Home › Companies › Thinkahead › Security Engineer
Security Engineer
Thinkahead · United States · Remote · Deleted · $100,000–$130,000 / year · Lever
Job facts
| Field | Value |
|---|---|
| Company | Thinkahead |
| Title | Security Engineer |
| Normalized title | - |
| Department / team | ( Managed Services ) / MS Security |
| Location | United States |
| Work model | Remote / Remote |
| Employment type | Managed Services |
| Salary | $100,000–$130,000 / year |
| Status | deleted |
| ATS provider | Lever |
| Posted / first seen | 2026-03-27 / 2026-05-29 |
| Changed / last seen | 2026-06-06 / 2026-06-03 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Thinkahead. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Lever. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| Department jobs | Active postings in ( Managed Services ). | Open |
| Work model jobs | Active Remote postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Thinkahead |
| Source | 0f5e4ba0-0b92-4f1e-b4d2-f592eac4abab |
| ATS provider | Lever |
Description
AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation.
At AHEAD, we prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD.
We are an equal opportunity employer, and do not discriminate based on an individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status, or any other protected characteristic under applicable law, whether actual or perceived.
We embrace all candidates that will contribute to the diversification and enrichment of ideas and perspectives at AHEAD.
The compensation range indicated in this posting reflects the On-Target Earnings (“OTE”) for this role, which includes a base salary and any applicable target bonus amount. This OTE range may vary based on the candidate’s relevant experience, qualifications, and geographic location.
Why AHEAD:
Through our daily work and internal groups like Moving Women AHEAD and RISE AHEAD, we value and benefit from diversity of people, ideas, experience, and everything in between.
We fuel growth by stacking our office with top-notch technologies in a multi-million-dollar lab, by encouraging cross department training and development, sponsoring certifications and credentials for continued learning.
USA Employment Benefits include:
- Medical, Dental, and Vision Insurance
- 401(k)
- Paid company holidays
- Paid time off
- Paid parental and caregiver leave
- Plus more! See benefits https://www.aheadbenefits.com/ for additional details.
Use of AI:
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, assessing responses, or to capture recordings and create transcriptions or summaries during interviews. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans.
If you would like more information about how your data is processed, please refer to the Candidate Privacy Notice or contact us at [email protected].
You may opt-out of the review or analysis of your application and resume by AI tools by using the General Application. Please include the role you wish to apply for in the Additional Information field. You may also choose to opt-out of recording and transcription at any time, including after joining an interview. Candidates will not be penalized for choosing to opt-out.
The Managed Security Team at AHEAD monitors client environments and performs Incident Detection, Validation, and Reporting. The Dedicated Security Engineer will be responsible for the implementation and maintenance of our cloud-based SIEM Solutions and integrations with other technologies that support the Managed Security program’s success with a key AHEAD client. This is a client-facing, technical, hands-on position that requires someone with an understanding of the operations of a 24/7 SOC (Security Operations Center) and the needs of an enterprise cybersecurity team. We are looking for a candidate who has had a great deal of SIEM and security experience that will work closely with the client’s Security staff and with other highly technical members across multiple teams, both within AHEAD and the client, to continuously improve and enhance AHEAD’s Managed Security support to the customer. Incumbents will possess strong technical and analytical skills while providing accurate analysis of security related problems. They have a well-rounded networking background and are responsible for performing troubleshooting of client issues. This individual is user focused and works to resolve client needs in a timely manner. These needs may involve resolving hardware/software failures, investigating and responding to security threats, and making change requests to the security policy of company devices.
The Dedicated Security Engineer is responsible for the day-to-day management of the client instance of the SIEM platform used by the Managed Security Team to monitor the client environment and detect security threats including: index lifecycle management, data ingestion, normalization, and enrichment, dashboard design and creation, detection use case creation and tuning, and more. The Dedicated Security Engineer is expected to be familiar with a wide range of security tools and understand basic security fundamentals.
Role & Responsibilities:
Monitor and manage the health and performance of the client instance of AHEAD Managed Security SIEM platforms and deployed SIEM agents
Partner with client Security team and other AHEAD Managed Security and in the design and implementation of new data visualizations and custom detection rules
Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility
Attend client-facing security meetings and provide updates to SOC metrics, ongoing projects, and technical issues
Join incident bridges in response to IT or security incidents to provide an expert opinion and assistance with querying available log data related to the incident
Engage with client security and IT infrastructure teams for new data source onboarding activities, including ingestion, normalization, and enrichment through various ingestion methods
Assist with planning, implementation, and validation of changes applied by AHEAD or client infrastructure teams to remediate penetration test findings
Provide evidence required to support the completion of audit and compliance questionnaires, as it applies to AHEAD support to the client
Perform configuration and content development including index lifecycle management, data ingestion, detection rule tuning and more within the SIEM platform
Perform robust capacity planning activities within SIEM platform to ensure data source ingestion remains within contracted scope
Partner with AHEAD Managed Security SOAR engineering resources for integrations and security incident investigation workflow design and continuous improvement
Data mining of log sources to uncover and investigate anomalous activity, along with related items of interest
Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall Managed Security functions
Position Requirements:
Experience with Elastic Security and all its components (Elasticsearch, Logstash, Kibana, Filebeat, Elastic Agent)
SIEM administration, configuration experience
Experience writing tools to automate tasks and integrate systems in Python or other language
The ability to think creatively to find elegant solutions to complex problems
Excellent verbal and written communication skills
Incident handling/response experience
The desire to work both independently and collaboratively with a larger team
A willingness to be challenged along with a strong appetite for learning
2-4 years of experience in Information Security, Incident Response, security automation, etc.
Hands-on experience with common security technologies (IDS, Firewall, SIEM, SOAR, EDR, etc.)
Knowledge of common security analysis tools & techniques
Understanding of common security threats, attack vectors, vulnerabilities, and exploits
Knowledge of regular expressions
Customer service focused and portrays energy, professionalism, and welcoming characteristics.
Strong ability to work in a highly sensitive and confidential environment.
Ability to meet deadlines and handle sensitive and pressured situations.
Ability to identify issues and help develop strategy and tactical plans for various department initiatives.
Ability to use good judgment and decision-making skills
Education:
Bachelors Degree in Computer Science, Information Security or related/equivalent educational or work experience
One or more of the following certifications: CISSP, GCIA, GCIH, GPYC, GMON, GCDA, Elastic Certified Engineer
Full job record
| Job ID | f246ec66b0673c12ca8cdcca84f0248d7b350091 |
| Org ID | 1b26d76d-53fc-4e6f-a686-eed575e8f759 |
| Source ID | 0f5e4ba0-0b92-4f1e-b4d2-f592eac4abab |
| Board ID | 0f5e4ba0-0b92-4f1e-b4d2-f592eac4abab |
| Provider | lever |
| Provider Job Key | b6849862-d885-414b-b035-46c7a29d1b18 |
| Title | Security Engineer |
| Normalized Title | — |
| Status | deleted |
| Active | no |
| Location Text | United States |
| Department | ( Managed Services ) |
| Team | MS Security |
| Employment Type | Managed Services |
| Workplace Type | remote |
| Remote Policy | remote |
| Country | United States |
| Region | — |
| City | — |
| Salary Raw | USD 100000-130000 per-year-salary |
| Salary Min | 100,000 |
| Salary Max | 130,000 |
| Salary Currency | USD |
| Salary Period | year |
| Source URL | https://jobs.lever.co/thinkahead/b6849862-d885-414b-b035-46c7a29d1b18 |
| Apply URL | https://jobs.lever.co/thinkahead/b6849862-d885-414b-b035-46c7a29d1b18/apply |
| First Seen At | 2026-05-29 07:07:37Z |
| Last Seen At | 2026-06-03 12:23:55Z |
| Last Checked At | 2026-06-06 07:55:19Z |
| Last Changed At | 2026-06-06 07:55:19Z |
| Inactive At | 2026-06-06 07:55:19Z |
| Source Posted At | 2026-03-27 15:48:36Z |
| Source Updated At | — |
| Raw Payload Uri | s3://bluework-jobs-prod-raw-590183727216/raw/provider=lever/board=thinkahead/date=2026-06-03/2026-06-03T12-23-54-417Z-e5b5e331e674d9901c135f8bb5891a11bd0381409c69cd45186de31f8a04cdf5.json |
Event Fields
{
"content_hash": "cbe99b9c7f25928a8b080edfe8e1561127a71d8137163bc9bb7a63ef2fdd5b95",
"source_hash": "6c08bde84cf5c561e037ccdeab101be4b29813beb2aa97279fcc4ace5a1f0e2e",
"last_changed_at": "2026-06-06T07:55:19.522Z",
"active_status": "deleted"
}Parsed Structured
{
"language": "en",
"location": {
"raw": "United States",
"city": null,
"region": null,
"country": "United States",
"is_remote": true,
"confidence": 0.95
},
"salary_max": 130000,
"salary_min": 100000,
"inferred_at": "2026-06-03T12:23:55.439Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "United States",
"city": null,
"region": null,
"country": "United States",
"is_remote": true,
"confidence": 0.95
},
"countries": [
"United States"
]
},
"remote_policy": "remote",
"salary_period": "year",
"workplace_type": "remote",
"salary_currency": "USD"
}Extensions
{}Native Structured
{
"lists": [
{
"text": "",
"content": "<div>\n<p style=\"line-height: normal; margin: 0in 0in 8pt; font-size: 11pt; font-family: Calibri, sans-serif;\">The Managed Security Team at AHEAD monitors client environments and performs Incident Detection, Validation, and Reporting. The <strong>Dedicated Security Engineer</strong> will be responsible for the implementation and maintenance of our cloud-based SIEM Solutions and integrations with other technologies that support the Managed Security program’s success with a key AHEAD client. This is a client-facing, technical, hands-on position that requires someone with an understanding of the operations of a 24/7 SOC (Security Operations Center) and the needs of an enterprise cybersecurity team. We are looking for a candidate who has had a great deal of SIEM and security experience that will work closely with the client’s Security staff and with other highly technical members across multiple teams, both within AHEAD and the client, to continuously improve and enhance AHEAD’s Managed Security support to the customer. Incumbents will possess strong technical and analytical skills while providing accurate analysis of security related problems. They have a well-rounded networking background and are responsible for performing troubleshooting of client issues. This individual is user focused and works to resolve client needs in a timely manner. These needs may involve resolving hardware/software failures, investigating and responding to security threats, and making change requests to the security policy of company devices.</p>\n<p style=\"line-height: normal; margin: 0in 0in 8pt; font-size: 11pt; font-family: Calibri, sans-serif;\">The <strong>Dedicated Security Engineer</strong> is responsible for the day-to-day management of the client instance of the SIEM platform used by the Managed Security Team to monitor the client environment and detect security threats including: index lifecycle management, data ingestion, normalization, and enrichment, dashboard design and creation, detection use case creation and tuning, and more. The Dedicated Security Engineer is expected to be familiar with a wide range of security tools and understand basic security fundamentals.</p>\n</div>"
},
{
"text": "Role & Responsibilities:",
"content": "<div>\n<ul style=\"margin-bottom: 0in; margin-top: 0px;\">\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Monitor and manage the health and performance of the client instance of AHEAD Managed Security SIEM platforms and deployed SIEM agents</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Partner with client Security team and other AHEAD Managed Security and in the design and implementation of new data visualizations and custom detection rules</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Attend client-facing security meetings and provide updates to SOC metrics, ongoing projects, and technical issues</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Join incident bridges in response to IT or security incidents to provide an expert opinion and assistance with querying available log data related to the incident</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Engage with client security and IT infrastructure teams for new data source onboarding activities, including ingestion, normalization, and enrichment through various ingestion methods</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Assist with planning, implementation, and validation of changes applied by AHEAD or client infrastructure teams to remediate penetration test findings</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Provide evidence required to support the completion of audit and compliance questionnaires, as it applies to AHEAD support to the client</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Perform configuration and content development including index lifecycle management, data ingestion, detection rule tuning and more within the SIEM platform</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Perform robust capacity planning activities within SIEM platform to ensure data source ingestion remains within contracted scope</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Partner with AHEAD Managed Security SOAR engineering resources for integrations and security incident investigation workflow design and continuous improvement</li>\n<li style=\"line-height: normal; margin: 0in 0in 0in 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Data mining of log sources to uncover and investigate anomalous activity, along with related items of interest</li>\n<li style=\"line-height: normal; margin: 0in 0in 8pt 24px; font-size: 11pt; font-family: Calibri, sans-serif;\">Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall Managed Security functions</li>\n\n</ul></div>"
},
{
"text": "Position Requirements:",
"content": "<div>\n<ul style=\"margin-bottom: 0in; margin-top: 0px;\">\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Experience with Elastic Security and all its components (Elasticsearch, Logstash, Kibana, Filebeat, Elastic Agent)</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">SIEM administration, configuration experience</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Experience writing tools to automate tasks and integrate systems in Python or other language</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">The ability to think creatively to find elegant solutions to complex problems</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Excellent verbal and written communication skills</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Incident handling/response experience</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">The desire to work both independently and collaboratively with a larger team</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">A willingness to be challenged along with a strong appetite for learning</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">2-4 years of experience in Information Security, Incident Response, security automation, etc.</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Hands-on experience with common security technologies (IDS, Firewall, SIEM, SOAR, EDR, etc.)</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Knowledge of common security analysis tools & techniques</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Understanding of common security threats, attack vectors, vulnerabilities, and exploits</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Knowledge of regular expressions</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Customer service focused and portrays energy, professionalism, and welcoming characteristics.</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Strong ability to work in a highly sensitive and confidential environment.</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Ability to meet deadlines and handle sensitive and pressured situations.</li>\n<li style=\"margin: 0in 0in 0in 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Ability to identify issues and help develop strategy and tactical plans for various department initiatives.</li>\n<li style=\"margin: 0in 0in 8pt 24px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\">Ability to use good judgment and decision-making skills</li>\n\n</ul></div>"
},
{
"text": "Education:",
"content": "<div>\n<ul style=\"margin-bottom: 0in; margin-top: 0px;\">\n<li style=\"line-height: normal; margin: 0in 0in 0in 0px; font-size: 11pt; font-family: Calibri, sans-serif;\">Bachelors Degree in Computer Science, Information Security or related/equivalent educational or work experience</li>\n<li style=\"line-height: normal; margin: 0in 0in 8pt 0px; font-size: 11pt; font-family: Calibri, sans-serif;\">One or more of the following certifications: CISSP, GCIA, GCIH, GPYC, GMON, GCDA, Elastic Certified Engineer</li>\n\n</ul></div>"
}
],
"country": "US",
"createdAt": 1774626516431,
"updatedAt": null,
"categories": {
"team": "MS Security",
"location": "United States",
"commitment": "Managed Services",
"department": "( Managed Services )",
"allLocations": [
"United States"
]
},
"salaryRange": {
"max": 130000,
"min": 100000,
"currency": "USD",
"interval": "per-year-salary"
},
"workplaceType": "remote"
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/f246ec66b0673c12ca8cdcca84f0248d7b350091?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/1b26d76d-53fc-4e6f-a686-eed575e8f759JSONGET https://api.bluedoor.sh/job-postings/v1/sources/0f5e4ba0-0b92-4f1e-b4d2-f592eac4ababJSONGET https://api.bluedoor.sh/job-postings/v1/jobs/f246ec66b0673c12ca8cdcca84f0248d7b350091/eventsJSON