Principal Cyber Defense Operations

The Principal Cyber Defense Operations Team Principal serves as the senior technical authority within the Cyber Defense Operations Team, responsible for ensuring the accuracy, quality, and threat-informed rigor of all escalations and investigations. This role leads the review of high-risk activity across CDOT Escalations, Insider Threat, and Cloud/AI Response queues, and ensures alignment with the organization’s detection, response, and visibility strategy.

Requirements

• 7+ years of experience in Security Operations, Incident Response, Threat Detection, or related cyber defense functions.
• Deep expertise in cloud security (Azure, AWS, GCP) and identity-centric attack patterns.
• Strong understanding of AI-driven detection models, behavioral analytics, and anomaly-based detection.
• Demonstrated ability to lead complex investigations and validate high-risk escalations.
• Strong knowledge of MITRE ATT&CK (enterprise and cloud matrices).
• Experience with SIEM, SOAR, EDR, and cloud telemetry sources.
• Excellent communication skills, with the ability to translate technical findings into clear, actionable guidance.

Benefits

• Medical, dental, and vision
• HSA contribution and match
• Dependent care FSA match
• Uncapped paid time off
• Paid parental leave
• 401(k) match
• Personal and healthcare financial literacy programs
• Ongoing education & tuition assistance
• Gym and fitness reimbursement
• Wellness program incentives