I'm currently a security engineer with a little over a decade of IT experience, I think around 7 of that as a security engineer. My current title is Sr. Security Engineer. I'm at a point where I would like a lead role for a variety of reasons and the CTO is open to creating a team that I would have a leadership role in. He's looking to create an IAM team sometime in the near future and indicated that was an option, he also expressed that if there were other ideas I have that he would be open to them. One idea I am floating in my head is to create a team that does threat hunting and post incident/event analysis to bridge various gaps in our processes. Would it be a mistake to propose this? What would be better from a career perspective someone with engineering and soc experience as the threat hunting team lead or to be an engineer and then lead an IAM focused team?