Description du poste
<p>Squarespace is seeking a skilled and detail-oriented technical leader to own the day-to-day operations of our Detection and Incident Response team. Reporting to the VP of Security / CISO, you will be the driving force behind our SIEM and SOAR capabilities and incident response program. You’ll partner with teams throughout Squarespace to improve how we spot and respond to threats, leading the group that identifies and handles security threats as they happen.</p> <h2><strong>You’ll Get To…</strong></h2> <ul> <li>Contribute to define, collect, and analyze security KPIs and KRIs for the security organization.&nbsp;&nbsp;</li> <li><strong>Develop and implement a comprehensive detection and response strategy and roadmap</strong> aligned with Squarespace's overall business objectives and risk appetite. This goes beyond just "implementing new security programs" to encompass a holistic vision.</li> <li><strong>Oversee the Security Operations Center (SOC) activities, including threat detection, monitoring, analysis, and proactive hunting, ensuring 24/7/365 coverage as appropriate.</strong></li> <li><strong>Own the health and effectiveness of the SIEM and SOAR platforms, </strong>ensuring high-quality data ingestion, alert tuning, and automated response logic. x</li> <li><strong>Establish and maintain a robust incident response program</strong>, including defining incident playbooks, leading major incident investigations, and conducting post-incident reviews to drive continuous improvement.</li> <li><strong>Design and lead regular tabletop exercises</strong> to test the organization’s readiness for various incident scenarios.&nbsp;</li> <li><strong>Serve as the Incident Commander for major security events,</strong> coordinating with teams such as Legal, Commun