What You Will Do

You will own both the detection & response layer and the cloud infrastructure security foundation at Plaud — two domains that must operate in lockstep to deliver SOC 2 Type II audit readiness by Q4 2026.

• Cloud & Infrastructure Security — Remediate credential exposure across AWS/GCP production environments, deploy and tune CSPM across all accounts, embed IaC security gates (Checkov/Terraform) into CI/CD, and implement Zero Standing Privileges via JIT/CIEM.
• SIEM Build & Detection Engineering — Deploy the SIEM platform and author 30+ MITRE ATT&CK‑mapped detection rules spanning cloud telemetry, endpoint, and SaaS — with ongoing tuning to reduce false positives and maintain coverage fidelity.
• Incident Response — Own the IR lifecycle end‑to‑end: develop playbooks across a minimum of 4 incident categories, lead cross‑functional response for P1/P2 events, and drive MTTD to ≤60 minutes.
• SOC 2 TII Operational Evidence ...