Semrush is a brand visibility platform, empowering marketers to command their online presence and create measurable impact. We unify SEO authority and AI visibility, so brands are found, cited, and chosen everywhere search happens. That’s how Semrush gained the trust of over 28 million users—from scaling startups to Fortune 500 companies.

Here, you own the way you work, but we move as one unbeatable team.

We don’t just lead the market, we’re busy creating the world where Semrush is an unfair advantage for every marketer.

We move fast in ways to help you grow. Here, you have room to experiment, keep what works, and learn quickly from what doesn’t.

Ready to share our ambition and make an impact? Then, this role may be for you.

About the role

Incident Response Ownership

• Own and continuously improve the Security Incident Response process end-to-end.

• Act as Incident Commander for high-severity security incidents.

• Serve as Security Lead in cross-functional incidents with a security impact.
  Ensure clear coordination, communication, and stakeholder alignment during incidents.

• Own post-incident reviews, including root cause analysis, action item definition, and tracking to completion.

• Maintain and evolve incident documentation standards, runbooks governance, and response playbooks oversight.

• Ensure appropriate escalation handling for high-severity incidents outside business hours on a best-effort basis.

Security Monitoring & Detection Oversight

• Own the Security Monitoring process, ensuring alert quality, signal-to-noise balance, and operational efficiency.

• Oversee Detection Engineering as a managed process, including prioritization, quality control, and alignment with threat landscape.

• Ensure effective integration of Threat Intelligence into detection and response workflows.

• Own Log Management from an operational perspective, including logging requirements, coverage, ingestion health, and data quality oversight.

• Coordinate response to logging-related incidents affecting monitoring capabilities.

Metrics & Operational Accountability

• Own the SOC operational metrics framework.

• Be accountable for key performance indicators including:

  • Alert response times (MTTA)

  • Mean Time to Contain and incident lifecycle efficiency

  • Incident SLO adherence

  • Alert quality and false positive reduction

  • Monitoring coverage and logging health indicators

• Drive metric-based prioritization and improvements across SOC processes.

• Provide structured reporting to leadership on SOC performance and risks.

Team Leadership & People Management

• Lead a lean SOC team composed of Analysts and a Security Data Engineer.

• Conduct performance reviews and regular one-to-ones.

• Own individual development plans and learning roadmaps for team members.

• Manage hiring, onboarding, staffing, and workload planning.

• Ensure sustainable coverage model and operational resilience.

• Conduct tabletop exercises and ensure team readiness for high-severity events.

• Foster a culture of accountability, continuous improvement, and operational discipline.

Operational Roadmap & Process Ownership

• Own the SOC operational roadmap and backlog.

• Prioritize initiatives based on risk, impact, and available resources.

• Manage operational trade-offs in a resource-constrained environment.

• Collaborate with internal stakeholders across Engineering, Product, and Corporate functions.

• Participate in vendor relationship oversight within the SOC technology stack.

• Support external audits such as SOC 2 and PCI DSS from an operational perspective, including process explanation and evidence coordination.

About you

Move together. Raise the bar. Learn fast—grow faster. That’s the default. And here’s what else is needed to succeed in this role:

• Strong experience in Security Operations and Incident Response management.

• Demonstrated experience coordinating high-severity security incidents.

• Solid understanding of Security Monitoring, Detection Engineering, and Log Management processes.

• Deep familiarity with SIEM platforms and security monitoring ecosystems.

• Strong understanding of alert lifecycle management and signal optimization.

• Experience working with threat intelligence integrations.

• Proven ability to operate in metric-driven operational environments.

• Experience interacting with auditors and supporting compliance processes such as SOC 2 or PCI DSS.

• Ability to manage processes end-to-end in a lean operational setting.

About the perks

• Unlimited PTO

• Hobby & team building budget allowance

• Employee Support Program

• Loss of family member financial aid

• Employee Resource Groups

A little more about us

Semrush (NYSE: SEMR) is the leading brand visibility platform, empowering marketers to command their online presence and create measurable impact.

Built on the industry’s most expansive proprietary dataset, Semrush delivers AI-driven insights across GEO, SEO, Agentic Search Optimization, content marketing, paid media, and social strategy. The company was founded in 2008 and is headquartered in Boston, MA with a global presence across North America, Europe and Asia.

We’ve built something people are proud to be part of. And the awards agree: Great Place to Work, DEI Workplace, Diversity Champion Award, International Inclusion Award, Most Women Friendly Employers, Best Place for Working Parents. All thanks to 1700+ employees who build the company every day.

About our Diversity, Equity, and Inclusion commitments

Semrush is an equal opportunity employer. Building a better future for marketers around the world unites people from all backgrounds. Even if you feel that you don’t 100% match all requirements, don’t be discouraged to apply! We are committed to ensure that everyone feels a sense of belonging in the workplace.

We do not discriminate based upon race, religion, creed, color, national origin, sex, pregnancy, sexual orientation, gender identity, gender expression, age, ancestry, physical or mental disability, or medical condition including medical characteristics, genetic identity, marital status, military service, or any other classification protected by applicable local, state or federal laws.

Ready to be a part of this mission? Join us!