A10 Networks, Inc
Join to apply for the
Cybersecurity Lead
role at
A10 Networks, Inc .
The Cybersecurity Lead serves as a hands‑on technical leader responsible for uniting offensive and defensive security operations to continually improve the company’s ability to detect, respond to, and recover from cyber threats. This role will lead the Blue Team in managing and enhancing security monitoring tools, detection pipelines, and incident response processes, while also coordinating Red Team simulations that measure and improve the company’s defensive posture.
Reporting to the Director of Cybersecurity, this leader bridges strategy and execution driving the mission to emulate adversaries, strengthen controls, and transform findings into actionable defense improvements.
Key Responsibilities Blue Team Operations and Tool Management
Lead and oversee the management, configuration, and tuning of security detection and response platforms, including:
SIEM (e.g., Splunk, PANW, or Azure Sentinel)
EDR/XDR (e.g., CrowdStrike, SentinelOne, Microsoft Defender)
SOAR automation platforms
Network IDS/IPS, NDR, and threat intelligence platforms (TIPs)
Ensure all detection tools are integrated for end‑to‑end visibility across endpoints, cloud environments, and production systems
Define standards for log collection, parsing, and correlation to enhance alert accuracy and reduce false positives
Drive continuous tuning of detection rules, signatures, and use cases to align with MITRE ATT&CK and emerging threats
Collaborate with IT and Engineering teams to ensure security telemetry is fully integrated into cloud and CI/CD environments
Oversee threat hunting, alert triage, and incident response playbook execution across the security stack
Partner with DevOps and infrastructure teams to embed security monitoring hooks into hybrid environments and new deployments
Red Team and Offensive Security
Design and conduct controlled adversary emulation exercises to test detection and response capabilities
Execute attack chains including phishing, privilege escalation, persistence, and lateral movement using real-world TTPs
Develop and maintain custom adversary scripts and payloads to simulate targeted threats
Provide detailed post‑exercise reports with actionable defensive improvement recommendations
Collaborate with Blue Team engineers to operationalize detections based on Red Team findings
Incident Response and Continuous Improvement
Lead or co‑lead major incident response efforts, coordinating containment, investigation, and recovery
Build and maintain detailed incident response runbooks, integrating lessons learned from purple team exercises
Conduct root cause analysis and lead retrospectives that drive measurable improvements in detection and resilience
Integrate threat intelligence and forensic insights into detection content and defensive playbooks
Plan and execute adversarial simulations that validate threat detection, alert fidelity, and incident response readiness
Develop the roadmap for continuous improvement of detection coverage, response automation, and control validation
Serve as a technical escalation point for complex investigations, guiding both Red and Blue Team staff
Translate technical results into executive‑level insights that demonstrate risk reduction and readiness improvement
Qualifications
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
8+ years of cybersecurity experience, with proven leadership across Blue, Red, or Purple Team operations
Demonstrated ownership of enterprise security detection tools, including SIEM, EDR/XDR, SOAR, and threat intel platforms
Strong understanding of MITRE ATT&CK, Cyber Kill Chain, and threat emulation frameworks
Deep technical expertise in one or more of the following areas:
Endpoint and network forensics
Cloud security monitoring (AWS, Azure, GCP)
Scripting and automation (Python, PowerShell, Bash)
Security engineering in hybrid or production environments
Proven ability to lead incident response and purple team exercises from start to finish
Certifications such as OSCP, GCFA, GCIH, GPEN, GXPN, or GCTI highly desirable
Strong communication and leadership skills, with ability to engage both executive stakeholders and technical teams
Preferred Experience
Experience in enterprise or production‑scale environments, ideally within SaaS, networking, or hybrid cloud infrastructures
Familiarity with DevSecOps practices, CI/CD pipeline security, and cloud‑native monitoring
Prior experience mentoring Blue Team analysts and managing tool life cycles and vendor relationships
Exposure to purple team automation frameworks (e.g., AttackIQ, Caldera, Scythe)
Why Join Us This role sits at the intersection of offensive and defensive cybersecurity where every exercise directly strengthens the company’s real‑world resilience. As Cybersecurity Lead, you’ll shape how attacks are simulated, how detections evolve, and how incidents are contained ensuring the organization stays one step ahead of its adversaries.
A10 Networks is an equal opportunity employer and a VEVRAA federal subcontractor. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. A10 also complies with all applicable state and local laws governing nondiscrimination in employment.
Hybrid work model.
Targeted compensation guideline: $140,000 - $185,000. Compensation will vary based on number of factors, including market demand for specific skills, role type, job level, and individual qualifications. Final salary offers are determined by considerations including, but not limited to, subject matter expertise, demonstrated skill level, relevant experience, geographic location, education, certifications, and training.
#J-18808-Ljbffr
Cybersecurity Lead
role at
A10 Networks, Inc .
The Cybersecurity Lead serves as a hands‑on technical leader responsible for uniting offensive and defensive security operations to continually improve the company’s ability to detect, respond to, and recover from cyber threats. This role will lead the Blue Team in managing and enhancing security monitoring tools, detection pipelines, and incident response processes, while also coordinating Red Team simulations that measure and improve the company’s defensive posture.
Reporting to the Director of Cybersecurity, this leader bridges strategy and execution driving the mission to emulate adversaries, strengthen controls, and transform findings into actionable defense improvements.
Key Responsibilities Blue Team Operations and Tool Management
Lead and oversee the management, configuration, and tuning of security detection and response platforms, including:
SIEM (e.g., Splunk, PANW, or Azure Sentinel)
EDR/XDR (e.g., CrowdStrike, SentinelOne, Microsoft Defender)
SOAR automation platforms
Network IDS/IPS, NDR, and threat intelligence platforms (TIPs)
Ensure all detection tools are integrated for end‑to‑end visibility across endpoints, cloud environments, and production systems
Define standards for log collection, parsing, and correlation to enhance alert accuracy and reduce false positives
Drive continuous tuning of detection rules, signatures, and use cases to align with MITRE ATT&CK and emerging threats
Collaborate with IT and Engineering teams to ensure security telemetry is fully integrated into cloud and CI/CD environments
Oversee threat hunting, alert triage, and incident response playbook execution across the security stack
Partner with DevOps and infrastructure teams to embed security monitoring hooks into hybrid environments and new deployments
Red Team and Offensive Security
Design and conduct controlled adversary emulation exercises to test detection and response capabilities
Execute attack chains including phishing, privilege escalation, persistence, and lateral movement using real-world TTPs
Develop and maintain custom adversary scripts and payloads to simulate targeted threats
Provide detailed post‑exercise reports with actionable defensive improvement recommendations
Collaborate with Blue Team engineers to operationalize detections based on Red Team findings
Incident Response and Continuous Improvement
Lead or co‑lead major incident response efforts, coordinating containment, investigation, and recovery
Build and maintain detailed incident response runbooks, integrating lessons learned from purple team exercises
Conduct root cause analysis and lead retrospectives that drive measurable improvements in detection and resilience
Integrate threat intelligence and forensic insights into detection content and defensive playbooks
Plan and execute adversarial simulations that validate threat detection, alert fidelity, and incident response readiness
Develop the roadmap for continuous improvement of detection coverage, response automation, and control validation
Serve as a technical escalation point for complex investigations, guiding both Red and Blue Team staff
Translate technical results into executive‑level insights that demonstrate risk reduction and readiness improvement
Qualifications
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
8+ years of cybersecurity experience, with proven leadership across Blue, Red, or Purple Team operations
Demonstrated ownership of enterprise security detection tools, including SIEM, EDR/XDR, SOAR, and threat intel platforms
Strong understanding of MITRE ATT&CK, Cyber Kill Chain, and threat emulation frameworks
Deep technical expertise in one or more of the following areas:
Endpoint and network forensics
Cloud security monitoring (AWS, Azure, GCP)
Scripting and automation (Python, PowerShell, Bash)
Security engineering in hybrid or production environments
Proven ability to lead incident response and purple team exercises from start to finish
Certifications such as OSCP, GCFA, GCIH, GPEN, GXPN, or GCTI highly desirable
Strong communication and leadership skills, with ability to engage both executive stakeholders and technical teams
Preferred Experience
Experience in enterprise or production‑scale environments, ideally within SaaS, networking, or hybrid cloud infrastructures
Familiarity with DevSecOps practices, CI/CD pipeline security, and cloud‑native monitoring
Prior experience mentoring Blue Team analysts and managing tool life cycles and vendor relationships
Exposure to purple team automation frameworks (e.g., AttackIQ, Caldera, Scythe)
Why Join Us This role sits at the intersection of offensive and defensive cybersecurity where every exercise directly strengthens the company’s real‑world resilience. As Cybersecurity Lead, you’ll shape how attacks are simulated, how detections evolve, and how incidents are contained ensuring the organization stays one step ahead of its adversaries.
A10 Networks is an equal opportunity employer and a VEVRAA federal subcontractor. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. A10 also complies with all applicable state and local laws governing nondiscrimination in employment.
Hybrid work model.
Targeted compensation guideline: $140,000 - $185,000. Compensation will vary based on number of factors, including market demand for specific skills, role type, job level, and individual qualifications. Final salary offers are determined by considerations including, but not limited to, subject matter expertise, demonstrated skill level, relevant experience, geographic location, education, certifications, and training.
#J-18808-Ljbffr