Pure Storage · 10 hours ago
Senior Security Operations Manager, Detection Engineering & Incident Response
Santa Clara, California
Full-time
Onsite
Senior Level, Lead/Staff
$225K/yr - $338K/yr
10+ years expPure Storage is reshaping the data storage industry with innovative technology, and they are seeking a Senior Security Operations Manager for Detection Engineering & Incident Response. This role involves leading the Security Operations function to enhance detection engineering, incident response, and threat intelligence, ultimately improving the organization's security posture across various environments.
Cloud ComputingEnterprise SoftwareBig DataData Storage
Responsibilities
Lead and mature the Detection Engineering and CIDR functions across threat detection, response workflows, incident triage, and automation
Build and maintain a comprehensive detection inventory categorized by threat type, log source, MITRE mapping, and detection method
Drive continuous validation through red team, purple team, and atomic testing
Own key SecOps metrics such as MTTD, MTTR, and alert quality to improve signal-to-noise ratio and detection confidence
Oversee ingestion of telemetry (AWS, Azure, SaaS, endpoint, network) into Splunk and SOAR pipelines
Ensure incident response workflows are automated, repeatable, and outcome-focused
Lead post-incident reviews and root-cause analyses, tracking corrective actions to closure
Correlate threat intelligence, detection gaps, and hunt findings into prioritized roadmap updates
Drive detection-to-remediation loops by partnering with ASM, Infra, IAM, AppSec, and GRC teams
Produce dashboards that connect technical posture to business risk and ownership metrics
Lead scenario-based tabletops, detection drills, and incident simulations
Qualification
Required
10+ years in cybersecurity, including 5+ years in detection, incident response, or SecOps leadership
Proven experience leading detection engineering and incident response teams at enterprise scale
Deep expertise with: SIEM (Splunk preferred), SOAR (Tines, XSOAR), and EDR (CrowdStrike)
Cloud telemetry and detection (CloudTrail, GuardDuty, VPC flow)
Threat modeling, MITRE ATT&CK, and TTP-to-detection lifecycle
Experience with detection-as-code practices, version control, and CI/CD pipelines
Hands-on skills validating detections through replay, simulation, and log mining
Familiarity with frameworks such as CIS Controls, NIST 800-53, and SOC 2
Ability to translate complex security data into clear, executive-level insights
Proven cross-team collaboration with Infra, GRC, Product Security, and App teams
Strong written and verbal communication with an emphasis on clarity and measurable outcomes
Preferred
Experience operating in hybrid cloud and SaaS-heavy environments
Understanding of attacker behavior, threat intel feeds, and threat hunting workflows
Familiarity with secrets detection, data exfiltration indicators, and IAM anomaly detection
Certifications such as CISSP, GCIH, GCIA, OSCP, AWS Security, or equivalent
Benefits
Flexible time off
Wellness resources
Company-sponsored team events
Company
Pure Storage
Pure Storage is an all-flash enterprise storage company that enables broad deployment of flash in data centers.
5001-10000 employees
H1B Sponsorship
Pure Storage has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (166)
2024 (187)
2023 (187)
2022 (189)
2021 (125)
2020 (152)
Funding
Current Stage
Public CompanyTotal Funding
$529.26MKey Investors
T. Rowe PriceTiger Global Management,T. Rowe PriceIndex Ventures
2015-10-06IPO
2014-08-11Secondary Market· $60M
2014-04-22Series F· $225M
Leadership Team
Charles Giancarlo
CEO and Chairman
Michael Cornwell
CTO - Americas
Recent News
alleywatch.com
2026-01-20
SuperbCrew
2026-01-17
Company data provided by crunchbase