction through process refinement Leadership and Collaboration • Lead and mentor security analysts and engineers • Partner closely with Engineering, IT, and Platform teams • Contribute to the Security Champion and Guild initiatives • Build a culture of proactive risk identification Your Skills • Experience in mid-market or high-growth SaaS environments • Experience supporting SOC 2, ISO 27001, or similar audits • Familiarity with MITRE ATT&CK framework • Experience building or maturing security operations functions • Relevant certifications such as CISSP, GCIA, GCIH, or similar Your Qualifications Education • Bachelor’s degree required. Experience • 7+ years of experience in security operations, incident response, or detection engineering • Strong experience securing cloud-native SaaS environments, preferably AWS • Hands-on experience with SIEM, EDR, vulnerability management, and cloud security tooling • Deep understanding of attacker techniques and threat detection methodologies • Experience leading incident response efforts • Strong communication skills with the ability to translate technical risk into business impact A few things we have to offer: • Compensation: $120,000 - $140,000 • Great Healthcare + Dental + Vision • Flexible PTO • Culture of support, encouraging Life-Work balance • 401k match • FSA and HSA options • Employee Assistance Program • Paid Parental Leave • Representing a company with 4,000+ clients and a 99% retention rate • Accelerated title and salary growth potential • A fun and energetic work environment that makes you excited to go to work every day We use artificial intelligence (AI) tools to assist in certain stages of our recruitment process, such as resume screening and candidate matching. These tools are designed to support fair and consistent evaluations. If you have questions about this process or would like to request an alternative assessment method, please contact us at [Upgrade to PRO to see contact]. Cleo Communications US, LLC is an equal opportunity/affirmative action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability status, protected veteran status, or any other characteristic protected by law.