Lead Cyber Security Engineer

Job Overview As a Lead Cyber Security Engineer, you will be instrumental in protecting Relativity's network and infrastructure. You will investigate and analyze emerging threats to our assets, identities, and clients. Your expertise will provide actionable remediation guidance to end users while collaborating with a team of skilled cyber experts to anticipate and mitigate evolving threats using advanced tools and next-generation capabilities. Key Responsibilities: Review, validate, and triage alerts while conducting thorough technical analyses of log data from various sensors, enhancing security posture with threat intelligence. Assess the impact of security events through host, cloud, and network indicators to escalate incidents effectively. Develop and deploy detection and prevention signatures as part of an overarching defense strategy utilizing diverse technologies. Build automations for searching telemetry, detecting, and isolating advanced threats that bypass security measures. Create standard operating procedures, security operation center (SOC) playbooks, configuration guides, and secure standards. Streamline incident handling processes to boost efficiency and effectiveness. Engage in ongoing research on emerging threats, applying effective countermeasures in a fast-paced environment. Serve as a subject matter expert on the mechanisms and analysis of observed malicious activities. Thoroughly document and communicate investigation findings to both technical and executive stakeholders. Identify automation opportunities to minimize manual workload. Integrate, operate, and connect multiple cybersecurity tools and applications through automation. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection roles focusing on cloud applications and corporate networks. Experience with threat detection development and tuning. Proficient in software design and development. DevSecOps experience. Skilled in threat hunting, emulation, and/or purple teaming exercises. Familiarity with standard security devices and their configuration. Experience with reverse engineering malicious code to understand infection propagation mechanisms. Knowledge of threat intelligence tools and processes. Certifications such as GCFA, GCIA, GCIH, GNFA, GREM, OSCP, CEH are preferred. 5+ years of experience in related roles in a Security Operations Center or Incident Response. Strong incident response skills, including network forensics, memory forensics, and packet analysis. Ability to write and analyze scripts in PowerShell, C#, and Python. Ability to independently manage and prioritize complex security incidents. Deep understanding of SOC/CIRT operational processes and documentation. Extensive knowledge of TCP/IP, network services, cryptography, and web application attacks. Proven ability to collaborate with global cross-functional teams to enhance Relativity's security posture. Thorough understanding of infection mechanisms, malicious behavior, and mitigating controls. Strong awareness of attacker tactics targeting sensitive systems and data. Excellent analytical and problem-solving skills. Skilled in using programming and scripting languages to develop automation and SOAR playbooks. Relativity values competitive, fair, and equitable compensation practices. This position offers a total compensation package including a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between $150,000 and $226,000, based on various factors including depth of experience, skill set, qualifications, and internal pay equity. Hiring towards the upper end of the range is uncommon to allow for future salary growth opportunities. Essential Skills: Cybersecurity Infrastructure Security Network Security Penetration Testing Security Architecture Design Security Audit Security Information Security Information and Event Management (SIEM) Security Operations Vulnerability Management

Created: 2026-03-04