Be an Early Applicant
We enable rapid analysis and management of the world’s largest datasets.
The Role
Lead the cybersecurity solutions practice as a player-coach: translate market and customer signals into product direction, design scalable telemetry ingestion, build detection and analytics (SQL/schema-level), run technical pilots with Sales, shape integrations and partner strategy, and help hire and scale the practice.
Summary Generated by Built In
About Ocient:
Ocient is building OcientAIQ™ – a complete ecosystem for delivering trusted agentic AI solutions at petabyte scale, for the organizations that can't afford to get AI wrong. Our customers protect networks, secure nations, and power the global economy. The problems we solve are genuinely hard, and the work matters.
Founded in 2016 by the team that built Cleversafe (acquired by IBM in 2015), Ocient is headquartered in Chicago with a remote-first global team. We are a carbon-neutral company backed by leading investors including Greycroft, OCA Ventures, In-Q-Tel, and Buoyant Ventures.
Job Title: Practice Leader, Cybersecurity Solutions
Location: Remote (US Only)
Travel up to 25-40%, concentrated around customer pilots and detection validation on-site
*We cannot sponsor or transfer any visas, of any kind now or in the future (ex. OPT, EAD, H1B, H4, etc.)*
Hiring Manager: Chief Solutions Officer
Estimated salary range:
Base: $300,000
Expected OTE: $400,000
• The salary offered for this position will be based on a candidate’s experience and skill demonstrated during interviews and other evaluations
Position Overview
Ocient's data engine already does something no other platform can: query petabytes of full-fidelity data in seconds, with nothing thrown away. We know precisely what that unlocks for cybersecurity — a long-retention, full-fidelity analytics layer that closes a gap every security team lives with today. We're moving into this market because we've done the work to know we can win it, and we know exactly the kind of technical leader it takes to get us there.
This role leads that effort as a player-coach, not a figurehead. You'll sit on the Solutions team and work day to day with Product, Engineering, and Sales — turning deep knowledge of the security ecosystem into product direction on one side, and a go-to-market motion Sales can run with confidence on the other. You need to be as comfortable down in the technical weeds — the schemas, the log formats, the detection logic, the integration pitfalls — as you are setting direction, because that's where this role earns its credibility with the team.
Together with Engineering, you'll tackle two connected problems: getting telemetry into Ocient cleanly, at scale, across the log types and standards our target industries run — and building what only Ocient's engine can unlock once it's there, from real-time detections pushed out to downstream tools to deep, longitudinal analytics nobody else can run. You'll help the team pin down exactly where Ocient fits — and wins — as a complementary, interoperable part of the security ecosystem.
Responsibilities
• Bridge Product/Engineering and Go-to-Market. Work daily with Product, Engineering, and Sales — turning market and customer signal into product direction, and product capability into a story Sales can sell with confidence.
• Bring the ecosystem knowledge that grounds every decision. Be the person in the room who knows the SIEM/EDR/SOAR/XDR landscape, the telemetry types, the log formats and schemas, and where the integration pitfalls actually are — and make sure the roadmap reflects how the ecosystem really works.
• Design the ingestion architecture, alongside Engineering. Work through how telemetry from the platforms and formats our target industries run gets into Ocient cleanly and at scale, without asking customers to rip out what they already have.
• Build the detection and analytics logic, hands-on. Get into the SQL and the schemas with the team to build what only Ocient's engine can unlock — real-time detections pushed to downstream tools, and deep tactical, operational, and strategic analytics nobody else can run.
• Make the work reusable. Build so what's developed for one engagement generalizes across every industry we're targeting, not just the one in front of you.
• Get in front of customers and partners. Lead technical evaluations and proof-of-value pilots directly, as the senior technical voice working alongside Sales.
• Shape the integration and partner strategy. Help decide how Ocient plugs into the tools security teams already run, and where partnerships make more sense than building everything ourselves.
• Help build the practice. Shape this practice's roadmap and its future hires as we grow the team.
Ideal Qualifications
• 10+ years in cybersecurity as an established industry veteran, with deep hands-on technical grounding (network security, SIEM/SOC operations, detection engineering) plus product, architecture, or solutions leadership experience.
• Comprehensive knowledge of the cybersecurity vendor and platform ecosystem — SIEM/SOAR, EDR/XDR platforms, and the log formats, schemas, and standards those platforms use.
• Deep understanding of core security telemetry types (network flow data, DNS, authentication/identity, endpoint, cloud audit, OT/ICS) and how they move through and between systems — including common integration pitfalls.
• Working fluency in SQL and comfort operating at the data layer — able to work directly alongside engineers on schema design, ingestion pipelines, and query performance.
• Proven ability to work as the connective tissue between technical and commercial teams — equally credible in the architecture with Engineering and in front of a customer with Sales.
• Experience across regulated, data-intensive industries such as financial services, telecommunications, energy/critical infrastructure, healthcare, or government/defense.
• Familiarity with the MITRE ATT&CK framework and behavioral/statistical detection methodology.
• Strong communicator, able to move fluidly between deep technical detail and executive-level narrative.
• Experience building a new practice, product line, or solutions function inside a larger organization is a strong plus.
An Exceptional Candidate Will Have
• Experience with agentic AI / LLM-based tooling applied to security operations or threat hunting.
• Familiarity with hyperscale or MPP data warehouse platforms.
• Experience as a solutions architect, forward-deployed engineer, or field CTO at a security or data infrastructure company.
• Experience with compliance-driven data retention requirements across regulated industries.
Interview Requirements: All interviews are conducted via video and require candidates to have their camera on for the duration of the session. The use of video filters, face-altering effects, or virtual backgrounds is not permitted for security and verification purposes.
We are not open to using an agency or staffing company at this time. We do not accept unsolicited agency or staffing resumes and we are not responsible for any fees related to unsolicited resumes.
Ocient is an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex (including pregnancy status), sexual orientation, gender identity, national origin or ancestry, ethnicity, citizenship status, age, physical or mental disability, veteran status, marital status, parental status, genetic information, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, please contact [email protected] for more information.
All official Ocient job postings and recruiting communications will come directly from our team via our Careers page, LinkedIn, or from an ocient.com email address. If you receive communication about a role from any other source, please treat it with caution and direct questions to [email protected].
Skills Required
- 10+ years in cybersecurity with deep hands-on technical grounding (network security, SIEM/SOC operations, detection engineering) plus product, architecture, or solutions leadership experience.
- Comprehensive knowledge of SIEM, SOAR, EDR, and XDR platforms, including log formats, schemas, and standards.
- Deep understanding of core security telemetry types (network flow, DNS, authentication/identity, endpoint, cloud audit, OT/ICS) and common integration pitfalls.
- Working fluency in SQL and comfort operating at the data layer, including schema design, ingestion pipelines, and query performance.
- Proven ability to act as connective tissue between technical and commercial teams; credible with Engineering and Sales.
- Experience across regulated, data-intensive industries (financial services, telecommunications, energy/critical infrastructure, healthcare, or government/defense).
- Familiarity with the MITRE ATT&CK framework and behavioral/statistical detection methodology.
- Strong communicator able to move between deep technical detail and executive-level narrative.
- Interviews conducted via video require candidate camera on; no video filters, face-altering effects, or virtual backgrounds.
- Experience building a new practice, product line, or solutions function inside a larger organization.
- Experience with agentic AI / LLM-based tooling applied to security operations or threat hunting.
- Familiarity with hyperscale or MPP data warehouse platforms.
- Experience as a solutions architect, forward-deployed engineer, or field CTO at a security or data infrastructure company.
- Experience with compliance-driven data retention requirements across regulated industries.
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Ocient is a Chicago-based, venture-funded startup building a SQL compliant, exabyte-scale database platform that achieves better performance than Hadoop and NoSQL systems. It is a distributed system optimized for NVMe drives, RDMA networks and high core count processors and is written in C++. We are led by a management team with seven successful st
Gallery






