Security Operations Tech Lead

About Us

Zenity is the first and only holistic platform built to secure and govern AI Agents from buildtime to runtime. We help organizations defend against security threats, meet compliance, and drive business productivity. Trusted by many of the world’s F500 companies, Zenity provides centralized visibility, vulnerability assessments, and governance by continuously scanning business-led development environments. We recently raised $38 million in a Series B funding, solidifying our position as a leader in the industry and enabling us to accelerate our mission of securing AI Agents everywhere.

Job Description:

We are looking for a senior, hands-on Security Operations Lead to build, mature, and operate Zenity’s detection, response, and corporate security capabilities. You will own the engineering, workflows, and processes that keep Zenity secure day-to-day, while continuously improving visibility, automation, and operational resilience across both corporate and production environments. This role requires a technical operator who can architect scalable detection and response pipelines, manage endpoint and identity security controls, streamline GTM security enablement, and collaborate across the company to reduce risk. You will balance strategic direction with hands-on execution—ensuring threats are identified quickly, incidents are handled effectively, and the organization’s operational security posture remains strong as Zenity grows.

Responsibilities

Own and mature Zenity’s Detection & Response program, including alerting, triage workflows, incident playbooks, and end-to-end response processes.
Build and maintain detection logic, integrations, and automation across logging, SIEM, EDR, cloud telemetry, and internal monitoring systems.
Lead incident investigations, coordinate response across engineering and business teams, and ensure clear communication and post-incident reviews.
Manage Zenity’s Corporate Security Program, including identity and access management, endpoint posture management, corporate data security controls, and DLP practices.
Oversee privileged access workflows and JIT access for corporate and production systems in alignment with least-privilege principles.
Partner with engineering teams to ensure production environments maintain strong security baselines, logging, and monitoring coverage.
Collaborate with GTM/Sales teams to support Security Enablement, including third-party security questionnaires, customer assurance needs, and auditor inquiries.
Build automation-first operational processes that reduce manual overhead and provide consistent, repeatable security outcomes.
Develop and refine detection and response runbooks, escalation paths, and cross-team coordination models.
Maintain and improve incident and operational metrics, dashboards, and KPIs to measure operational efficiency and threat coverage.
Drive the intake and prioritization of security operations requests through Jira and internal workflows.
Work closely with Product Security, Cloud/DevOps, and GRC to ensure shared visibility and aligned operational practices.
Identify operational security gaps, propose improvements, and lead implementation efforts across tooling, processes, and controls.
Promote a culture of proactive detection, fast response, and shared responsibility for organizational security.

Requirements:

Five (5) + years of experience in Engineering / Security Engineering
We build solutions when faced with a capability gap
You’re very comfortable with Kubernetes, Helm, and Terraform
You’re very comfortable with Python, Typescript, or Go
Two (2) + years of experience in Incident Response role
You’ve led at least 2 high risk production security incidents
You’ve handled the investigation of hundreds of client endpoint security alerts
Bonus points for significant experience in macOS
You’ve developed or improved threat detection and signal triage programs
Two (2) + years of experience managing enterprise wide security projects
You have a strong opinion on what a “project plan” doc should look like
You’ve owned and delivered the migration of a high impact security tool (EDR, SIEM, ZTNA, etc.)