Job Description: Security Operations Expert

About Us

Red Cell Partners is an incubation firm building and investing in rapidly scalable technology-led companies that are bringing revolutionary advancements to market in three distinct practice areas: healthcare, cyber, and national security. United by a shared sense of duty and deep belief in the power of innovation, Red Cell is developing powerful tools and solutions to address our Nation’s most pressing problems.

About Andesite

After decades defending the nation's most sensitive networks, we founded Andesite with a clear mission: to build security products that transform how humans and AI collaborate to defend against increasingly sophisticated cyber threats.

We’re a diverse team of cyber and security experts, passionate technologists, and experienced product builders. We come from some of the largest national security, tech, cybersecurity, and data organizations on the planet.

We've raised more than $38 million from investors like General Catalyst and Red Cell Partners.

The future of cybersecurity isn't about better technology alone—it's about reimagining how humans and machines work together. Come build with us.

Role Summary

We are seeking a highly motivated Security Operations Expert with a strong private sector background to contribute towards the development and execution of our product vision. This role is an advocate of security operations workflows, integrations, technology stack, detection engineering, and security analysis. As a key member of the Product team, this role will collaborate closely with engineering, internal stakeholders, and external partners to build an integration ecosystem that enhances the user experience and drives business growth. Additionally, the person in this role may occasionally provide support for customer security tool integrations with our product. The ideal candidate is someone who understands security operations at tactical and strategic levels, who has become intimately familiar with the challenges of security detection and analysis at scale, and is ready to help build a platform that addresses these pain points.

Key Responsibilities

Internal Security Consulting:

• Occasionally assist internal security operations with various tasks including detection engineering, SIEM maintenance, and analysis.
• Support continuous improvement of internal security processes.

Development:

• Work with cross-functional teams to build realistic scenarios that enable collection of security logging, generation of alerts, and drive realistic analytic workflows.
• Build detections for all supported SIEMs to produce security alerting to support product use case development.

Engineering and Customer Support:

• When required, work with engineering to help solve customer problems related to integration with tools in the customer’s security stack.
• Collaborate with product and customer support to translate security insights into feature requirements.

Qualifications

• Experience: 5+ years of experience in cybersecurity operations including incident response, detection engineering in government or commercial with a preference for commercial.
• Technical Skills: Thorough working knowledge of security tools like Splunk, Microsoft Defender for Endpoint, Microsoft Sentinel, and point solutions.
• Data Flows: Thorough understanding of security data flows and integrations.
• Collaboration: Strong technical background with the ability to collaborate effectively with engineering teams.
• Learning Agility: Self-starter with the ability to learn new technologies quickly.

Roles you may have held previously:

• Threat Hunter
• SOC Chief/Manager
• Detection Engineer
• Tier 3+ SOC Analyst
• Security Engineer

Even Better If You Have:

• Experience with building your SOC’s technology stack.
• Experience building automations and custom SIEM capabilities.
• Experience working with cyber test range environments.

What We Can Offer

• A competitive salary, bonus, and equity package.
• 100% employer-paid, comprehensive health insurance including medical, dental.

Employment Type:

• [Employment Type Placeholder]

Location Type:

• [Location Type Placeholder]

Salary:

• [Salary Placeholder]