Swoopd

Staff Security Engineer - Security Operations

Pantheon·Greenhouse
Dublin, IrelandPosted Jun 30, 2026
Open original posting

About Pantheon

Pantheon is the WebOps platform for websites that deliver extraordinary results. We believe in putting the magic of the internet in everyone’s hands. That’s why we’re so passionate about helping developers, IT and marketing develop, test, and release As a Staff Security Engineer, SecOps, you’ll be the strategic and technical anchor of Pantheon’s security operations function — setting the long-term direction for detection, response, and operational resilience while staying hands-on with the hardest engineering problems. This role operates at the intersection of architecture, program leadership, and deep technical execution: you will define how Pantheon detects and responds to threats at scale, own the maturity roadmap for the SecOps capability, and drive alignment across Engineering, Infrastructure, GRC, and executive leadership.

At the staff level, your impact extends beyond your own output. You’ll shape how the broader engineering organisation thinks about security, influence tooling and platform decisions across teams, and serve as a principal voice for SecOps in architectural and product discussions. You will also be Pantheon’s lead on EU regulatory requirements — NIS2, GDPR, and related frameworks — ensuring operational controls meet the bar required for a company operating in the Irish and broader European market.
Pantheon’s core values are Trust, Teamwork, Passion, and Customers First. We value individuality, humour, and balance, and we actively contribute to open-source communities. If you’re ready to own the security operations vision at a company that ships critical infrastructure for hundreds of thousands of sites, this is your role.

The Role

As a Senior Security Engineer, SecOps, you’ll be the backbone of Pantheon’s security operations — designing, implementing, and running the detection and response capabilities that keep our platform and customers safe. You will lead efforts in threat detection, incident response, and operational resilience, while driving automation and scalable processes to mature Pantheon’s security posture.

This is a hands-on role with leadership expectations: you’ll own key SecOps technologies, shape incident response strategy, and mentor engineers across teams in security best practices.

Pantheon’s core values are Trust, Teamwork, Passion, and Customers First. We value individuality, humor, and balance, and we actively contribute to open-source communities. If you’re excited about modern SecOps and thrive on solving complex security problems, this is the place for you.

What You'll Do

  • SecOps Strategy & Roadmap: Define, own, and execute a multi-year roadmap for Pantheon’s security operations capability — covering detection engineering, incident response, threat intelligence, exposure management, and abuse prevention. Translate security risk into prioritised engineering investments.
  • Architecture & Platform Ownership: Lead the architecture of Pantheon’s SecOps toolchain (SIEM, SOAR, EDR/XDR, cloud security posture, identity monitoring). Evaluate, select, and integrate security platforms with a focus on long-term scalability and operational efficiency.
  • Threat Detection at Scale: Drive the detection engineering programme — building a library of high-fidelity, low-noise detections mapped to MITRE ATT&CK, tuned across cloud, endpoint, and identity surfaces. Establish the methodology and standards the team operates against.
  • Incident Response Leadership: Own the incident response programme end-to-end: playbooks, runbooks, severity frameworks, post-incident reviews, and continuous improvement cycles. Lead response for the most complex and critical incidents; serve as technical escalation path for the team.
  • Threat Intelligence Programme: Build and operate a structured threat intelligence capability — ingesting, contextualising, and operationalising intelligence from internal telemetry, commercial feeds, ISACs, and open-source sources to inform detection and response priorities.
  • Automation & Engineering Excellence: Architect and deliver scalable automation across alert triage, enrichment, investigation, and response using SOAR, APIs, and scripting. Raise the engineering bar for how SecOps builds and maintains its tooling.
  • EU Regulatory & Compliance Leadership: Serve as the SecOps subject matter expert for GDPR, NIS2, and relevant EU and Irish regulatory obligations. Partner with GRC and Legal to ensure operational controls satisfy audit, regulatory, and contractual requirements — including SOC 2, PCI DSS, and NIST CSF.
  • Vulnerability & Exposure Management: Define the programme strategy for vulnerability triage, prioritisation, and remediation SLAs in partnership with Engineering and Infrastructure. Drive down mean time to remediation through automation and clear ownership models.
  • Abuse & Fraud Prevention: Own the technical strategy for abuse monitoring — credential attacks, account takeover, platform misuse — designing controls that scale with Pantheon’s customer growth.
  • Business Resilience: Lead SecOps participation in business continuity and disaster recovery planning. Design and run tabletop exercises, red team collaboration, and resilience testing programmes.
  • Executive Communication: Produce programme-level metrics, risk narratives, and strategic briefings for senior leadership and the board. Translate operational data into business risk language.
  • Engineering Enablement & Mentorship: Set the technical standard for SecOps practices across Pantheon. Mentor senior and mid-level engineers, run security training programmes, and embed security thinking in engineering teams through pairing, review, and design consultation.

What You Bring to the Table

  • 10+ years of experience in information security, with 7+ years focused on security operations — spanning detection engineering, incident response, threat hunting, or SecOps programme leadership.
  • Deep expertise in architecting and operating enterprise-grade SIEM and SOAR platforms at scale (e.g., Chronicle, Splunk, Elastic SIEM, Palo Alto XSOAR, Tines).
  • Strong hands-on background in cloud-native security across GCP and/or AWS — including logging pipelines, cloud security posture management, and IAM monitoring.
  • Expert-level knowledge of attack techniques and threat actor tradecraft (MITRE ATT&CK, MITRE D3FEND) and the ability to translate that into detection logic and response procedures.
  • Demonstrated experience leading major incident response — including managing stakeholders, running cross-functional war rooms, and driving post-incident improvement.
  • Proficiency in scripting and automation (Python, Bash, or equivalent) applied to security engineering problems — not just tooling configuration.
  • Experience owning or materially contributing to EU regulatory compliance requirements (GDPR, NIS2) from an operational security perspective.
  • Track record of influencing technical direction beyond your immediate team — through design reviews, architecture documents, or cross-functional programme leadership.
  • Excellent written and verbal communication skills with the ability to present technical risk clearly to both engineering audiences and executive leadership.

Preferred Experience

  • Holding one or more recognized security certifications: CISSP, CISM, GIAC (GCIA, GCED, GREM, GDAT), OSCP, or a cloud security specialty certification (GCP Professional Cloud Security Engineer, AWS Security Specialty).
  • Experience building or scaling a detection engineering programme from the ground up, including establishing detection coverage metrics and a continuous improvement cadence.
  • Hands-on with threat intelligence platforms (e.g., Recorded Future, Mandiant Advantage) and structured intelligence lifecycle management.
  • Background in abuse monitoring, phishing detection, and takedown coordination with registrars, hosting providers, and law enforcement.
  • Exposure to bug bounty programme operations and red team/purple team collaboration to validate detection coverage.
  • Experience managing security vendor relationships, running RFPs, and making build-vs-buy decisions for operational tooling.
  • Prior experience working within the Irish or EU regulatory environment — familiarity with the Data Protection Commission (DPC), NIS2 obligations for essential/important entities, or ENISA guidance is a plus.

Working At Pantheon From Ireland

This role is based in Ireland and can be performed remotely within the country. Pantheon has a distributed engineering culture — you’ll collaborate primarily with teams in North America and Europe, which means some scheduling flexibility is expected for cross-timezone standups and incident response. Pantheon complies with all applicable Irish employment law including statutory leave entitlements, and compensation is benchmarked to the Irish market.

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free