[Hiring] SOC Lead - Detection & Response @Atlan

Role Description

We're looking for a SOC Lead who will own Atlan's security operations end-to-end. You lead the function, not a team. You own detection and response outcomes, manage our external SOC vendor, and build the AI-native operations layer that defines what security ops looks like at Atlan.

You'll report to the Senior Security Manager and work across Application Security, Platform Security, GRC, and Corporate Security. We expect this person to contribute beyond SOC — whether that's supporting compliance audits, or security automation.

What You'll Do

• Own SOC operations
• Manage the managed SOC vendor
• Build detection and response capability
• Build and operate AI agents for SOC
• Lead incident response
• Drive automation
• Build toward in-house SOC
• Contribute across security domains
• Report to leadership

Qualifications

• 6+ years in security operations, with demonstrated experience building or leading core SOC functions, particularly across detection engineering and incident response.
• Hands-on experience with SIEM platforms — alert triage, detection rule development, correlation logic (Splunk preferred)
• Experience managing or working closely with a managed SOC or MDR vendor
• Strong incident response fundamentals — you've run incidents, written post-mortems, and improved controls as a result
• Comfortable with cloud-native environments (AWS/GCP/Azure) and the threat landscape specific to SaaS B2B companies
• Experience with EDR platforms (SentinelOne, CrowdStrike, or similar)
• Ability to write clearly — incident reports, runbooks, leadership briefings
• Hands-on experience building automation — scripts, workflows, or integrations that reduced manual analyst work

Requirements

• Working knowledge of LLMs and how they can be applied to security operations — triage, summarization, investigation assistance
• Experience building or using AI-assisted security workflows (prompt engineering, agent frameworks, or SOAR + AI integrations)
• Ability to evaluate and deploy AI SOC agent tooling — you can tell the difference between a demo and something production-ready

Nice to Have

• Experience building or scaling an in-house SOC from scratch
• Familiarity with automation tooling (n8n, Tines, Palo Alto XSOAR, or similar)
• Prior work building agentic security workflows — multi-step AI pipelines that take actions, not just generate text
• Working knowledge of compliance frameworks (SOC 2, ISO 27001, HIPAA) and how SOC feeds compliance evidence
• Threat hunting experience
• Relevant certifications: GCIA, GCIH, GCFA, or equivalent

Benefits

• Competitive Compensation: Strong base salary, performance-based variable pay, and impact-driven equity.
• AI Native Culture: AI is woven into how we build, think, and work every day.
• Health & Wellness: Comprehensive health, dental, vision, and mental health benefits.
• Flexible Time Off & Leave Policies: Trust to own your energy with flexible time off and modern leave.
• Accelerated Growth & Learning: Develop at an uncommon velocity through cutting-edge tech.
• Global, Remote-First, High-Trust: Work from anywhere with a diverse team across 15+ countries.